[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Jul 10 11:44:07 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
dd3474e8 by Salvatore Bonaccorso at 2025-07-10T12:43:43+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,98 @@
+CVE-2025-38348 [wifi: p54: prevent buffer-overflow in p54_rx_eeprom_readback()]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/da1b9a55ff116cb040528ef664c70a4eec03ae99 (6.16-rc1)
+CVE-2025-38347 [f2fs: fix to do sanity check on ino and xnid]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/061cf3a84bde038708eb0f1d065b31b7c2456533 (6.16-rc1)
+CVE-2025-38346 [ftrace: Fix UAF when lookup kallsym after ftrace disabled]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/f914b52c379c12288b7623bb814d0508dbe7481d (6.16-rc1)
+CVE-2025-38345 [ACPICA: fix acpi operand cache leak in dswstate.c]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/156fd20a41e776bbf334bd5e45c4f78dfc90ce1c (6.16-rc1)
+CVE-2025-38344 [ACPICA: fix acpi parse and parseext cache leaks]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/bed18f0bdcd6737a938264a59d67923688696fc4 (6.16-rc1)
+CVE-2025-38343 [wifi: mt76: mt7996: drop fragments with multicast or broadcast RA]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/80fda1cd7b0a1edd0849dc71403a070d0922118d (6.16-rc1)
+CVE-2025-38342 [software node: Correct a OOB check in software_node_get_reference_args()]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/31e4e12e0e9609850cefd4b2e1adf782f56337d6 (6.16-rc1)
+CVE-2025-38341 [eth: fbnic: avoid double free when failing to DMA-map FW msg]
+	- linux 6.12.35-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5bd1bafd4474ee26f504b41aba11f3e2a1175b88 (6.16-rc3)
+CVE-2025-38340 [firmware: cs_dsp: Fix OOB memory read access in KUnit test]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/fe6446215bfad11cf3b446f38b28dc7708973c25 (6.16-rc1)
+CVE-2025-38339 [powerpc/bpf: fix JIT code size calculation of bpf trampoline]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/59ba025948be2a92e8bc9ae1cbdaf197660bd508 (6.16-rc1)
+CVE-2025-38338 [fs/nfs/read: fix double-unlock bug in nfs_return_empty_folio()]
+	- linux 6.12.35-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4c10fa44bc5f700e2ea21de2fbae520ba21f19d9 (6.16-rc1)
+CVE-2025-38337 [jbd2: fix data-race and null-ptr-deref in jbd2_journal_dirty_metadata()]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/af98b0157adf6504fade79b3e6cb260c4ff68e37 (6.16-rc1)
+CVE-2025-38336 [ata: pata_via: Force PIO for ATAPI devices on VT6415/VT6330]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/d29fc02caad7f94b62d56ee1b01c954f9c961ba7 (6.16-rc3)
+CVE-2025-38335 [Input: gpio-keys - fix a sleep while atomic with PREEMPT_RT]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f4a8f561d08e39f7833d4a278ebfb12a41eef15f (6.16-rc1)
+CVE-2025-38334 [x86/sgx: Prevent attempts to reclaim poisoned pages]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/ed16618c380c32c68c06186d0ccbb0d5e0586e59 (6.16-rc1)
+CVE-2025-38333 [f2fs: fix to bail out in get_new_segment()]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/bb5eb8a5b222fa5092f60d5555867a05ebc3bdf2 (6.16-rc1)
+CVE-2025-38332 [scsi: lpfc: Use memcpy() for BIOS version]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/ae82eaf4aeea060bb736c3e20c0568b67c701d7d (6.16-rc1)
+CVE-2025-38331 [net: ethernet: cortina: Use TOE/TSO on all TCP]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/6a07e3af4973402fa199a80036c10060b922c92c (6.16-rc1)
+CVE-2025-38330 [firmware: cs_dsp: Fix OOB memory read access in KUnit test (ctl cache)]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/f4ba2ea57da51d616b689c4b8826c517ff5a8523 (6.16-rc1)
+CVE-2025-38329 [firmware: cs_dsp: Fix OOB memory read access in KUnit test (wmfw info)]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/d979b783d61f7f1f95664031b71a33afc74627b2 (6.16-rc1)
+CVE-2025-38328 [jffs2: check jffs2_prealloc_raw_node_refs() result in few other places]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/2b6d96503255a3ed676cd70f8368870c6d6a25c6 (6.16-rc1)
+CVE-2025-38327 [fgraph: Do not enable function_graph tracer when setting funcgraph-args]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/327e28664307d49ce3fa71ba30dcc0007c270974 (6.16-rc3)
+CVE-2025-38326 [aoe: clean device rq_list in aoedev_downdev()]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/7f90d45e57cb2ef1f0adcaf925ddffdfc5e680ca (6.16-rc3)
+CVE-2025-38325 [ksmbd: add free_transport ops in ksmbd connection]
+	- linux 6.12.35-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a89f5fae998bdc4d0505306f93844c9ae059d50c (6.16-rc3)
+CVE-2025-38324 [mpls: Use rcu_dereference_rtnl() in mpls_route_input_rcu().]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/6dbb0d97c5096072c78a6abffe393584e57ae945 (6.16-rc3)
+CVE-2025-38323 [net: atm: add lec_mutex]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/d13a3824bfd2b4774b671a75cf766a16637a0e67 (6.16-rc3)
+CVE-2025-38322 [perf/x86/intel: Fix crash in icl_update_topdown_event()]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b0823d5fbacb1c551d793cbfe7af24e0d1fa45ed (6.16-rc3)
+CVE-2025-38321 [smb: Log an error when close_all_cached_dirs fails]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/a2182743a8b4969481f64aec4908ff162e8a206c (6.16-rc3)
+CVE-2025-38320 [arm64/ptrace: Fix stack-out-of-bounds read in regs_get_kernel_stack_nth()]
+	- linux 6.12.35-1
+	NOTE: https://git.kernel.org/linus/39dfc971e42d886e7df01371cd1bef505076d84c (6.16-rc3)
 CVE-2025-7387 (The Lana Downloads Manager plugin for WordPress is vulnerable to Store ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-6976 (The Events Manager \u2013 Calendar, Bookings, Tickets, and more! plugi ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd3474e8d7eec1ddc7a4825be70897eeb81f802e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd3474e8d7eec1ddc7a4825be70897eeb81f802e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250710/aeb08e41/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list