[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu May 1 16:37:08 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
0f11f97e by Salvatore Bonaccorso at 2025-05-01T17:36:55+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,191 @@
+CVE-2025-37759 [ublk: fix handling recovery Description: reissue in ublk_abort_queue()]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6ee6bd5d4fce502a5b5a2ea805e9ff16e6aa890f (6.15-rc2)
+CVE-2025-37758 [ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/ad320e408a8c95a282ab9c05cdf0c9b95e317985 (6.15-rc2)
+CVE-2025-37757 [tipc: fix memory leak in tipc_link_xmit]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/69ae94725f4fc9e75219d2d69022029c5b24bc9a (6.15-rc2)
+CVE-2025-37756 [net: tls: explicitly disallow disconnect]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/5071a1e606b30c0c11278d3c6620cd6a24724cf6 (6.15-rc2)
+CVE-2025-37755 [net: libwx: handle page_pool_dev_alloc_pages error]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7f1ff1b38a7c8b872382b796023419d87d78c47e (6.15-rc2)
+CVE-2025-37754 [drm/i915/huc: Fix fence not released on early probe errors]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e3ea2eae70692a455e256787e4f54153fb739b90 (6.15-rc2)
+CVE-2025-37753 [s390/cpumf: Fix double free on error in cpumf_pmu_event_init()]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/aa1ac98268cd1f380c713f07e39b1fa1d5c7650c (6.15-rc2)
+CVE-2025-37752 [net_sched: sch_sfq: move the limit validation]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b3bf8f63e6179076b57c9de660c9f80b5abefe70 (6.15-rc2)
+CVE-2025-37751 [x86/cpu: Avoid running off the end of an AMD erratum table]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f0df00ebc57f803603f2a2e0df197e51f06fbe90 (6.15-rc2)
+CVE-2025-37750 [smb: client: fix UAF in decryption with multichannel]
+	- linux 6.12.25-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9502dd5c7029902f4a425bf959917a5a9e7c0e50 (6.15-rc2)
+CVE-2025-37749 [net: ppp: Add bound checking for skb data on ppp_sync_txmung]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/aabc6596ffb377c4c9c8f335124b92ea282c9821 (6.15-rc2)
+CVE-2025-37748 [iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/38e8844005e6068f336a3ad45451a562a0040ca1 (6.15-rc2)
+CVE-2025-37747 [perf: Fix hang while freeing sigtrap event]
+	- linux 6.12.25-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/56799bc035658738f362acec3e7647bb84e68933 (6.15-rc2)
+CVE-2025-37746 [perf/dwc_pcie: fix duplicate pci_dev devices]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/7f35b429802a8065aa61e2a3f567089649f4d98e (6.15-rc1)
+CVE-2025-37745 [PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/52323ed1444ea5c2a5f1754ea0a2d9c8c216ccdf (6.15-rc1)
+CVE-2025-37744 [wifi: ath12k: fix memory leak in ath12k_pci_remove()]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/1b24394ed5c8a8d8f7b9e3aa9044c31495d46f2e (6.15-rc1)
+CVE-2025-37743 [wifi: ath12k: Avoid memory leak while enabling statistics]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/ecfc131389923405be8e7a6f4408fd9321e4d19b (6.15-rc1)
+CVE-2025-37742 [jfs: Fix uninit-value access of imap allocated in the diMount() function]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/9629d7d66c621671d9a47afe27ca9336bfc8a9ea (6.15-rc1)
+CVE-2025-37741 [jfs: Prevent copying of nlink with value 0 from disk inode]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/b61e69bb1c049cf507e3c654fa3dc1568231bd07 (6.15-rc1)
+CVE-2025-37740 [jfs: add sanity check for agwidth in dbMount]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/ddf2846f22e8575d6b4b6a66f2100f168b8cd73d (6.15-rc1)
+CVE-2025-37739 [f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/e6494977bd4a83862118a05f57a8df40256951c0 (6.15-rc1)
+CVE-2025-37738 [ext4: ignore xattrs past end]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/c8e008b60492cf6fd31ef127aea6d02fd3d314cd (6.15-rc1)
+CVE-2025-23163 [net: vlan: don't propagate flags on open]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/27b918007d96402aba10ed52a6af8015230f1793 (6.15-rc1)
+CVE-2025-23162 [drm/xe/vf: Don't try to trigger a full GT reset if VF]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/459777724d306315070d24608fcd89aea85516d6 (6.15-rc1)
+CVE-2025-23161 [PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/18056a48669a040bef491e63b25896561ee14d90 (6.15-rc1)
+CVE-2025-23160 [media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization]
+	- linux 6.12.25-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4936cd5817af35d23e4d283f48fa59a18ef481e4 (6.15-rc1)
+CVE-2025-23159 [media: venus: hfi: add a check to handle OOB in sfr region]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/f4b211714bcc70effa60c34d9fa613d182e3ef1e (6.15-rc1)
+CVE-2025-23158 [media: venus: hfi: add check to handle incorrect queue size]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/69baf245b23e20efda0079238b27fc63ecf13de1 (6.15-rc1)
+CVE-2025-23157 [media: venus: hfi_parser: add check to avoid out of bound access]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/172bf5a9ef70a399bb227809db78442dc01d9e48 (6.15-rc1)
+CVE-2025-23156 [media: venus: hfi_parser: refactor hfi packet parsing logic]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/9edaaa8e3e15aab1ca413ab50556de1975bcb329 (6.15-rc1)
+CVE-2025-23155 [net: stmmac: Fix accessing freed irq affinity_hint]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c60d101a226f18e9a8f01bb4c6ca2b47dfcb15ef (6.15-rc1)
+CVE-2025-23154 [io_uring/net: fix io_req_post_cqe abuse by send bundle]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6889ae1b4df1579bcdffef023e2ea9a982565dff (6.15-rc1)
+CVE-2025-23153 [arm/crc-t10dif: fix use of out-of-scope array in crc_t10dif_arch()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3371f569223c4e8d36edbb0ba789ee5f5cb7316f (6.15-rc1)
+CVE-2025-23152 [arm64/crc-t10dif: fix use of out-of-scope array in crc_t10dif_arch()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d48b663f410f8b35b8ba9bd597bafaa00f53293b (6.15-rc1)
+CVE-2025-23151 [bus: mhi: host: Fix race between unprepare and queue_buf]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0686a818d77a431fc3ba2fab4b46bbb04e8c9380 (6.15-rc1)
+CVE-2025-23150 [ext4: fix off-by-one error in do_split]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/94824ac9a8aaf2fb3c54b4bdde842db80ffa555d (6.15-rc2)
+CVE-2025-23149 [tpm: do not start chip while suspended]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/17d253af4c2c8a2acf84bb55a0c2045f150b7dfd (6.15-rc1)
+CVE-2025-23148 [soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/c8222ef6cf29dd7cad21643228f96535cc02b327 (6.15-rc1)
+CVE-2025-23147 [i3c: Add NULL pointer check in i3c_master_queue_ibi()]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/bd496a44f041da9ef3afe14d1d6193d460424e91 (6.15-rc1)
+CVE-2025-23146 [mfd: ene-kb3930: Fix a potential NULL pointer dereference]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/4cdf1d2a816a93fa02f7b6b5492dc7f55af2a199 (6.15-rc1)
+CVE-2025-23145 [mptcp: fix NULL pointer in can_accept_new_subflow]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/443041deb5ef6a1289a99ed95015ec7442f141dc (6.15-rc1)
+CVE-2025-23144 [backlight: led_bl: Hold led_access lock when calling led_sysfs_disable()]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/276822a00db3c1061382b41e72cafc09d6a0ec30 (6.15-rc1)
+CVE-2025-23143 [net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod.]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/0bb2f7a1ad1f11d861f58e5ee5051c8974ff9569 (6.15-rc2)
+CVE-2025-23142 [sctp: detect and prevent references to a freed transport in sendmsg]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/f1a69a940de58b16e8249dff26f74c8cc59b32be (6.15-rc2)
+CVE-2025-23141 [KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/ef01cac401f18647d62720cf773d7bb0541827da (6.15-rc2)
+CVE-2025-23140 [misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/f6cb7828c8e17520d4f5afb416515d3fae1af9a9 (6.15-rc1)
+CVE-2025-23139 [Bluetooth: hci_uart: Fix another race during initialization]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5df5dafc171b90d0b8d51547a82657cd5a1986c7 (6.15-rc1)
 CVE-2025-4156 (A vulnerability has been found in PHPGurukul Boat Booking System 1.0 a ...)
 	NOT-FOR-US: PHPGurukul
 CVE-2025-4155 (A vulnerability, which was classified as critical, was found in PHPGur ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f11f97e10bc6bceb08cd3d3d79d3348fef49761

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0f11f97e10bc6bceb08cd3d3d79d3348fef49761
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250501/19b3cce2/attachment.htm>

More information about the debian-security-tracker-commits mailing list