[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Jun 18 13:56:12 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f8c13ece by Salvatore Bonaccorso at 2025-06-18T14:55:40+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,170 @@
+CVE-2025-38081 [spi-rockchip: Fix register out of bounds access]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/7a874e8b54ea21094f7fd2d428b164394c6cb316 (6.15-rc1)
+CVE-2025-38080 [drm/amd/display: Increase block_sequence array size]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/3a7810c212bcf2f722671dadf4b23ff70a7d23ee (6.15-rc1)
+CVE-2025-38079 [crypto: algif_hash - fix double free in hash_accept]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/b2df03ed4052e97126267e8c13ad4204ea6ba9b6 (6.15)
+CVE-2025-38078 [ALSA: pcm: Fix race of buffer access at PCM OSS layer]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/93a81ca0657758b607c3f4ba889ae806be9beb73 (6.15)
+CVE-2025-38077 [platform/x86: dell-wmi-sysman: Avoid buffer overflow in current_password_store()]
+	- linux 6.12.32-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4e89a4077490f52cde652d17e32519b666abf3a6 (6.15)
+CVE-2025-38076 [alloc_tag: allocate percpu counters for module tags dynamically]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/12ca42c237756182aad8ab04654c952765cb9061 (6.15)
+CVE-2025-38075 [scsi: target: iscsi: Fix timeout on deleted connection]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/7f533cc5ee4c4436cee51dc58e81dfd9c3384418 (6.15-rc4)
+CVE-2025-38074 [vhost-scsi: protect vq->log_used with vq->mutex]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/f591cf9fce724e5075cc67488c43c6e39e8cbe27 (6.15-rc4)
+CVE-2025-38073 [block: fix race between set_blocksize and read paths]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/c0e473a0d226479e8e925d5ba93f751d8df628e9 (6.15-rc4)
+CVE-2025-38072 [libnvdimm/labels: Fix divide error in nd_label_data_init()]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/ef1d3455bbc1922f94a91ed58d3d7db440652959 (6.15-rc1)
+CVE-2025-38071 [x86/mm: Check return value from memblock_phys_alloc_range()]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/631ca8909fd5c62b9fda9edda93924311a78a9c4 (6.15-rc1)
+CVE-2025-38070 [ASoC: sma1307: Add NULL check in sma1307_setting_loaded()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/0ec6bd16705fe21d6429d6b8f7981eae2142bba8 (6.15-rc1)
+CVE-2025-38069 [PCI: endpoint: pci-epf-test: Fix double free that causes kernel to oops]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/934e9d137d937706004c325fa1474f9e3f1ba10a (6.15-rc1)
+CVE-2025-38068 [crypto: lzo - Fix compression buffer overrun]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/cc47f07234f72cbd8e2c973cdbf2a6730660a463 (6.15-rc1)
+CVE-2025-38067 [rseq: Fix segfault on registration when rseq_cs is non-zero]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/fd881d0a085fc54354414aed990ccf05f282ba53 (6.15-rc1)
+CVE-2025-38066 [dm cache: prevent BUG_ON by blocking retries on failed device resumes]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/5da692e2262b8f81993baa9592f57d12c2703dea (6.15-rc1)
+CVE-2025-38065 [orangefs: Do not truncate file size]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/062e8093592fb866b8e016641a8b27feb6ac509d (6.15-rc1)
+CVE-2025-38064 [virtio: break and reset virtio devices on device_shutdown()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/8bd2fa086a04886798b505f28db4002525895203 (6.15-rc1)
+CVE-2025-38063 [dm: fix unconditional IO throttle caused by REQ_PREFLUSH]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/88f7f56d16f568f19e1a695af34a7f4a6ce537a6 (6.15-rc1)
+CVE-2025-38062 [genirq/msi: Store the IOMMU IOVA directly in msi_desc instead of iommu_cookie]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/1f7df3a691740a7736bbc99dc4ed536120eb4746 (6.15-rc1)
+CVE-2025-38061 [net: pktgen: fix access outside of user given buffer in pktgen_thread_write()]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/425e64440ad0a2f03bdaf04be0ae53dededbaa77 (6.15-rc1)
+CVE-2025-38060 [bpf: copy_verifier_state() should copy 'loop_entry' field]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/bbbc02b7445ebfda13e4847f4f1413c6480a85a9 (6.15-rc1)
+CVE-2025-38059 [btrfs: avoid NULL pointer dereference if no valid csum tree]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/f95d186255b319c48a365d47b69bd997fecb674e (6.15-rc6)
+CVE-2025-38058 [__legitimize_mnt(): check for MNT_SYNC_UMOUNT should be under mount_lock]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/250cf3693060a5f803c5f1ddc082bb06b16112a9 (6.15-rc6)
+CVE-2025-38057 [espintcp: fix skb leaks]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/63c1f19a3be3169e51a5812d22a6d0c879414076 (6.15)
+CVE-2025-38056 [ASoC: SOF: Intel: hda: Fix UAF when reloading module]
+	- linux 6.12.32-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7dd7f39fce0022b386ef1ea5ffef92ecc7dfc6af (6.15)
+CVE-2025-38055 [perf/x86/intel: Fix segfault with PEBS-via-PT with sample_freq]
+	- linux 6.12.32-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/99bcd91fabada0dbb1d5f0de44532d8008db93c6 (6.15-rc7)
+CVE-2025-38054 [ptp: ocp: Limit signal/freq counts in summary output functions]
+	- linux 6.12.32-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c9e455581e2ba87ee38c126e8dc49a424b9df0cf (6.15)
+CVE-2025-38053 [idpf: fix null-ptr-deref in idpf_features_check]
+	- linux 6.12.32-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2dabe349f7882ff1407a784d54d8541909329088 (6.15)
+CVE-2025-38052 [net/tipc: fix slab-use-after-free Read in tipc_aead_encrypt_done]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/e279024617134c94fd3e37470156534d5f2b3472 (6.15)
+CVE-2025-38051 [smb: client: Fix use-after-free in cifs_fill_dirent]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/a7a8fe56e932a36f43e031b398aef92341bf5ea0 (6.15)
+CVE-2025-38050 [mm/hugetlb: fix kernel NULL pointer dereference when replacing free hugetlb folios]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/113ed54ad276c352ee5ce109bdcf0df118a43bda (6.15)
+CVE-2025-38048 [virtio_ring: Fix data race by tagging event_triggered as racy for KCSAN]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/2e2f925fe737576df2373931c95e1a2b66efdfef (6.15-rc4)
+CVE-2025-38047 [x86/fred: Fix system hang during S4 resume with FRED enabled]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/e5f1e8af9c9e151ecd665f6d2e36fb25fec3b110 (6.15-rc1)
+CVE-2025-38046 [xen: Add support for XenServer 6.1 platform device]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/2356f15caefc0cc63d9cc5122641754f76ef9b25 (6.15-rc1)
+CVE-2025-38045 [wifi: iwlwifi: fix debug actions order]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/eb29b4ffafb20281624dcd2cbb768d6f30edf600 (6.15-rc1)
+CVE-2025-38044 [media: cx231xx: set device_caps for 417]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/a79efc44b51432490538a55b9753a721f7d3ea42 (6.15-rc1)
+CVE-2025-38043 [firmware: arm_ffa: Set dma_mask for ffa devices]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/cc0aac7ca17e0ea3ca84b552fc79f3e86fd07f53 (6.15-rc1)
+CVE-2025-38042 [dmaengine: ti: k3-udma-glue: Drop skip_fdq argument from k3_udma_glue_reset_rx_chn]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/0da30874729baeb01889b0eca16cfda122687503 (6.15-rc1)
+CVE-2025-38041 [clk: sunxi-ng: h616: Reparent GPU clock during frequency changes]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/eb963d7948ce6571939c6875424b557b25f16610 (6.15-rc1)
+CVE-2025-38040 [serial: mctrl_gpio: split disable_ms into sync and no_sync APIs]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/1bd2aad57da95f7f2d2bb52f7ad15c0f4993a685 (6.15-rc1)
+CVE-2025-38039 [net/mlx5e: Avoid WARN_ON when configuring MQPRIO with HTB offload enabled]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/689805dcc474c2accb5cffbbcea1c06ee4a54570 (6.15-rc1)
+CVE-2025-38038 [cpufreq: amd-pstate: Remove unnecessary driver_lock in set_boost]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/db1cafc77aaaf871509da06f4a864e9af6d6791f (6.15-rc1)
+CVE-2025-38037 [vxlan: Annotate FDB data races]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/f6205f8215f12a96518ac9469ff76294ae7bd612 (6.15-rc1)
+CVE-2025-38036 [drm/xe/vf: Perform early GT MMIO initialization to read GMDID]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/13265fe7426ec9ba5aa86baab913417ca361e8a4 (6.15-rc1)
+CVE-2025-38035 [nvmet-tcp: don't restore null sk_state_change]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/46d22b47df2741996af277a2838b95f130436c13 (6.15-rc5)
+CVE-2025-38034 [btrfs: correct the order of prelim_ref arguments in btrfs__prelim_ref]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/bc7e0975093567f51be8e1bdf4aa5900a3cf0b1e (6.15-rc6)
+CVE-2025-38033 [x86/Kconfig: make CFI_AUTO_DEFAULT depend on !RUST or Rust >= 1.88]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/5595c31c370957aabe739ac3996aedba8267603f (6.15-rc6)
+CVE-2025-38032 [mr: consolidate the ipmr_can_free_table() checks.]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c46286fdd6aa1d0e33c245bcffe9ff2428a777bd (6.15)
+CVE-2025-38031 [padata: do not leak refcount in reorder_work]
+	- linux 6.12.32-1
+	NOTE: https://git.kernel.org/linus/d6ebcde6d4ecf34f8495fb30516645db3aea8993 (6.15)
+CVE-2025-38030 [Revert "drm/amd: Keep display off while going into S4"]
+	- linux 6.12.32-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7e7cb7a13c81073d38a10fa7b450d23712281ec4 (6.15)
+CVE-2025-38029 [kasan: avoid sleepable page allocation from atomic context]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/b6ea95a34cbd014ab6ade4248107b86b0aaf2d6c (6.15)
 CVE-2025-38028 [NFS/localio: Fix a race in nfs_local_open_fh()]
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/fa7ab64f1e2fdc8f2603aab8e0dd20de89cb10d9 (6.15-rc7)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8c13ece14ef749c1861577ff54addf079afbd7f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f8c13ece14ef749c1861577ff54addf079afbd7f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250618/fd2bcd71/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list