[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Mar 6 20:12:43 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f2695954 by security tracker role at 2025-03-06T20:12:37+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,199 +1,293 @@
-CVE-2025-21834 [seccomp: passthrough uretprobe systemcall without filtering]
+CVE-2025-2045 (Improper authorization in GitLab EE affecting all versions from 17.7 p ...)
+ TODO: check
+CVE-2025-2040 (A vulnerability classified as critical was found in zhijiantianya ruoy ...)
+ TODO: check
+CVE-2025-2039 (A vulnerability classified as critical has been found in code-projects ...)
+ TODO: check
+CVE-2025-2038 (A vulnerability was found in code-projects Blood Bank Management Syste ...)
+ TODO: check
+CVE-2025-2037 (A vulnerability was found in code-projects Blood Bank Management Syste ...)
+ TODO: check
+CVE-2025-2036 (A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0. ...)
+ TODO: check
+CVE-2025-2035 (A vulnerability was found in s-a-zhd Ecommerce-Website-using-PHP 1.0 a ...)
+ TODO: check
+CVE-2025-2034 (A vulnerability has been found in PHPGurukul Pre-School Enrollment Sys ...)
+ TODO: check
+CVE-2025-2033 (A vulnerability, which was classified as critical, was found in code-p ...)
+ TODO: check
+CVE-2025-2032 (A vulnerability classified as problematic was found in ChestnutCMS 1.5 ...)
+ TODO: check
+CVE-2025-2031 (A vulnerability classified as critical has been found in ChestnutCMS u ...)
+ TODO: check
+CVE-2025-2030 (A vulnerability was found in Seeyon Zhiyuan Interconnect FE Collaborat ...)
+ TODO: check
+CVE-2025-2029 (A vulnerability was found in MicroDicom DICOM Viewer 2025.1 Build 3321 ...)
+ TODO: check
+CVE-2025-27600 (FastGPT is a knowledge-based platform built on the LLMs. Since the web ...)
+ TODO: check
+CVE-2025-27509 (fleetdm/fleet is an open source device management, built on osquery. I ...)
+ TODO: check
+CVE-2025-27506 (NocoDB is software for building databases as spreadsheets. The API end ...)
+ TODO: check
+CVE-2025-26167 (Buffalo LS520D 4.53 is vulnerable to Arbitrary file read, which allows ...)
+ TODO: check
+CVE-2025-25497 (An issue in account management interface in Netsweeper Server v.8.2.6 ...)
+ TODO: check
+CVE-2025-25452 (An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a ...)
+ TODO: check
+CVE-2025-25451 (An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a ...)
+ TODO: check
+CVE-2025-25450 (An issue in TAAGSOLUTIONS GmbH MyTaag v.2024-11-24 and before allows a ...)
+ TODO: check
+CVE-2025-25381 (Incorrect access control in the KSRTC AWATAR app of Karnataka State Ro ...)
+ TODO: check
+CVE-2025-25361 (An arbitrary file upload vulnerability in the component /cms/CmsWebFil ...)
+ TODO: check
+CVE-2025-25294 (Envoy Gateway is an open source project for managing Envoy Proxy as a ...)
+ TODO: check
+CVE-2025-25191 (Group-Office is an enterprise CRM and groupware tool. This Stored XSS ...)
+ TODO: check
+CVE-2025-24796 (Collabora Online is a collaborative online office suite based on Libre ...)
+ TODO: check
+CVE-2025-1696 (A vulnerability exists in Docker Desktop prior to version 4.39.0 that ...)
+ TODO: check
+CVE-2025-1672 (The Notibar \u2013 Notification Bar for WordPress plugin for WordPress ...)
+ TODO: check
+CVE-2025-1666 (The Cookie banner plugin for WordPress \u2013 Cookiebot CMP by Usercen ...)
+ TODO: check
+CVE-2025-1540 (An issue has been discovered in GitLab CE/EE for Self-Managed and Dedi ...)
+ TODO: check
+CVE-2025-1383 (The Podlove Podcast Publisher plugin for WordPress is vulnerable to Cr ...)
+ TODO: check
+CVE-2025-0877 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-0337 (ServiceNow has addressed an authorization bypass vulnerability that wa ...)
+ TODO: check
+CVE-2024-7872 (Insertion of Sensitive Information Into Sent Data vulnerability in Ext ...)
+ TODO: check
+CVE-2024-52924 (An issue was discovered in NRMM in Samsung Mobile Processor, Wearable ...)
+ TODO: check
+CVE-2024-52923 (An issue was discovered in NRMM in Samsung Mobile Processor, Wearable ...)
+ TODO: check
+CVE-2024-51476 (IBM Concert Software 1.0.5 uses an inadequate account lockout setting ...)
+ TODO: check
+CVE-2024-50600 (An issue was discovered in Samsung Mobile Processor and Wearable Proce ...)
+ TODO: check
+CVE-2024-42844 (A SQL Injection vulnerability has been identified in EPICOR Prophet 21 ...)
+ TODO: check
+CVE-2024-13902 (A vulnerability, which was classified as problematic, was found in hua ...)
+ TODO: check
+CVE-2024-13897 (The Moving Media Library plugin for WordPress is vulnerable to arbitra ...)
+ TODO: check
+CVE-2024-13894 (Smartwares camerasCIP-37210AT andC724IP, as well as others which share ...)
+ TODO: check
+CVE-2024-13893 (Smartwares camerasCIP-37210AT andC724IP, as well as others which share ...)
+ TODO: check
+CVE-2024-13892 (Smartwares camerasCIP-37210AT andC724IP, as well as others which share ...)
+ TODO: check
+CVE-2024-12742 (A deserialization of untrusted data vulnerability exists in NI G Web D ...)
+ TODO: check
+CVE-2024-12146 (Improper Validation of Syntactic Correctness of Input vulnerability in ...)
+ TODO: check
+CVE-2024-12144 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-21834 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cf6cb56ef24410fb5308f9655087f1eddf4452e6 (6.14-rc2)
-CVE-2025-21833 [iommu/vt-d: Avoid use of NULL after WARN_ON_ONCE]
+CVE-2025-21833 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/60f030f7418d3f1d94f2fb207fe3080e1844630b (6.14-rc1)
-CVE-2025-21832 [block: don't revert iter for -EIOCBQUEUED]
+CVE-2025-21832 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.15-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/b13ee668e8280ca5b07f8ce2846b9957a8a10853 (6.14-rc1)
-CVE-2025-21831 [PCI: Avoid putting some root ports into D3 on TUXEDO Sirius Gen1]
+CVE-2025-21831 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.12.15-1
NOTE: https://git.kernel.org/linus/b1049f2d68693c80a576c4578d96774a68df2bad (6.14-rc1)
-CVE-2025-21830 [landlock: Handle weird files]
+CVE-2025-21830 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/49440290a0935f428a1e43a5ac8dc275a647ff80 (6.14-rc1)
-CVE-2025-21829 [RDMA/rxe: Fix the warning "__rxe_cleanup+0x12c/0x170 [rdma_rxe]"]
+CVE-2025-21829 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/edc4ef0e0154096d6c0cf5e06af6fc330dbad9d1 (6.14-rc1)
-CVE-2025-21828 [wifi: mac80211: don't flush non-uploaded STAs]
+CVE-2025-21828 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aa3ce3f8fafa0b8fb062f28024855ea8cb3f3450 (6.14-rc1)
-CVE-2025-21827 [Bluetooth: btusb: mediatek: Add locks for usb_driver_claim_interface()]
+CVE-2025-21827 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e9087e828827e5a5c85e124ce77503f2b81c3491 (6.14-rc1)
-CVE-2025-21826 [netfilter: nf_tables: reject mismatching sum of field_len with set key length]
+CVE-2025-21826 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/1b9335a8000fb70742f7db10af314104b6ace220 (6.14-rc1)
-CVE-2025-21825 [bpf: Cancel the running bpf_timer through kworker for PREEMPT_RT]
+CVE-2025-21825 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.13-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/58f038e6d209d2dd862fcf5de55407855856794d (6.14-rc1)
-CVE-2024-58086 [drm/v3d: Stop active perfmon if it is being destroyed]
+CVE-2024-58086 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.16-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/21f1435b1e6b012a07c42f36b206d2b66fc8f13b (6.14-rc1)
-CVE-2024-58085 [tomoyo: don't emit warning in tomoyo_write_control()]
+CVE-2024-58085 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.15-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/3df7546fc03b8f004eee0b9e3256369f7d096685 (6.14-rc1)
-CVE-2024-58084 [firmware: qcom: scm: Fix missing read barrier in qcom_scm_get_tzmem_pool()]
+CVE-2024-58084 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b628510397b5cafa1f5d3e848a28affd1c635302 (6.14-rc1)
-CVE-2024-58083 [KVM: Explicitly verify target vCPU is online in kvm_get_vcpu()]
+CVE-2024-58083 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.12.15-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/1e7381f3617d14b3c11da80ff5f8a93ab14cfc46 (6.14-rc1)
-CVE-2024-58082 [media: nuvoton: Fix an error check in npcm_video_ece_init()]
+CVE-2024-58082 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c4b7779abc6633677e6edb79e2809f4f61fde157 (6.14-rc1)
-CVE-2024-58081 [clk: mmp2: call pm_genpd_init() only after genpd.name is set]
+CVE-2024-58081 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e24b15d4704dcb73920c3d18a6157abd18df08c1 (6.14-rc1)
-CVE-2024-58080 [clk: qcom: dispcc-sm6350: Add missing parent_map for a clock]
+CVE-2024-58080 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.15-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d4cdb196f182d2fbe336c968228be00d8c3fed05 (6.14-rc1)
-CVE-2024-58079 [media: uvcvideo: Fix crash during unbind if gpio unit is in use]
+CVE-2024-58079 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.15-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a9ea1a3d88b7947ce8cadb2afceee7a54872bbc5 (6.14-rc1)
-CVE-2024-58078 [misc: misc_minor_alloc to use ida for all dynamic/misc dynamic minors]
+CVE-2024-58078 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.15-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6d04d2b554b14ae6c428a9c60b6c85f1e5c89f68 (6.14-rc1)
-CVE-2024-58077 [ASoC: soc-pcm: don't use soc_pcm_ret() on .prepare callback]
+CVE-2024-58077 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.12.15-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/301c26a018acb94dd537a4418cefa0f654500c6f (6.14-rc1)
-CVE-2024-58076 [clk: qcom: gcc-sm6350: Add missing parent_map for two clocks]
+CVE-2024-58076 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.15-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/96fe1a7ee477d701cfc98ab9d3c730c35d966861 (6.14-rc1)
-CVE-2024-58075 [crypto: tegra - do not transfer req when tegra init fails]
+CVE-2024-58075 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/15589bda46830695a3261518bb7627afac61f519 (6.14-rc1)
-CVE-2024-58074 [drm/i915: Grab intel_display from the encoder to avoid potential oopsies]
+CVE-2024-58074 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <unfixed>
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dc3806d9eb66d0105f8d55d462d4ef681d9eac59 (6.14-rc1)
-CVE-2024-58073 [drm/msm/dpu: check dpu_plane_atomic_print_state() for valid sspp]
+CVE-2024-58073 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/789384eb1437aed94155dc0eac8a8a6ba1baf578 (6.14-rc1)
-CVE-2024-58072 [wifi: rtlwifi: remove unused check_buddy_priv]
+CVE-2024-58072 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/2fdac64c3c35858aa8ac5caa70b232e03456e120 (6.14-rc1)
-CVE-2024-58071 [team: prevent adding a device which is already a team device lower]
+CVE-2024-58071 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/3fff5da4ca2164bb4d0f1e6cd33f6eb8a0e73e50 (6.14-rc1)
-CVE-2024-58070 [bpf: bpf_local_storage: Always use bpf_mem_alloc in PREEMPT_RT]
+CVE-2024-58070 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/8eef6ac4d70eb1f0099fff93321d90ce8fa49ee1 (6.14-rc1)
-CVE-2024-58069 [rtc: pcf85063: fix potential OOB write in PCF85063 NVMEM read]
+CVE-2024-58069 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/3ab8c5ed4f84fa20cd16794fe8dc31f633fbc70c (6.14-rc1)
-CVE-2024-58068 [OPP: fix dev_pm_opp_find_bw_*() when bandwidth table not initialized]
+CVE-2024-58068 (In the Linux kernel, the following vulnerability has been resolved: O ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b44b9bc7cab2967c3d6a791b1cd542c89fc07f0e (6.14-rc1)
-CVE-2024-58067 [clk: mmp: pxa1908-mpmu: Fix a NULL vs IS_ERR() check]
+CVE-2024-58067 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7def56f841af22e07977e193eea002e085facbdb (6.14-rc1)
-CVE-2024-58066 [clk: mmp: pxa1908-apbcp: Fix a NULL vs IS_ERR() check]
+CVE-2024-58066 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3acea81be689b77b3ceac6ff345ff0366734d967 (6.14-rc1)
-CVE-2024-58065 [clk: mmp: pxa1908-apbc: Fix NULL vs IS_ERR() check]
+CVE-2024-58065 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e5ca5d7b4d7c29246d957dc45d63610584ae3a54 (6.14-rc1)
-CVE-2024-58064 [wifi: cfg80211: tests: Fix potential NULL dereference in test_cfg80211_parse_colocated_ap()]
+CVE-2024-58064 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/13c4f7714c6a1ecf748a2f22099447c14fe6ed8c (6.14-rc1)
-CVE-2024-58063 [wifi: rtlwifi: fix memory leaks and invalid access at probe error path]
+CVE-2024-58063 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/e7ceefbfd8d447abc8aca8ab993a942803522c06 (6.14-rc1)
-CVE-2024-58062 [wifi: iwlwifi: mvm: avoid NULL pointer dereference]
+CVE-2024-58062 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cf704a7624f99eb2ffca1a16c69183e85544a613 (6.14-rc1)
-CVE-2024-58061 [wifi: mac80211: prohibit deactivating all links]
+CVE-2024-58061 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7553477cbfd784b128297f9ed43751688415bbaa (6.14-rc1)
-CVE-2024-58060 [bpf: Reject struct_ops registration that uses module ptr and the module btf_id is missing]
+CVE-2024-58060 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/96ea081ed52bf077cad6d00153b6fba68e510767 (6.14-rc1)
-CVE-2024-58059 [media: uvcvideo: Fix deadlock during uvc_probe]
+CVE-2024-58059 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a67f75c2b5ecf534eab416ce16c11fe780c4f8f6 (6.14-rc1)
-CVE-2024-58058 [ubifs: skip dumping tnc tree when zroot is null]
+CVE-2024-58058 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/bdb0ca39e0acccf6771db49c3f94ed787d05f2d7 (6.14-rc1)
-CVE-2024-58057 [idpf: convert workqueues to unbound]
+CVE-2024-58057 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9a5b021cb8186f1854bac2812bd4f396bb1e881c (6.14-rc1)
-CVE-2024-58056 [remoteproc: core: Fix ida_free call while not allocated]
+CVE-2024-58056 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7378aeb664e5ebc396950b36a1f2dedf5aabec20 (6.14-rc1)
-CVE-2024-58055 [usb: gadget: f_tcm: Don't free command immediately]
+CVE-2024-58055 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/c225d006a31949d673e646d585d9569bc28feeb9 (6.14-rc1)
-CVE-2024-58054 [staging: media: max96712: fix kernel oops when removing module]
+CVE-2024-58054 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ee1b5046d5cd892a0754ab982aeaaad3702083a5 (6.14-rc1)
-CVE-2024-58053 [rxrpc: Fix handling of received connection abort]
+CVE-2024-58053 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.12.13-1
NOTE: https://git.kernel.org/linus/0e56ebde245e4799ce74d38419426f2a80d39950 (6.14-rc1)
-CVE-2024-58052 [drm/amdgpu: Fix potential NULL pointer dereference in atomctrl_get_smc_sclk_range_table]
+CVE-2024-58052 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/357445e28ff004d7f10967aa93ddb4bffa5c3688 (6.14-rc1)
-CVE-2024-58051 [ipmi: ipmb: Add check devm_kasprintf() returned value]
+CVE-2024-58051 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.13-1
[bookworm] - linux 6.1.129-1
NOTE: https://git.kernel.org/linus/2378bd0b264ad3a1f76bd957caf33ee0c7945351 (6.14-rc1)
@@ -206,18 +300,18 @@ CVE-2024-36347 [AMD CPU Microcode Signature Verification Vulnerability]
NOTE: https://www.openwall.com/lists/oss-security/2025/03/05/3
NOTE: Kernel stop-gap mitigation: https://www.openwall.com/lists/oss-security/2025/03/06/3
NOTE: https://git.kernel.org/linus/bb2281fb05e50108ce95c43ab7e701ee564565c8
-CVE-2024-56202 [Expect header field can unreasonably retain resource]
+CVE-2024-56202 (Expected Behavior Violation vulnerability in Apache Traffic Server. T ...)
- trafficserver <unfixed> (bug #1099691)
NOTE: https://www.openwall.com/lists/oss-security/2025/03/05/1
NOTE: https://github.com/apache/trafficserver/commit/1cca4a29520f9258be6c3fad5092939dbe9d3562 (9.2.9-rc0)
-CVE-2024-56196 [ACL is not fully compatible with older versions]
+CVE-2024-56196 (Improper Access Control vulnerability in Apache Traffic Server. This ...)
- trafficserver <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2025/03/05/1
-CVE-2024-56195 [Intercept plugins are not access controlled]
+CVE-2024-56195 (Improper Access Control vulnerability in Apache Traffic Server. This ...)
- trafficserver <unfixed> (bug #1099691)
NOTE: https://www.openwall.com/lists/oss-security/2025/03/05/1
NOTE: https://github.com/apache/trafficserver/commit/483f84ea4ae2511834abd90014770b27a5082a4c (9.2.9-rc0)
-CVE-2024-38311 [Request smuggling via pipelining after a chunked message body]
+CVE-2024-38311 (Improper Input Validation vulnerability in Apache Traffic Server. Thi ...)
- trafficserver <unfixed> (bug #1099691)
NOTE: https://www.openwall.com/lists/oss-security/2025/03/05/1
NOTE: https://github.com/apache/trafficserver/commit/a16c4b6bb0b126047c68dafbdf6311ac1586fc0b (9.2.9-rc0)
@@ -595,30 +689,39 @@ CVE-2025-22870
NOTE: Fixed by: https://github.com/golang/go/commit/334de7982f8ec959c74470dd709ceedfd6dbd50a (go1.24.1)
NOTE: Fixed by: https://github.com/golang/go/commit/25177ecde0922c50753c043579d17828b7ee88e7 (go1.23.7)
CVE-2025-1923 (Inappropriate implementation in Permission Prompts in Google Chrome pr ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1922 (Inappropriate implementation in Selection in Google Chrome on Android ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1921 (Inappropriate implementation in Media Stream in Google Chrome prior to ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1919 (Out of bounds read in Media in Google Chrome prior to 134.0.6998.35 al ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1918 (Out of bounds read in PDFium in Google Chrome prior to 134.0.6998.35 a ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1917 (Inappropriate implementation in Browser UI in Google Chrome on Android ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1916 (Use after free in Profiles in Google Chrome prior to 134.0.6998.35 all ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1915 (Improper Limitation of a Pathname to a Restricted Directory in DevTool ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-1914 (Out of bounds read in V8 in Google Chrome prior to 134.0.6998.35 allow ...)
+ {DSA-5875-1}
- chromium 134.0.6998.35-1
[bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-27507 (The open-source identity infrastructure software Zitadel allows admini ...)
@@ -727,7 +830,7 @@ CVE-2025-1943 (Memory safety bugs present in Firefox 135 and Thunderbird 135. So
- firefox 136.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-14/#CVE-2025-1943
CVE-2025-1938 (Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ES ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -735,7 +838,7 @@ CVE-2025-1938 (Memory safety bugs present in Firefox 135, Thunderbird 135, Firef
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/#CVE-2025-1938
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/#CVE-2025-1938
CVE-2025-1937 (Memory safety bugs present in Firefox 135, Thunderbird 135, Firefox ES ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -743,7 +846,7 @@ CVE-2025-1937 (Memory safety bugs present in Firefox 135, Thunderbird 135, Firef
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/#CVE-2025-1937
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/#CVE-2025-1937
CVE-2025-1936 (jar: URLs retrieve local file content packaged in a ZIP archive. The n ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -751,7 +854,7 @@ CVE-2025-1936 (jar: URLs retrieve local file content packaged in a ZIP archive.
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/#CVE-2025-1936
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/#CVE-2025-1936
CVE-2025-1935 (A web page could trick a user into setting that site as the default ha ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -765,7 +868,7 @@ CVE-2025-1941 (Under certain circumstances, a user opt-in setting that Focus sho
- firefox <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-14/#CVE-2025-1941
CVE-2025-1934 (It was possible to interrupt the processing of a RegExp bailout and ru ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -776,7 +879,7 @@ CVE-2025-1940 (A select option could partially obscure the confirmation prompt s
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-14/#CVE-2025-1940
CVE-2025-1933 (On 64-bit CPUs, when the JIT compiles WASM i32 return values they can ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -784,7 +887,7 @@ CVE-2025-1933 (On 64-bit CPUs, when the JIT compiles WASM i32 return values they
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/#CVE-2025-1933
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/#CVE-2025-1932
CVE-2025-1932 (An inconsistent comparator in xslt/txNodeSorter could have resulted in ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -792,7 +895,7 @@ CVE-2025-1932 (An inconsistent comparator in xslt/txNodeSorter could have result
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/#CVE-2025-1932
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-18/#CVE-2025-1932
CVE-2025-1931 (It was possible to cause a use-after-free in the content process side ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox 136.0-1
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
@@ -2986,7 +3089,7 @@ CVE-2024-49570 (In the Linux kernel, the following vulnerability has been resolv
NOTE: https://git.kernel.org/linus/07089083a526ea19daa72a1edf9d6e209615b77c (6.14-rc1)
CVE-2025-26925 (Cross-Site Request Forgery (CSRF) vulnerability in Required Admin Menu ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-26699 [Potential denial-of-service in django.utils.text.wrap()]
+CVE-2025-26699 (An issue was discovered in Django 5.1 before 5.1.7, 5.0 before 5.0.13, ...)
- python-django <unfixed> (bug #1099682)
NOTE: https://www.djangoproject.com/weblog/2025/mar/06/security-releases/
NOTE: Fixed by: https://github.com/django/django/commit/e88f7376fe68dbf4ebaf11fad1513ce700b45860 (4.2.20)
@@ -17045,7 +17148,7 @@ CVE-2024-12423 (The Contact Form 7 Redirect & Thank You Page plugin for WordPres
NOT-FOR-US: WordPress plugin
CVE-2024-12403 (The Image Gallery \u2013 Responsive Photo Gallery plugin for WordPress ...)
NOT-FOR-US: WordPress plugin
-CVE-2024-12297 (Moxa\u2019s Ethernet switch EDS-508A Series, running firmware version ...)
+CVE-2024-12297 (Moxa\u2019s Ethernet switch is vulnerable to an authentication bypass ...)
NOT-FOR-US: Moxa
CVE-2024-11851 (The NitroPack plugin for WordPress is vulnerable to unauthorized arbit ...)
NOT-FOR-US: WordPress plugin
@@ -21309,7 +21412,7 @@ CVE-2024-43764 (In onPrimaryClipChanged of ClipboardListener.java, there is a po
CVE-2024-43762 (In multiple locations, there is a possible way to avoid unbinding of a ...)
NOT-FOR-US: Android
CVE-2024-43097 (In resizeToAtLeast of SkRegion.cpp, there is a possible out of bounds ...)
- {DSA-5874-1}
+ {DSA-5874-1 DLA-4078-1}
- firefox-esr 128.8.0esr-1
- thunderbird 1:128.8.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-16/#CVE-2024-43097
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2695954e57c934f741f94f308bda5155c0644a2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f2695954e57c934f741f94f308bda5155c0644a2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250306/36cd66f4/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list