[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Jun 18 14:23:06 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
389ef3ed by Salvatore Bonaccorso at 2025-06-18T15:22:42+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,33 @@
+CVE-2022-49941 [tty: n_gsm: avoid call of sleeping functions from atomic context]
+ - linux 5.19.11-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/902e02ea9385373ce4b142576eef41c642703955 (6.0-rc4)
+CVE-2022-49940 [tty: n_gsm: add sanity check for gsm->receive in gsm_receive_buf()]
+ - linux 5.19.11-1
+ [bullseye] - linux 5.10.205-1
+ NOTE: https://git.kernel.org/linus/f16c6d2e58a4c2b972efcf9eb12390ee0ba3befb (6.0-rc4)
+CVE-2022-49939 [binder: fix UAF of ref->proc caused by race condition]
+ - linux 5.19.11-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/a0e44c64b6061dda7e00b7c458e4523e2331b739 (6.0-rc4)
+CVE-2022-49938 [cifs: fix small mempool leak in SMB2_negotiate()]
+ - linux 5.19.11-1
+ NOTE: https://git.kernel.org/linus/27893dfc1285f80f80f46b3b8c95f5d15d2e66d0 (6.0-rc4)
+CVE-2022-49937 [media: mceusb: Use new usb_control_msg_*() routines]
+ - linux 5.19.11-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/608e58a0f4617977178131f5f68a3fce1d3f5316 (6.0-rc4)
+CVE-2022-49936 [USB: core: Prevent nested device-reset calls]
+ - linux 5.19.11-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/9c6d778800b921bde3bff3cff5003d1650f942d1 (6.0-rc4)
+CVE-2022-49935 [dma-buf/dma-resv: check if the new fence is really later]
+ - linux 5.19.11-1
+ NOTE: https://git.kernel.org/linus/a3f7c10a269d5b77dd5822ade822643ced3057f0 (6.0-rc4)
+CVE-2022-49934 [wifi: mac80211: Fix UAF in ieee80211_scan_rx()]
+ - linux 5.19.11-1
+ [bullseye] - linux 5.10.148-1
+ NOTE: https://git.kernel.org/linus/60deb9f10eec5c6a20252ed36238b55d8b614a2c (6.0-rc4)
CVE-2025-38082 [gpio: virtuser: fix potential out-of-bound write]
- linux 6.12.32-1
NOTE: https://git.kernel.org/linus/7118be7c6072f40391923543fdd1563b8d56377c (6.15-rc7)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/389ef3edace80f0c45c12a9215c8166f98a9feae
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/389ef3edace80f0c45c12a9215c8166f98a9feae
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250618/f08b229d/attachment.htm>
More information about the debian-security-tracker-commits
mailing list