[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Thu Mar 6 19:33:11 GMT 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
fea0780e by Salvatore Bonaccorso at 2025-03-06T20:32:46+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,107 @@
+CVE-2025-21834 [seccomp: passthrough uretprobe systemcall without filtering]
+	- linux 6.12.15-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cf6cb56ef24410fb5308f9655087f1eddf4452e6 (6.14-rc2)
+CVE-2025-21833 [iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/60f030f7418d3f1d94f2fb207fe3080e1844630b (6.14-rc1)
+CVE-2025-21832 [block: don't revert iter for -EIOCBQUEUED]
+	- linux 6.12.15-1
+	[bookworm] - linux 6.1.129-1
+	NOTE: https://git.kernel.org/linus/b13ee668e8280ca5b07f8ce2846b9957a8a10853 (6.14-rc1)
+CVE-2025-21831 [PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1]
+	- linux 6.12.15-1
+	NOTE: https://git.kernel.org/linus/b1049f2d68693c80a576c4578d96774a68df2bad (6.14-rc1)
+CVE-2025-21830 [landlock: Handle weird files]
+	- linux 6.12.13-1
+	[bookworm] - linux 6.1.129-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/49440290a0935f428a1e43a5ac8dc275a647ff80 (6.14-rc1)
+CVE-2025-21829 [RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]"]
+	- linux 6.12.13-1
+	[bookworm] - linux 6.1.129-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/edc4ef0e0154096d6c0cf5e06af6fc330dbad9d1 (6.14-rc1)
+CVE-2025-21828 [wifi: mac80211: don't flush non-uploaded STAs]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/aa3ce3f8fafa0b8fb062f28024855ea8cb3f3450 (6.14-rc1)
+CVE-2025-21827 [Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface()]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e9087e828827e5a5c85e124ce77503f2b81c3491 (6.14-rc1)
+CVE-2025-21826 [netfilter: nf_tables: reject mismatching sum of field_len with set key length]
+	- linux 6.12.13-1
+	[bookworm] - linux 6.1.129-1
+	NOTE: https://git.kernel.org/linus/1b9335a8000fb70742f7db10af314104b6ace220 (6.14-rc1)
+CVE-2025-21825 [bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT]
+	- linux 6.12.13-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/58f038e6d209d2dd862fcf5de55407855856794d (6.14-rc1)
+CVE-2024-58086 [drm/v3d: Stop active perfmon if it is being destroyed]
+	- linux 6.12.16-1
+	[bookworm] - linux 6.1.129-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/21f1435b1e6b012a07c42f36b206d2b66fc8f13b (6.14-rc1)
+CVE-2024-58085 [tomoyo: don't emit warning in tomoyo_write_control()]
+	- linux 6.12.15-1
+	[bookworm] - linux 6.1.129-1
+	NOTE: https://git.kernel.org/linus/3df7546fc03b8f004eee0b9e3256369f7d096685 (6.14-rc1)
+CVE-2024-58084 [firmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool()]
+	- linux 6.12.15-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b628510397b5cafa1f5d3e848a28affd1c635302 (6.14-rc1)
+CVE-2024-58083 [KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()]
+	- linux 6.12.15-1
+	[bookworm] - linux 6.1.129-1
+	NOTE: https://git.kernel.org/linus/1e7381f3617d14b3c11da80ff5f8a93ab14cfc46 (6.14-rc1)
+CVE-2024-58082 [media: nuvoton: Fix an error check in npcm_video_ece_init()]
+	- linux 6.12.15-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c4b7779abc6633677e6edb79e2809f4f61fde157 (6.14-rc1)
+CVE-2024-58081 [clk: mmp2: call pm_genpd_init() only after genpd.name is set]
+	- linux 6.12.15-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e24b15d4704dcb73920c3d18a6157abd18df08c1 (6.14-rc1)
+CVE-2024-58080 [clk: qcom: dispcc-sm6350: Add missing parent_map for a clock]
+	- linux 6.12.15-1
+	[bookworm] - linux 6.1.129-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d4cdb196f182d2fbe336c968228be00d8c3fed05 (6.14-rc1)
+CVE-2024-58079 [media: uvcvideo: Fix crash during unbind if gpio unit is in use]
+	- linux 6.12.15-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a9ea1a3d88b7947ce8cadb2afceee7a54872bbc5 (6.14-rc1)
+CVE-2024-58078 [misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors]
+	- linux 6.12.15-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6d04d2b554b14ae6c428a9c60b6c85f1e5c89f68 (6.14-rc1)
+CVE-2024-58077 [ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback]
+	- linux 6.12.15-1
+	[bookworm] - linux 6.1.129-1
+	NOTE: https://git.kernel.org/linus/301c26a018acb94dd537a4418cefa0f654500c6f (6.14-rc1)
+CVE-2024-58076 [clk: qcom: gcc-sm6350: Add missing parent_map for two clocks]
+	- linux 6.12.15-1
+	[bookworm] - linux 6.1.129-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/96fe1a7ee477d701cfc98ab9d3c730c35d966861 (6.14-rc1)
+CVE-2024-58075 [crypto: tegra - do not transfer req when tegra init fails]
+	- linux 6.12.13-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/15589bda46830695a3261518bb7627afac61f519 (6.14-rc1)
+CVE-2024-58074 [drm/i915: Grab intel_display from the encoder to avoid potential oopsies]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dc3806d9eb66d0105f8d55d462d4ef681d9eac59 (6.14-rc1)
 CVE-2024-58073 [drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp]
 	- linux <not-affected> (Vulnerable code not present)
 	NOTE: https://git.kernel.org/linus/789384eb1437aed94155dc0eac8a8a6ba1baf578 (6.14-rc1)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fea0780e42faeb6bed5a3f6e7bd4a16d50f7bdf6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fea0780e42faeb6bed5a3f6e7bd4a16d50f7bdf6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250306/8d46c725/attachment.htm>
