[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Thu May 1 16:50:42 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
7aa7fda5 by Salvatore Bonaccorso at 2025-05-01T17:50:23+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,155 @@
+CVE-2025-37796 [wifi: at76c50x: fix use after free access in at76_disconnect]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/27c7e63b3cb1a20bb78ed4a36c561ea4579fd7da (6.15-rc3)
+CVE-2025-37795 [wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/a104042e2bf6528199adb6ca901efe7b60c2c27f (6.15-rc3)
+CVE-2025-37794 [wifi: mac80211: Purge vif txq in ieee80211_do_stop()]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/378677eb8f44621ecc9ce659f7af61e5baa94d81 (6.15-rc3)
+CVE-2025-37793 [ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/95f723cf141b95e3b3a5b92cf2ea98a863fe7275 (6.15-rc3)
+CVE-2025-37792 [Bluetooth: btrtl: Prevent potential NULL dereference]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/324dddea321078a6eeb535c2bff5257be74c9799 (6.15-rc3)
+CVE-2025-37791 [ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f3fdd4fba16c74697d8bc730b82fb7c1eff7fab3 (6.15-rc3)
+CVE-2025-37790 [net: mctp: Set SOCK_RCU_FREE]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/52024cd6ec71a6ca934d0cc12452bd8d49850679 (6.15-rc3)
+CVE-2025-37789 [net: openvswitch: fix nested key length validation in the set() action]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/65d91192aa66f05710cfddf6a14b5a25ee554dba (6.15-rc3)
+CVE-2025-37788 [cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/00ffb3724ce743578163f5ade2884374554ca021 (6.15-rc3)
+CVE-2025-37787 [net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c84f6ce918a9e6f4996597cbc62536bbf2247c96 (6.15-rc3)
+CVE-2025-37786 [net: dsa: free routing table on probe failure]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/8bf108d7161ffc6880ad13a0cc109de3cf631727 (6.15-rc3)
+CVE-2025-37784 [net: ti: icss-iep: Fix possible NULL pointer dereference for perout request]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7349c9e9979333abfce42da5f9025598083b59c9 (6.15-rc3)
+CVE-2025-37783 [drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/5cb1b130e1cd04239cc9c26a98279f4660dce583 (6.15-rc3)
+CVE-2025-37782 [hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/bb5e07cb927724e0b47be371fa081141cfb14414 (6.15-rc3)
+CVE-2025-37781 [i2c: cros-ec-tunnel: defer probe if parent EC is not present]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/424eafe65647a8d6c690284536e711977153195a (6.15-rc3)
+CVE-2025-37780 [isofs: Prevent the use of too small fid]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/0405d4b63d082861f4eaff9d39c78ee9dc34f845 (6.15-rc3)
+CVE-2025-37779 [lib/iov_iter: fix to increase non slab folio refcount]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/770c8d55c42868239c748a3ebc57c9e37755f842 (6.15-rc3)
+CVE-2025-37778 [ksmbd: Fix dangling pointer in krb_authenticate]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/1e440d5b25b7efccb3defe542a73c51005799a5f (6.15-rc3)
+CVE-2025-37777 [ksmbd: fix use-after-free in __smb2_lease_break_noti()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de (6.15-rc3)
+CVE-2025-37776 [ksmbd: fix use-after-free in smb_break_all_levII_oplock()]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/18b4fac5ef17f77fed9417d22210ceafd6525fc7 (6.15-rc3)
+CVE-2025-37775 [ksmbd: fix the warning from __kernel_write_iter]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/b37f2f332b40ad1c27f18682a495850f2f04db0a (6.15-rc3)
+CVE-2025-37774 [slab: ensure slab->obj_exts is clear in a newly allocated slab page]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/d2f5819b6ed357c0c350c0616b6b9f38be59adf6 (6.15-rc3)
+CVE-2025-37773 [virtiofs: add filesystem context source name check]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/a94fd938df2b1628da66b498aa0eeb89593bc7a2 (6.15-rc3)
+CVE-2025-37772 [RDMA/cma: Fix workqueue crash in cma_netevent_work_handler]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/45f5dcdd049719fb999393b30679605f16ebce14 (6.15-rc3)
+CVE-2025-37771 [drm/amd/pm: Prevent division by zero]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7d641c2b83275d3b0424127b2e0d2d0f7dd82aef (6.15-rc1)
+CVE-2025-37770 [drm/amd/pm: Prevent division by zero]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/4b8c3c0d17c07f301011e2908fecd2ebdcfe3d1c (6.15-rc1)
+CVE-2025-37769 [drm/amd/pm/smu11: Prevent division by zero]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7ba88b5cccc1a99c1afb96e31e7eedac9907704c (6.15-rc2)
+CVE-2025-37768 [drm/amd/pm: Prevent division by zero]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/7c246a05df51c52fe0852ce56ba10c41e6ed1f39 (6.15-rc1)
+CVE-2025-37767 [drm/amd/pm: Prevent division by zero]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f23e9116ebb71b63fe9cec0dcac792aa9af30b0c (6.15-rc1)
+CVE-2025-37766 [drm/amd/pm: Prevent division by zero]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/4e3d9508c056d7e0a56b58d5c81253e2a0d22b6c (6.15-rc1)
+CVE-2025-37765 [drm/nouveau: prime: fix ttm_bo_delayed_delete oops]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/8ec0fbb28d049273bfd4f1e7a5ae4c74884beed3 (6.15-rc2)
+CVE-2025-37764 [drm/imagination: fix firmware memory leaks]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a5b230e7f3a55bd8bd8d012eec75a4b7baa671d5 (6.15-rc2)
+CVE-2025-37763 [drm/imagination: take paired job reference]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4ba2abe154ef68f9612eee9d6fbfe53a1736b064 (6.15-rc2)
+CVE-2025-37762 [drm/virtio: Fix missed dmabuf unpinning in error path of prepare_fb()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/395cc80051f8da267b27496a4029dd931a198855 (6.15-rc2)
+CVE-2025-37761 [drm/xe: Fix an out-of-bounds shift when invalidating TLB]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7bcfeddb36b77f9fe3b010bb0b282b7618420bba (6.15-rc2)
+CVE-2025-37760 [mm/vma: add give_up_on_oom option on modify/merge, use in uffd release]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/41e6ddcaa0f18dda4c3fadf22533775a30d6f72f (6.15-rc3)
 CVE-2025-37759 [ublk: fix handling recovery Description: reissue in ublk_abort_queue()]
 	- linux 6.12.25-1
 	[bookworm] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aa7fda5e44a42f5b11aa8766a80f60a9b17f523

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/7aa7fda5e44a42f5b11aa8766a80f60a9b17f523
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250501/835ea157/attachment.htm>
