[Git][security-tracker-team/security-tracker][master] Add CVE-2025-27558 and track mitigations in Linux

Fri Jul 18 06:21:21 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
94b8768c by Salvatore Bonaccorso at 2025-07-18T07:20:44+02:00
Add CVE-2025-27558 and track mitigations in Linux

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -16603,7 +16603,10 @@ CVE-2025-27804 (Several OS command injection vulnerabilities exist in the device
 CVE-2025-27803 (The devices do not implement any authentication for the web interface  ...)
 	NOT-FOR-US: eCharge Hardy Barth charging stations
 CVE-2025-27558 (IEEE P802.11-REVme D1.1 through D7.0 allows FragAttacks against mesh n ...)
-	TODO: check
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/737bb912ebbe4571195c56eba557c4d7315b26fb (6.16-rc6)
+	NOTE: https://papers.mathyvanhoef.com/wisec2025.pdf
+	NOTE: https://github.com/vanhoefm/fragattacks-survey-public/blob/main/README.md#mesh-vulnerability
 CVE-2025-25539 (Local File Inclusion vulnerability in Vasco v3.14and before allows a r ...)
 	NOT-FOR-US: Vasco
 CVE-2025-20267 (A vulnerability in the web-based management interface of Cisco Identit ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94b8768c2d915c83a6babe335c83874710214e03

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/94b8768c2d915c83a6babe335c83874710214e03
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250718/66ae2d63/attachment.htm>
