[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu May 1 21:12:41 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
30a30038 by security tracker role at 2025-05-01T20:12:35+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,1006 +1,1172 @@
-CVE-2022-49931 [IB/hfi1: Correctly move list in sc_disable()]
+CVE-2025-4174 (A vulnerability, which was classified as critical, has been found in P ...)
+ TODO: check
+CVE-2025-4173 (A vulnerability classified as critical was found in SourceCodester Onl ...)
+ TODO: check
+CVE-2025-4164 (A vulnerability, which was classified as critical, was found in PHPGur ...)
+ TODO: check
+CVE-2025-4163 (A vulnerability, which was classified as critical, has been found in P ...)
+ TODO: check
+CVE-2025-4162 (A vulnerability classified as critical was found in PCMan FTP Server u ...)
+ TODO: check
+CVE-2025-4161 (A vulnerability classified as critical has been found in PCMan FTP Ser ...)
+ TODO: check
+CVE-2025-4160 (A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been ...)
+ TODO: check
+CVE-2025-4159 (A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been ...)
+ TODO: check
+CVE-2025-4158 (A vulnerability was found in PCMan FTP Server up to 2.0.7. It has been ...)
+ TODO: check
+CVE-2025-4157 (A vulnerability was found in PHPGurukul Boat Booking System 1.0 and cl ...)
+ TODO: check
+CVE-2025-46635 (An issue was discovered on Tenda RX2 Pro 16.03.30.14 devices. Improper ...)
+ TODO: check
+CVE-2025-46634 (Cleartext transmission of sensitive information in the web management ...)
+ TODO: check
+CVE-2025-46633 (Cleartext transmission of sensitive information in the web management ...)
+ TODO: check
+CVE-2025-46632 (Initialization vector (IV) reuse in the web management portal of the T ...)
+ TODO: check
+CVE-2025-46631 (Improper access controls in the web management portal of the Tenda RX2 ...)
+ TODO: check
+CVE-2025-46630 (Improper access controls in the web management portal of the Tenda RX2 ...)
+ TODO: check
+CVE-2025-46629 (Lack of access controls in the 'ate' management binary of the Tenda RX ...)
+ TODO: check
+CVE-2025-46628 (Lack of input validation/sanitization in the 'ate' management service ...)
+ TODO: check
+CVE-2025-46627 (Use of weak credentials in the Tenda RX2 Pro 16.03.30.14 allows an una ...)
+ TODO: check
+CVE-2025-46626 (Reuse of a static AES key and initialization vector for encrypted traf ...)
+ TODO: check
+CVE-2025-46625 (Lack of input validation/sanitization in the 'setLanCfg' API endpoint ...)
+ TODO: check
+CVE-2025-46569 (Open Policy Agent (OPA) is an open source, general-purpose policy engi ...)
+ TODO: check
+CVE-2025-46568 (Stirling-PDF is a locally hosted web application that allows you to pe ...)
+ TODO: check
+CVE-2025-46567 (LLama Factory enables fine-tuning of large language models. Prior to v ...)
+ TODO: check
+CVE-2025-46566 (DataEase is an open-source BI tool alternative to Tableau. Prior to ve ...)
+ TODO: check
+CVE-2025-46565 (Vite is a frontend tooling framework for javascript. Prior to versions ...)
+ TODO: check
+CVE-2025-46345 (Auth0 Account Link Extension is an extension aimed to help link accoun ...)
+ TODO: check
+CVE-2025-46337 (ADOdb is a PHP database class library that provides abstractions for p ...)
+ TODO: check
+CVE-2025-44867 (Tenda W20E V15.11.0.6 was found to contain a command injection vulnera ...)
+ TODO: check
+CVE-2025-44866 (Tenda W20E V15.11.0.6 was found to contain a command injection vulnera ...)
+ TODO: check
+CVE-2025-44865 (Tenda W20E V15.11.0.6 was found to contain a command injection vulnera ...)
+ TODO: check
+CVE-2025-44864 (Tenda W20E V15.11.0.6 was found to contain a command injection vulnera ...)
+ TODO: check
+CVE-2025-44863 (TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command ...)
+ TODO: check
+CVE-2025-44862 (TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command ...)
+ TODO: check
+CVE-2025-44861 (TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command ...)
+ TODO: check
+CVE-2025-44860 (TOTOLINK CA300-POE V6.2c.884_B20180522 was found to contain a command ...)
+ TODO: check
+CVE-2025-44854 (TOTOLINK CP900 V6.3c.1144_B20190715 was found to contain a command inj ...)
+ TODO: check
+CVE-2025-44848 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44847 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44846 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44845 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44844 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44843 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44842 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44841 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44840 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44839 (TOTOLINK CA600-PoE V5.3c.6665_B20180820 was found to contain a command ...)
+ TODO: check
+CVE-2025-44838 (TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a co ...)
+ TODO: check
+CVE-2025-44837 (TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a co ...)
+ TODO: check
+CVE-2025-44836 (TOTOLINK CPE CP900 V6.3c.1144_B20190715 was discovered to contain a co ...)
+ TODO: check
+CVE-2025-44835 (D-Link DIR-816 A2V1.1.0B05 was found to contain a command injection in ...)
+ TODO: check
+CVE-2025-3890 (The WordPress Simple Shopping Cart plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-3889 (The WordPress Simple Shopping Cart plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-3874 (The WordPress Simple Shopping Cart plugin for WordPress is vulnerable ...)
+ TODO: check
+CVE-2025-3517 (Privilege context switching error in PAM JIT feature in Devolutions Se ...)
+ TODO: check
+CVE-2025-36558 (KUNBUS PiCtory version 2.11.1 and earlier are vulnerable to a cross-si ...)
+ TODO: check
+CVE-2025-36521 (MicroDicom DICOM Viewer is vulnerable to an out-of-bounds read which m ...)
+ TODO: check
+CVE-2025-35996 (KUNBUS PiCtory version 2.11.1 and earlier are vulnerable when an authe ...)
+ TODO: check
+CVE-2025-35975 (MicroDicom DICOM Viewer is vulnerable to an out-of-bounds write which ...)
+ TODO: check
+CVE-2025-32890 (An issue was discovered on goTenna Mesh devices with app 5.5.3 and fir ...)
+ TODO: check
+CVE-2025-32889 (An issue was discovered on goTenna v1 devices with app 5.5.3 and firmw ...)
+ TODO: check
+CVE-2025-32888 (An issue was discovered on goTenna Mesh devices with app 5.5.3 and fir ...)
+ TODO: check
+CVE-2025-32887 (An issue was discovered on goTenna v1 devices with app 5.5.3 and firmw ...)
+ TODO: check
+CVE-2025-32886 (An issue was discovered on goTenna v1 devices with app 5.5.3 and firmw ...)
+ TODO: check
+CVE-2025-32885 (An issue was discovered on goTenna v1 devices with app 5.5.3 and firmw ...)
+ TODO: check
+CVE-2025-32884 (An issue was discovered on goTenna Mesh devices with app 5.5.3 and fir ...)
+ TODO: check
+CVE-2025-32883 (An issue was discovered on goTenna Mesh devices with app 5.5.3 and fir ...)
+ TODO: check
+CVE-2025-32882 (An issue was discovered on goTenna v1 devices with app 5.5.3 and firmw ...)
+ TODO: check
+CVE-2025-32881 (An issue was discovered on goTenna v1 devices with app 5.5.3 and firmw ...)
+ TODO: check
+CVE-2025-32011 (KUNBUS PiCtory versions 2.5.0 through 2.11.1 have an authentication by ...)
+ TODO: check
+CVE-2025-29763
+ REJECTED
+CVE-2025-27007 (Incorrect Privilege Assignment vulnerability in Brainstorm Force SureT ...)
+ TODO: check
+CVE-2025-25016 (Unrestricted file upload in Kibana allows an authenticated attacker to ...)
+ TODO: check
+CVE-2025-24522 (KUNBUS Revolution Pi OS Bookworm 01/2025 is vulnerable because authent ...)
+ TODO: check
+CVE-2025-23254 (NVIDIA TensorRT-LLM for any platform contains a vulnerability in pytho ...)
+ TODO: check
+CVE-2025-23246 (NVIDIA vGPU software for Windows and Linux contains a vulnerability in ...)
+ TODO: check
+CVE-2025-23245 (NVIDIA vGPU software for Windows and Linux contains a vulnerability in ...)
+ TODO: check
+CVE-2025-1529 (The AM LottiePlayer plugin for WordPress is vulnerable to Stored Cross ...)
+ TODO: check
+CVE-2024-52979 (Uncontrolled Resource Consumption in Elasticsearch while evaluating sp ...)
+ TODO: check
+CVE-2024-52976 (Inclusion of functionality from an untrusted control sphere in Elastic ...)
+ TODO: check
+CVE-2024-11994 (APM server logs could contain parts of the document body from a partia ...)
+ TODO: check
+CVE-2024-11390 (Unrestricted upload of a file with dangerous type in Kibana can lead t ...)
+ TODO: check
+CVE-2023-46669 (Exposure of sensitive information to local unauthorized actors in Elas ...)
+ TODO: check
+CVE-2022-49931 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1afac08b39d85437187bb2a92d89a741b1078f55 (6.1-rc4)
-CVE-2022-49930 [RDMA/hns: Fix NULL pointer problem in free_mr_init()]
+CVE-2022-49930 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/12bcaf87d8b66d8cd812479c8a6349dcb245375c (6.1-rc4)
-CVE-2022-49929 [RDMA/rxe: Fix mr leak in RESPST_ERR_RNR]
+CVE-2022-49929 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b5f9a01fae42684648c2ee3cd9985f80c67ab9f7 (6.1-rc4)
-CVE-2022-49928 [SUNRPC: Fix null-ptr-deref when xps sysfs alloc failed]
+CVE-2022-49928 (In the Linux kernel, the following vulnerability has been resolved: S ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cbdeaee94a415800c65a8c3fa04d9664a8b8fb3a (6.1-rc4)
-CVE-2022-49927 [nfs4: Fix kmemleak when allocate slot failed]
+CVE-2022-49927 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/7e8436728e22181c3f12a5dbabd35ed3a8b8c593 (6.1-rc4)
-CVE-2022-49926 [net: dsa: Fix possible memory leaks in dsa_loop_init()]
+CVE-2022-49926 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/633efc8b3dc96f56f5a57f2a49764853a2fa3f50 (6.1-rc4)
-CVE-2022-49925 [RDMA/core: Fix null-ptr-deref in ib_core_cleanup()]
+CVE-2022-49925 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/07c0d131cc0fe1f3981a42958fc52d573d303d89 (6.1-rc4)
-CVE-2022-49924 [nfc: fdp: Fix potential memory leak in fdp_nci_send()]
+CVE-2022-49924 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8e4aae6b8ca76afb1fb64dcb24be44ba814e7f8a (6.1-rc4)
-CVE-2022-49923 [nfc: nxp-nci: Fix potential memory leak in nxp_nci_send()]
+CVE-2022-49923 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/7bf1ed6aff0f70434bd0cdd45495e83f1dffb551 (6.1-rc4)
-CVE-2022-49922 [nfc: nfcmrvl: Fix potential memory leak in nfcmrvl_i2c_nci_send()]
+CVE-2022-49922 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/93d904a734a74c54d945a9884b4962977f1176cd (6.1-rc4)
-CVE-2022-49921 [net: sched: Fix use after free in red_enqueue()]
+CVE-2022-49921 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8bdc2acd420c6f3dd1f1c78750ec989f02a1e2b9 (6.1-rc4)
-CVE-2022-49920 [netfilter: nf_tables: netlink notifier might race to release objects]
+CVE-2022-49920 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d4bc8271db21ea9f1c86a1ca4d64999f184d4aae (6.1-rc4)
-CVE-2022-49919 [netfilter: nf_tables: release flow rule object from commit path]
+CVE-2022-49919 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/26b5934ff4194e13196bedcba373cd4915071d0e (6.1-rc4)
-CVE-2022-49918 [ipvs: fix WARNING in __ip_vs_cleanup_batch()]
+CVE-2022-49918 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3d00c6a0da8ddcf75213e004765e4a42acc71d5d (6.1-rc4)
-CVE-2022-49917 [ipvs: fix WARNING in ip_vs_app_net_cleanup()]
+CVE-2022-49917 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/5663ed63adb9619c98ab7479aa4606fa9b7a548c (6.1-rc4)
-CVE-2022-49916 [rose: Fix NULL pointer dereference in rose_send_frame()]
+CVE-2022-49916 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e97c089d7a49f67027395ddf70bf327eeac2611e (6.1-rc4)
-CVE-2022-49915 [mISDN: fix possible memory leak in mISDN_register_device()]
+CVE-2022-49915 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e7d1d4d9ac0dfa40be4c2c8abd0731659869b297 (6.1-rc4)
-CVE-2022-49914 [btrfs: fix inode list leak during backref walking at resolve_indirect_refs()]
+CVE-2022-49914 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/5614dc3a47e3310fbc77ea3b67eaadd1c6417bf1 (6.1-rc4)
-CVE-2022-49913 [btrfs: fix inode list leak during backref walking at find_parent_nodes()]
+CVE-2022-49913 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/92876eec382a0f19f33d09d2c939e9ca49038ae5 (6.1-rc4)
-CVE-2022-49912 [btrfs: fix ulist leaks in error paths of qgroup self tests]
+CVE-2022-49912 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d37de92b38932d40e4a251e876cc388f9aee5f42 (6.1-rc4)
-CVE-2022-49911 [netfilter: ipset: enforce documented limit to prevent allocating huge memory]
+CVE-2022-49911 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/510841da1fcc16f702440ab58ef0b4d82a9056b7 (6.1-rc4)
-CVE-2022-49910 [Bluetooth: L2CAP: Fix use-after-free caused by l2cap_reassemble_sdu]
+CVE-2022-49910 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3aff8aaca4e36dc8b17eaa011684881a80238966 (6.1-rc4)
-CVE-2022-49909 [Bluetooth: L2CAP: fix use-after-free in l2cap_conn_del()]
+CVE-2022-49909 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0d0e2d032811280b927650ff3c15fe5020e82533 (6.1-rc4)
-CVE-2022-49908 [Bluetooth: L2CAP: Fix memory leak in vhci_write]
+CVE-2022-49908 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7c9524d929648935bac2bbb4c20437df8f9c3f42 (6.1-rc4)
-CVE-2022-49907 [net: mdio: fix undefined behavior in bit shift for __mdiobus_register]
+CVE-2022-49907 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/40e4eb324c59e11fcb927aa46742d28aba6ecb8a (6.1-rc4)
-CVE-2022-49906 [ibmvnic: Free rwi on reset success]
+CVE-2022-49906 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d6dd2fe71153f0ff748bf188bd4af076fe09a0a6 (6.1-rc4)
-CVE-2022-49905 [net/smc: Fix possible leaked pernet namespace in smc_init()]
+CVE-2022-49905 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/62ff373da2534534c55debe6c724c7fe14adb97f (6.1-rc4)
-CVE-2022-49904 [net, neigh: Fix null-ptr-deref in neigh_table_clear()]
+CVE-2022-49904 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/f8017317cb0b279b8ab98b0f3901a2e0ac880dad (6.1-rc4)
-CVE-2022-49903 [ipv6: fix WARNING in ip6_route_net_exit_late()]
+CVE-2022-49903 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/768b3c745fe5789f2430bdab02f35a9ad1148d97 (6.1-rc4)
-CVE-2022-49902 [block: Fix possible memory leak for rq_wb on add_disk failure]
+CVE-2022-49902 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fa81cbafbf5764ad5053512152345fab37a1fe18 (6.1-rc4)
-CVE-2022-49901 [blk-mq: Fix kmemleak in blk_mq_init_allocated_queue]
+CVE-2022-49901 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.8-1
NOTE: https://git.kernel.org/linus/943f45b9399ed8b2b5190cbc797995edaa97f58f (6.1-rc4)
-CVE-2022-49900 [i2c: piix4: Fix adapter not be removed in piix4_remove()]
+CVE-2022-49900 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/569bea74c94d37785682b11bab76f557520477cd (6.1-rc4)
-CVE-2022-49899 [fscrypt: stop using keyrings subsystem for fscrypt_master_key]
+CVE-2022-49899 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d7e7b9af104c7b389a0c21eb26532511bce4b510 (6.1-rc1)
-CVE-2022-49898 [btrfs: fix tree mod log mishandling of reallocated nodes]
+CVE-2022-49898 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.8-1
NOTE: https://git.kernel.org/linus/968b71583130b6104c9f33ba60446d598e327a8b (6.1-rc4)
-CVE-2022-49897 [fscrypt: fix keyring memory leak on mount failure]
+CVE-2022-49897 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ccd30a476f8e864732de220bd50e6f372f5ebcab (6.1-rc3)
-CVE-2022-49896 [cxl/pmem: Fix cxl_pmem_region and cxl_memdev leak]
+CVE-2022-49896 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4d07ae22e79ebc2d7528bbc69daa53b86981cb3a (6.1-rc4)
-CVE-2022-49895 [cxl/region: Fix decoder allocation crash]
+CVE-2022-49895 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/71ee71d7adcba648077997a29a91158d20c40b09 (6.1-rc4)
-CVE-2022-49894 [cxl/region: Fix region HPA ordering validation]
+CVE-2022-49894 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a90accb358ae33ea982a35595573f7a045993f8b (6.1-rc4)
-CVE-2022-49893 [cxl/region: Fix cxl_region leak, cleanup targets at region delete]
+CVE-2022-49893 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0d9e734018d70cecf79e2e4c6082167160a0f13f (6.1-rc4)
-CVE-2022-49892 [ftrace: Fix use-after-free for dynamic ftrace_ops]
+CVE-2022-49892 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0e792b89e6800cd9cb4757a76a96f7ef3e8b6294 (6.1-rc4)
-CVE-2022-49891 [tracing: kprobe: Fix memory leak in test_gen_kprobe/kretprobe_cmd()]
+CVE-2022-49891 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/66f0919c953ef7b55e5ab94389a013da2ce80a2c (6.1-rc4)
-CVE-2022-49890 [capabilities: fix potential memleak on error path from vfs_getxattr_alloc()]
+CVE-2022-49890 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8cf0a1bc12870d148ae830a4ba88cfdf0e879cee (6.1-rc4)
-CVE-2022-49889 [ring-buffer: Check for NULL cpu_buffer in ring_buffer_wake_waiters()]
+CVE-2022-49889 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7433632c9ff68a991bd0bc38cabf354e9d2de410 (6.1-rc4)
-CVE-2022-49888 [arm64: entry: avoid kprobe recursion]
+CVE-2022-49888 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/024f4b2e1f874934943eb2d3d288ebc52c79f55c (6.1-rc4)
-CVE-2022-49887 [media: meson: vdec: fix possible refcount leak in vdec_probe()]
+CVE-2022-49887 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/7718999356234d9cc6a11b4641bb773928f1390f (6.1-rc2)
-CVE-2022-49886 [x86/tdx: Panic on bad configs that #VE on "private" memory access]
+CVE-2022-49886 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/373e715e31bf4e0f129befe87613a278fac228d3 (6.1-rc4)
-CVE-2022-49885 [ACPI: APEI: Fix integer overflow in ghes_estatus_pool_init()]
+CVE-2022-49885 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/43d2748394c3feb86c0c771466f5847e274fc043 (6.1-rc2)
-CVE-2022-49884 [KVM: Initialize gfn_to_pfn_cache locks in dedicated helper]
+CVE-2022-49884 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/52491a38b2c2411f3f0229dc6ad610349c704a41 (6.1-rc4)
-CVE-2022-49883 [KVM: x86: smm: number of GPRs in the SMRAM image depends on the image format]
+CVE-2022-49883 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/696db303e54f7352623d9f640e6c51d8fa9d5588 (6.1-rc4)
-CVE-2022-49882 [KVM: Reject attempts to consume or refresh inactive gfn_to_pfn_cache]
+CVE-2022-49882 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.0.8-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ecbcf030b45666ad11bc98565e71dfbcb7be4393 (6.1-rc4)
-CVE-2022-49881 [wifi: cfg80211: fix memory leak in query_regdb_file()]
+CVE-2022-49881 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/57b962e627ec0ae53d4d16d7bd1033e27e67677a (6.1-rc5)
-CVE-2022-49880 [ext4: fix warning in 'ext4_da_release_space']
+CVE-2022-49880 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1b8f787ef547230a3249bcf897221ef0cc78481b (6.1-rc4)
-CVE-2022-49879 [ext4: fix BUG_ON() when directory entry has invalid rec_len]
+CVE-2022-49879 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.8-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/17a0bc9bd697f75cfdf9b378d5eb2d7409c91340 (6.1-rc4)
-CVE-2022-49878 [bpf, verifier: Fix memory leak in array reallocation for stack state]
+CVE-2022-49878 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/42378a9ca55347102bbf86708776061d8fe3ece2 (6.1-rc5)
-CVE-2022-49877 [bpf, sockmap: Fix the sk->sk_forward_alloc warning of sk_stream_kill_queues]
+CVE-2022-49877 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8ec95b94716a1e4d126edc3fb2bc426a717e2dba (6.1-rc5)
-CVE-2022-49876 [wifi: mac80211: fix general-protection-fault in ieee80211_subif_start_xmit()]
+CVE-2022-49876 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/780854186946e0de2be192ee7fa5125666533b3a (6.1-rc5)
-CVE-2022-49875 [bpftool: Fix NULL pointer dereference when pin {PROG, MAP, LINK} without FILE]
+CVE-2022-49875 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/34de8e6e0e1f66e431abf4123934a2581cb5f133 (6.1-rc5)
-CVE-2022-49874 [HID: hyperv: fix possible memory leak in mousevsc_probe()]
+CVE-2022-49874 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/b5bcb94b0954a026bbd671741fdb00e7141f9c91 (6.1-rc5)
-CVE-2022-49873 [bpf: Fix wrong reg type conversion in release_reference()]
+CVE-2022-49873 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/f1db20814af532f85e091231223e5e4818e8464b (6.1-rc5)
-CVE-2022-49872 [net: gso: fix panic on frag_list with mixed head alloc types]
+CVE-2022-49872 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9e4b7a99a03aefd37ba7bb1f022c8efab5019165 (6.1-rc5)
-CVE-2022-49871 [net: tun: Fix memory leaks of napi_get_frags]
+CVE-2022-49871 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1118b2049d77ca0b505775fc1a8d1909cf19a7ec (6.1-rc5)
-CVE-2022-49870 [capabilities: fix undefined behavior in bit shift for CAP_TO_MASK]
+CVE-2022-49870 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/46653972e3ea64f79e7f8ae3aa41a4d3fdb70a13 (6.1-rc5)
-CVE-2022-49869 [bnxt_en: Fix possible crash in bnxt_hwrm_set_coal()]
+CVE-2022-49869 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/6d81ea3765dfa6c8a20822613c81edad1c4a16a0 (6.1-rc5)
-CVE-2022-49868 [phy: ralink: mt7621-pci: add sentinel to quirks table]
+CVE-2022-49868 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/819b885cd886c193782891c4f51bbcab3de119a4 (6.1-rc5)
-CVE-2022-49867 [net: wwan: iosm: fix memory leak in ipc_wwan_dellink]
+CVE-2022-49867 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f25caaca424703d5a0607310f0452f978f1f78d9 (6.1-rc5)
-CVE-2022-49866 [net: wwan: mhi: fix memory leak in mhi_mbim_dellink]
+CVE-2022-49866 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/668205b9c9f94d5ed6ab00cce9a46a654c2b5d16 (6.1-rc5)
-CVE-2022-49865 [ipv6: addrlabel: fix infoleak when sending struct ifaddrlblmsg to network]
+CVE-2022-49865 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/c23fb2c82267638f9d206cb96bb93e1f93ad7828 (6.1-rc5)
-CVE-2022-49864 [drm/amdkfd: Fix NULL pointer dereference in svm_migrate_to_ram()]
+CVE-2022-49864 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/5b994354af3cab770bf13386469c5725713679af (6.1-rc4)
-CVE-2022-49863 [can: af_can: fix NULL pointer dereference in can_rx_register()]
+CVE-2022-49863 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8aa59e355949442c408408c2d836e561794c40a1 (6.1-rc5)
-CVE-2022-49862 [tipc: fix the msg->req tlv len check in tipc_nl_compat_name_table_dump_header]
+CVE-2022-49862 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1c075b192fe41030457cd4a5f7dea730412bca40 (6.1-rc5)
-CVE-2022-49861 [dmaengine: mv_xor_v2: Fix a resource leak in mv_xor_v2_remove()]
+CVE-2022-49861 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/081195d17a0c4c636da2b869bd5809d42e8cbb13 (6.1-rc5)
-CVE-2022-49860 [dmaengine: ti: k3-udma-glue: fix memory leak when register device fail]
+CVE-2022-49860 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ac2b9f34f02052709aea7b34bb2a165e1853eb41 (6.1-rc5)
-CVE-2022-49859 [net: lapbether: fix issue of invalid opcode in lapbeth_open()]
+CVE-2022-49859 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3faf7e14ec0c3462c2d747fa6793b8645d1391df (6.1-rc5)
-CVE-2022-49858 [octeontx2-pf: Fix SQE threshold checking]
+CVE-2022-49858 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/f0dfc4c88ef39be0ba736aa0ce6119263fc19aeb (6.1-rc5)
-CVE-2022-49857 [net: marvell: prestera: fix memory leak in prestera_rxtx_switch_init()]
+CVE-2022-49857 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/519b58bbfa825f042fcf80261cc18e1e35f85ffd (6.1-rc5)
-CVE-2022-49856 [net: tun: call napi_schedule_prep() to ensure we own a napi]
+CVE-2022-49856 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/07d120aa33cc9d9115753d159f64d20c94458781 (6.1-rc5)
-CVE-2022-49855 [net: wwan: iosm: fix memory leak in ipc_pcie_read_bios_cfg]
+CVE-2022-49855 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d38a648d2d6cc7bee11c6f533ff9426a00c2a74c (6.1-rc5)
-CVE-2022-49854 [mctp: Fix an error handling path in mctp_init()]
+CVE-2022-49854 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d4072058af4fd8fb4658e7452289042a406a9398 (6.1-rc5)
-CVE-2022-49853 [net: macvlan: fix memory leaks of macvlan_common_newlink]
+CVE-2022-49853 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/23569b5652ee8e8e55a12f7835f59af6f3cefc30 (6.1-rc5)
-CVE-2022-49852 [riscv: process: fix kernel info leakage]
+CVE-2022-49852 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/6510c78490c490a6636e48b61eeaa6fb65981f4b (6.1-rc5)
-CVE-2022-49851 [riscv: fix reserved memory setup]
+CVE-2022-49851 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/50e63dd8ed92045eb70a72d7ec725488320fb68b (6.1-rc5)
-CVE-2022-49850 [nilfs2: fix deadlock in nilfs_count_free_blocks()]
+CVE-2022-49850 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8ac932a4921a96ca52f61935dbba64ea87bbd5dc (6.1-rc5)
-CVE-2022-49849 [btrfs: fix match incorrectly in dev_args_match_device]
+CVE-2022-49849 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0fca385d6ebc3cabb20f67bcf8a71f1448bdc001 (6.1-rc5)
-CVE-2022-49848 [phy: qcom-qmp-combo: fix NULL-deref on runtime resume]
+CVE-2022-49848 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/04948e757148f870a31f4887ea2239403f516c3c (6.1-rc5)
-CVE-2022-49847 [net: ethernet: ti: am65-cpsw: Fix segmentation fault at module unload]
+CVE-2022-49847 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1a0c016a4831ea29be09bbc8162d4a2a0690b4b8 (6.1-rc5)
-CVE-2022-49846 [udf: Fix a slab-out-of-bounds write bug in udf_find_entry()]
+CVE-2022-49846 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/c8af247de385ce49afabc3bf1cf4fd455c94bfe8 (6.1-rc5)
-CVE-2022-49845 [can: j1939: j1939_send_one(): fix missing CAN header initialization]
+CVE-2022-49845 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3eb3d283e8579a22b81dd2ac3987b77465b2a22f (6.1-rc5)
-CVE-2022-49844 [can: dev: fix skb drop check]
+CVE-2022-49844 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ae64438be1923e3c1102d90fd41db7afcfaf54cc (6.1-rc5)
-CVE-2022-49843 [drm/amdkfd: Migrate in CPU page fault use current mm]
+CVE-2022-49843 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3a876060892ba52dd67d197c78b955e62657d906 (6.1-rc1)
-CVE-2022-49842 [ASoC: core: Fix use-after-free in snd_soc_exit()]
+CVE-2022-49842 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/6ec27c53886c8963729885bcf2dd996eba2767a7 (6.1-rc6)
-CVE-2022-49841 [serial: imx: Add missing .thaw_noirq hook]
+CVE-2022-49841 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/4561d8008a467cb05ac632a215391d6b787f40aa (6.1-rc6)
-CVE-2022-49840 [bpf, test_run: Fix alignment problem in bpf_prog_test_run_skb()]
+CVE-2022-49840 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d3fd203f36d46aa29600a72d57a1b61af80e4a25 (6.1-rc6)
-CVE-2022-49839 [scsi: scsi_transport_sas: Fix error handling in sas_phy_add()]
+CVE-2022-49839 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/5d7bebf2dfb0dc97aac1fbace0910e557ecdb16f (6.1-rc5)
-CVE-2022-49838 [sctp: clear out_curr if all frag chunks of current msg are pruned]
+CVE-2022-49838 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2f201ae14ae0f91dbf1cffea7bb1e29e81d4d108 (6.1-rc5)
-CVE-2022-49837 [bpf: Fix memory leaks in __check_func_call]
+CVE-2022-49837 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/eb86559a691cea5fa63e57a03ec3dc9c31e97955 (6.1-rc6)
-CVE-2022-49836 [siox: fix possible memory leak in siox_device_add()]
+CVE-2022-49836 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/6e63153db50059fb78b8a8447b132664887d24e3 (6.1-rc6)
-CVE-2022-49835 [ALSA: hda: fix potential memleak in 'add_widget_node']
+CVE-2022-49835 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9a5523f72bd2b0d66eef3d58810c6eb7b5ffc143 (6.1-rc5)
-CVE-2022-49834 [nilfs2: fix use-after-free bug of ns_writer on remount]
+CVE-2022-49834 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8cccf05fe857a18ee26e20d11a8455a73ffd4efd (6.1-rc5)
-CVE-2022-49833 [btrfs: zoned: clone zoned device info when cloning a device]
+CVE-2022-49833 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/21e61ec6d0bb786818490e926aa9aeb4de95ad0d (6.1-rc5)
-CVE-2022-49832 [pinctrl: devicetree: fix null pointer dereferencing in pinctrl_dt_to_map]
+CVE-2022-49832 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/91d5c5060ee24fe8da88cd585bb43b843d2f0dce (6.1-rc6)
-CVE-2022-49831 [btrfs: zoned: initialize device's zone info for seeding]
+CVE-2022-49831 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/a8d1b1647bf8244a5f270538e9e636e2657fffa3 (6.1-rc5)
-CVE-2022-49830 [drm/drv: Fix potential memory leak in drm_dev_init()]
+CVE-2022-49830 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ff963634f7b2e0dc011349abb3fb81a0d074f443 (6.1-rc6)
-CVE-2022-49829 [drm/scheduler: fix fence ref counting]
+CVE-2022-49829 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/b3af84383e7abdc5e63435817bb73a268e7c3637 (6.1-rc3)
-CVE-2022-49828 [hugetlbfs: don't delete error page from pagecache]
+CVE-2022-49828 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/8625147cafaa9ba74713d682f5185eb62cb2aedb (6.1-rc5)
-CVE-2022-49827 [drm: Fix potential null-ptr-deref in drm_vblank_destroy_worker()]
+CVE-2022-49827 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/4979524f5a2a8210e87fde2f642b0dc060860821 (6.1-rc6)
-CVE-2022-49826 [ata: libata-transport: fix double ata_host_put() in ata_tport_add()]
+CVE-2022-49826 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/8c76310740807ade5ecdab5888f70ecb6d35732e (6.1-rc5)
-CVE-2022-49825 [ata: libata-transport: fix error handling in ata_tport_add()]
+CVE-2022-49825 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3613dbe3909dcc637fe6be00e4dc43b4aa0470ee (6.1-rc5)
-CVE-2022-49824 [ata: libata-transport: fix error handling in ata_tlink_add()]
+CVE-2022-49824 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/cf0816f6322c5c37ee52655f928e91ecf32da103 (6.1-rc5)
-CVE-2022-49823 [ata: libata-transport: fix error handling in ata_tdev_add()]
+CVE-2022-49823 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1ff36351309e3eadcff297480baf4785e726de9b (6.1-rc5)
-CVE-2022-49822 [cifs: Fix connections leak when tlink setup failed]
+CVE-2022-49822 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/1dcdf5f5b2137185cbdd5385f29949ab3da4f00c (6.1-rc6)
-CVE-2022-49821 [mISDN: fix possible memory leak in mISDN_dsp_element_register()]
+CVE-2022-49821 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/98a2ac1ca8fd6eca6867726fe238d06e75eb1acd (6.1-rc6)
-CVE-2022-49820 [mctp i2c: don't count unused / invalid keys for flow release]
+CVE-2022-49820 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9cbd48d5fa14e4c65f8580de16686077f7cea02b (6.1-rc6)
-CVE-2022-49819 [octeon_ep: fix potential memory leak in octep_device_setup()]
+CVE-2022-49819 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e4041be97b15302ebfffda8bbd45f3b2d096048f (6.1-rc6)
-CVE-2022-49818 [mISDN: fix misuse of put_device() in mISDN_register_device()]
+CVE-2022-49818 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2d25107e111a85c56f601a5470f1780ec054e6ac (6.1-rc6)
-CVE-2022-49817 [net: mhi: Fix memory leak in mhi_net_dellink()]
+CVE-2022-49817 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f7c125bd79f50ec6094761090be81d02726ec6f4 (6.1-rc6)
-CVE-2022-49816 [xen/pcpu: fix possible memory leak in register_pcpu()]
+CVE-2022-49816 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/da36a2a76b01b210ffaa55cdc2c99bc8783697c5 (6.1-rc6)
-CVE-2022-49815 [erofs: fix missing xas_retry() in fscache mode]
+CVE-2022-49815 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/37020bbb71d911431e16c2c940b97cf86ae4f2f6 (6.1-rc6)
-CVE-2022-49814 [kcm: close race conditions on sk_receive_queue]
+CVE-2022-49814 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/5121197ecc5db58c07da95eb1ff82b98b121a221 (6.1-rc6)
-CVE-2022-49813 [net: ena: Fix error handling in ena_init()]
+CVE-2022-49813 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d349e9be5a2c2d7588a2c4e4bfa0bb3dc1226769 (6.1-rc6)
-CVE-2022-49812 [bridge: switchdev: Fix memory leaks when changing VLAN protocol]
+CVE-2022-49812 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/9d45921ee4cb364910097e7d1b7558559c2f9fd2 (6.1-rc6)
-CVE-2022-49811 [drbd: use after free in drbd_create_device()]
+CVE-2022-49811 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/a7a1598189228b5007369a9622ccdf587be0730f (6.1-rc6)
-CVE-2022-49810 [netfs: Fix missing xas_retry() calls in xarray iteration]
+CVE-2022-49810 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7e043a80b5dae5c2d2cf84031501de7827fd6c00 (6.1-rc6)
-CVE-2022-49809 [net/x25: Fix skb leak in x25_lapb_receive_frame()]
+CVE-2022-49809 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2929cceb2fcf0ded7182562e4888afafece82cce (6.1-rc6)
-CVE-2022-49808 [net: dsa: don't leak tagger-owned storage on switch driver unbind]
+CVE-2022-49808 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4e0c19fcb8b5323716140fa82b79aa9f60e60407 (6.1-rc6)
-CVE-2022-49807 [nvmet: fix a memory leak in nvmet_auth_set_key]
+CVE-2022-49807 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0a52566279b4ee65ecd2503d7b7342851f84755c (6.1-rc6)
-CVE-2022-49806 [net: microchip: sparx5: Fix potential null-ptr-deref in sparx_stats_init() and sparx5_start()]
+CVE-2022-49806 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/639f5d006e36bb303f525d9479448c412b720c39 (6.1-rc6)
-CVE-2022-49805 [net: lan966x: Fix potential null-ptr-deref in lan966x_stats_init()]
+CVE-2022-49805 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/ba86af3733aece88dbcee0dfebf7e2dcfefb2be4 (6.1-rc6)
-CVE-2022-49804 [s390: avoid using global register for current_stack_pointer]
+CVE-2022-49804 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e3c11025bcd2142a61abe5806b2f86a0e78118df (6.1-rc6)
-CVE-2022-49803 [netdevsim: Fix memory leak of nsim_dev->fa_cookie]
+CVE-2022-49803 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/064bc7312bd09a48798418663090be0c776183db (6.1-rc6)
-CVE-2022-49802 [ftrace: Fix null pointer dereference in ftrace_add_mod()]
+CVE-2022-49802 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/19ba6c8af9382c4c05dc6a0a79af3013b9a35cd0 (6.1-rc6)
-CVE-2022-49801 [tracing: Fix memory leak in tracing_read_pipe()]
+CVE-2022-49801 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/649e72070cbbb8600eb823833e4748f5a0815116 (6.1-rc6)
-CVE-2022-49800 [tracing: Fix memory leak in test_gen_synth_cmd() and test_empty_synth_event()]
+CVE-2022-49800 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/a4527fef9afe5c903c718d0cd24609fe9c754250 (6.1-rc6)
-CVE-2022-49799 [tracing: Fix wild-memory-access in register_synth_event()]
+CVE-2022-49799 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1b5f1c34d3f5a664a57a5a7557a50e4e3cc2505c (6.1-rc6)
-CVE-2022-49798 [tracing: Fix race where eprobes can be called before the event]
+CVE-2022-49798 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/94eedf3dded5fb472ce97bfaf3ac1c6c29c35d26 (6.1-rc6)
-CVE-2022-49797 [tracing: kprobe: Fix potential null-ptr-deref on trace_event_file in kprobe_event_gen_test_exit()]
+CVE-2022-49797 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e0d75267f59d7084e0468bd68beeb1bf9c71d7c0 (6.1-rc6)
-CVE-2022-49796 [tracing: kprobe: Fix potential null-ptr-deref on trace_array in kprobe_event_gen_test_exit()]
+CVE-2022-49796 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/22ea4ca9631eb137e64e5ab899e9c89cb6670959 (6.1-rc6)
-CVE-2022-49795 [rethook: fix a potential memleak in rethook_alloc()]
+CVE-2022-49795 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0a1ebe35cb3b7aa1f4b26b37e2a0b9ae68dc4ffb (6.1-rc6)
-CVE-2022-49794 [iio: adc: at91_adc: fix possible memory leak in at91_adc_allocate_trigger()]
+CVE-2022-49794 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/65f20301607d07ee279b0804d11a05a62a6c1a1c (6.1-rc6)
-CVE-2022-49793 [iio: trigger: sysfs: fix possible memory leak in iio_sysfs_trig_init()]
+CVE-2022-49793 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/efa17e90e1711bdb084e3954fa44afb6647331c0 (6.1-rc6)
-CVE-2022-49792 [iio: adc: mp2629: fix potential array out of bound access]
+CVE-2022-49792 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ca1547ab15f48dc81624183ae17a2fd1bad06dfc (6.1-rc6)
-CVE-2022-49791 [io_uring: fix multishot accept request leaks]
+CVE-2022-49791 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/91482864768a874c4290ef93b84a78f4f1dac51b (6.1-rc6)
-CVE-2022-49790 [Input: iforce - invert valid length check when fetching device IDs]
+CVE-2022-49790 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/b8ebf250997c5fb253582f42bfe98673801ebebd (6.1-rc6)
-CVE-2022-49789 [scsi: zfcp: Fix double free of FSF request when qdio send fails]
+CVE-2022-49789 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0954256e970ecf371b03a6c9af2cf91b9c4085ff (6.1-rc6)
-CVE-2022-49788 [misc/vmw_vmci: fix an infoleak in vmci_host_do_receive_datagram()]
+CVE-2022-49788 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/e5b0d06d9b10f5f43101bd6598b076c347f9295f (6.1-rc6)
-CVE-2022-49787 [mmc: sdhci-pci: Fix possible memory leak caused by missing pci_dev_put()]
+CVE-2022-49787 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/222cfa0118aa68687ace74aab8fdf77ce8fbd7e6 (6.1-rc6)
-CVE-2022-49786 [blk-cgroup: properly pin the parent in blkcg_css_online]
+CVE-2022-49786 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d7dbd43f4a828fa1d9a8614d5b0ac40aee6375fe (6.1-rc6)
-CVE-2022-49785 [x86/sgx: Add overflow check in sgx_validate_offset_length()]
+CVE-2022-49785 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f0861f49bd946ff94fce4f82509c45e167f63690 (6.1-rc6)
-CVE-2022-49784 [perf/x86/amd/uncore: Fix memory leak for events array]
+CVE-2022-49784 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/bdfe34597139cfcecd47a2eb97fea44d77157491 (6.1-rc6)
-CVE-2022-49783 [x86/fpu: Drop fpregs lock before inheriting FPU permissions]
+CVE-2022-49783 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/36b038791e1e2baea892e9276588815fd14894b4 (6.1-rc6)
-CVE-2022-49782 [perf: Improve missing SIGTRAP checking]
+CVE-2022-49782 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/bb88f9695460bec25aa30ba9072595025cf6c8af (6.1-rc6)
-CVE-2022-49781 [perf/x86/amd: Fix crash due to race between amd_pmu_enable_all, perf NMI and throttling]
+CVE-2022-49781 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/baa014b9543c8e5e94f5d15b66abfe60750b8284 (6.1-rc6)
-CVE-2022-49780 [scsi: target: tcm_loop: Fix possible name leak in tcm_loop_setup_hba_bus()]
+CVE-2022-49780 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/bc68e428d4963af0201e92159629ab96948f0893 (6.1-rc6)
-CVE-2022-49779 [kprobes: Skip clearing aggrprobe's post_handler in kprobe-on-ftrace case]
+CVE-2022-49779 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/5dd7caf0bdc5d0bae7cf9776b4d739fb09bd5ebb (6.1-rc6)
-CVE-2022-49778 [arm64/mm: fix incorrect file_map_count for non-leaf pmd/pud]
+CVE-2022-49778 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5b47348fc0b18a78c96f8474cc90b7525ad1bbfe (6.1-rc6)
-CVE-2022-49777 [Input: i8042 - fix leaking of platform device on module removal]
+CVE-2022-49777 (In the Linux kernel, the following vulnerability has been resolved: I ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/81cd7e8489278d28794e7b272950c3e00c344e44 (6.1-rc6)
-CVE-2022-49776 [macvlan: enforce a consistent minimal mtu]
+CVE-2022-49776 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/b64085b00044bdf3cd1c9825e9ef5b2e0feae91a (6.1-rc1)
-CVE-2022-49775 [tcp: cdg: allow tcp_cdg_release() to be called multiple times]
+CVE-2022-49775 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/72e560cb8c6f80fc2b4afc5d3634a32465e13a51 (6.1-rc1)
-CVE-2022-49774 [KVM: x86/xen: Fix eventfd error handling in kvm_xen_eventfd_assign()]
+CVE-2022-49774 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.0.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7353633814f6e5b4899fb9ee1483709d6bb0e1cd (6.1-rc4)
-CVE-2022-49773 [drm/amd/display: Fix optc2_configure warning on dcn314]
+CVE-2022-49773 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/e7e4f77c991c9abf90924929a9d55f90b0bb78de (6.1-rc6)
-CVE-2022-49772 [ALSA: usb-audio: Drop snd_BUG_ON() from snd_usbmidi_output_open()]
+CVE-2022-49772 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ad72c3c3f6eb81d2cb189ec71e888316adada5df (6.1-rc6)
-CVE-2022-49771 [dm ioctl: fix misbehavior if list_versions races with module loading]
+CVE-2022-49771 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/4fe1ec995483737f3d2a14c3fe1d8fe634972979 (6.1-rc6)
-CVE-2022-49770 [ceph: avoid putting the realm twice when decoding snaps fails]
+CVE-2022-49770 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/51884d153f7ec85e18d607b2467820a90e0f4359 (6.1-rc6)
-CVE-2022-49769 [gfs2: Check sb_bsize_shift after reading superblock]
+CVE-2022-49769 (In the Linux kernel, the following vulnerability has been resolved: g ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/670f8ce56dd0632dc29a0322e188cc73ce3c6b92 (6.1-rc1)
-CVE-2022-49768 [9p: trans_fd/p9_conn_cancel: drop client lock earlier]
+CVE-2022-49768 (In the Linux kernel, the following vulnerability has been resolved: 9 ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/52f1c45dde9136f964d63a77d19826c8a74e2c7f (6.1-rc1)
-CVE-2022-49767 [9p/trans_fd: always use O_NONBLOCK read/write]
+CVE-2022-49767 (In the Linux kernel, the following vulnerability has been resolved: 9 ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/ef575281b21e9a34dfae544a187c6aac2ae424a9 (6.1-rc1)
-CVE-2022-49766 [netlink: Bounds-check struct nlmsgerr creation]
+CVE-2022-49766 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/710d21fdff9a98d621cd4e64167f3ef8af4e2fd1 (6.1-rc1)
-CVE-2022-49765 [net/9p: use a dedicated spinlock for trans_fd]
+CVE-2022-49765 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/296ab4a813841ba1d5f40b03190fd1bd8f25aab0 (6.1-rc1)
-CVE-2022-49764 [bpf: Prevent bpf program recursion for raw tracepoint probes]
+CVE-2022-49764 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.10-1
NOTE: https://git.kernel.org/linus/05b24ff9b2cfabfcfd951daaa915a036ab53c9e1 (6.1-rc1)
-CVE-2022-49763 [ntfs: fix use-after-free in ntfs_attr_find()]
+CVE-2022-49763 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d85a1bec8e8d552ab13163ca1874dcd82f3d1550 (6.1-rc1)
-CVE-2022-49762 [ntfs: check overflow when iterating ATTR_RECORDs]
+CVE-2022-49762 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.10-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/63095f4f3af59322bea984a6ae44337439348fe0 (6.1-rc1)
-CVE-2020-36790 [nvmet: fix a memory leak]
+CVE-2020-36790 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 5.8.7-1
NOTE: https://git.kernel.org/linus/382fee1a8b623e2546a3e15e80517389e0e0673e (5.9-rc3)
-CVE-2025-37796 [wifi: at76c50x: fix use after free access in at76_disconnect]
+CVE-2025-37796 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/27c7e63b3cb1a20bb78ed4a36c561ea4579fd7da (6.15-rc3)
-CVE-2025-37795 [wifi: mac80211: Update skb's control block key in ieee80211_tx_dequeue()]
+CVE-2025-37795 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/a104042e2bf6528199adb6ca901efe7b60c2c27f (6.15-rc3)
-CVE-2025-37794 [wifi: mac80211: Purge vif txq in ieee80211_do_stop()]
+CVE-2025-37794 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/378677eb8f44621ecc9ce659f7af61e5baa94d81 (6.15-rc3)
-CVE-2025-37793 [ASoC: Intel: avs: Fix null-ptr-deref in avs_component_probe()]
+CVE-2025-37793 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/95f723cf141b95e3b3a5b92cf2ea98a863fe7275 (6.15-rc3)
-CVE-2025-37792 [Bluetooth: btrtl: Prevent potential NULL dereference]
+CVE-2025-37792 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/324dddea321078a6eeb535c2bff5257be74c9799 (6.15-rc3)
-CVE-2025-37791 [ethtool: cmis_cdb: use correct rpl size in ethtool_cmis_module_poll()]
+CVE-2025-37791 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f3fdd4fba16c74697d8bc730b82fb7c1eff7fab3 (6.15-rc3)
-CVE-2025-37790 [net: mctp: Set SOCK_RCU_FREE]
+CVE-2025-37790 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/52024cd6ec71a6ca934d0cc12452bd8d49850679 (6.15-rc3)
-CVE-2025-37789 [net: openvswitch: fix nested key length validation in the set() action]
+CVE-2025-37789 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/65d91192aa66f05710cfddf6a14b5a25ee554dba (6.15-rc3)
-CVE-2025-37788 [cxgb4: fix memory leak in cxgb4_init_ethtool_filters() error path]
+CVE-2025-37788 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/00ffb3724ce743578163f5ade2884374554ca021 (6.15-rc3)
-CVE-2025-37787 [net: dsa: mv88e6xxx: avoid unregistering devlink regions which were never registered]
+CVE-2025-37787 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c84f6ce918a9e6f4996597cbc62536bbf2247c96 (6.15-rc3)
-CVE-2025-37786 [net: dsa: free routing table on probe failure]
+CVE-2025-37786 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/8bf108d7161ffc6880ad13a0cc109de3cf631727 (6.15-rc3)
-CVE-2025-37784 [net: ti: icss-iep: Fix possible NULL pointer dereference for perout request]
+CVE-2025-37784 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7349c9e9979333abfce42da5f9025598083b59c9 (6.15-rc3)
-CVE-2025-37783 [drm/msm/dpu: Fix error pointers in dpu_plane_virtual_atomic_check]
+CVE-2025-37783 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5cb1b130e1cd04239cc9c26a98279f4660dce583 (6.15-rc3)
-CVE-2025-37782 [hfs/hfsplus: fix slab-out-of-bounds in hfs_bnode_read_key]
+CVE-2025-37782 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/bb5e07cb927724e0b47be371fa081141cfb14414 (6.15-rc3)
-CVE-2025-37781 [i2c: cros-ec-tunnel: defer probe if parent EC is not present]
+CVE-2025-37781 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/424eafe65647a8d6c690284536e711977153195a (6.15-rc3)
-CVE-2025-37780 [isofs: Prevent the use of too small fid]
+CVE-2025-37780 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/0405d4b63d082861f4eaff9d39c78ee9dc34f845 (6.15-rc3)
-CVE-2025-37779 [lib/iov_iter: fix to increase non slab folio refcount]
+CVE-2025-37779 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/770c8d55c42868239c748a3ebc57c9e37755f842 (6.15-rc3)
-CVE-2025-37778 [ksmbd: Fix dangling pointer in krb_authenticate]
+CVE-2025-37778 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/1e440d5b25b7efccb3defe542a73c51005799a5f (6.15-rc3)
-CVE-2025-37777 [ksmbd: fix use-after-free in __smb2_lease_break_noti()]
+CVE-2025-37777 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/21a4e47578d44c6b37c4fc4aba8ed7cc8dbb13de (6.15-rc3)
-CVE-2025-37776 [ksmbd: fix use-after-free in smb_break_all_levII_oplock()]
+CVE-2025-37776 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/18b4fac5ef17f77fed9417d22210ceafd6525fc7 (6.15-rc3)
-CVE-2025-37775 [ksmbd: fix the warning from __kernel_write_iter]
+CVE-2025-37775 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/b37f2f332b40ad1c27f18682a495850f2f04db0a (6.15-rc3)
-CVE-2025-37774 [slab: ensure slab->obj_exts is clear in a newly allocated slab page]
+CVE-2025-37774 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d2f5819b6ed357c0c350c0616b6b9f38be59adf6 (6.15-rc3)
-CVE-2025-37773 [virtiofs: add filesystem context source name check]
+CVE-2025-37773 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/a94fd938df2b1628da66b498aa0eeb89593bc7a2 (6.15-rc3)
-CVE-2025-37772 [RDMA/cma: Fix workqueue crash in cma_netevent_work_handler]
+CVE-2025-37772 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/45f5dcdd049719fb999393b30679605f16ebce14 (6.15-rc3)
-CVE-2025-37771 [drm/amd/pm: Prevent division by zero]
+CVE-2025-37771 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7d641c2b83275d3b0424127b2e0d2d0f7dd82aef (6.15-rc1)
-CVE-2025-37770 [drm/amd/pm: Prevent division by zero]
+CVE-2025-37770 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/4b8c3c0d17c07f301011e2908fecd2ebdcfe3d1c (6.15-rc1)
-CVE-2025-37769 [drm/amd/pm/smu11: Prevent division by zero]
+CVE-2025-37769 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7ba88b5cccc1a99c1afb96e31e7eedac9907704c (6.15-rc2)
-CVE-2025-37768 [drm/amd/pm: Prevent division by zero]
+CVE-2025-37768 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/7c246a05df51c52fe0852ce56ba10c41e6ed1f39 (6.15-rc1)
-CVE-2025-37767 [drm/amd/pm: Prevent division by zero]
+CVE-2025-37767 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f23e9116ebb71b63fe9cec0dcac792aa9af30b0c (6.15-rc1)
-CVE-2025-37766 [drm/amd/pm: Prevent division by zero]
+CVE-2025-37766 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/4e3d9508c056d7e0a56b58d5c81253e2a0d22b6c (6.15-rc1)
-CVE-2025-37765 [drm/nouveau: prime: fix ttm_bo_delayed_delete oops]
+CVE-2025-37765 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/8ec0fbb28d049273bfd4f1e7a5ae4c74884beed3 (6.15-rc2)
-CVE-2025-37764 [drm/imagination: fix firmware memory leaks]
+CVE-2025-37764 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a5b230e7f3a55bd8bd8d012eec75a4b7baa671d5 (6.15-rc2)
-CVE-2025-37763 [drm/imagination: take paired job reference]
+CVE-2025-37763 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4ba2abe154ef68f9612eee9d6fbfe53a1736b064 (6.15-rc2)
-CVE-2025-37762 [drm/virtio: Fix missed dmabuf unpinning in error path of prepare_fb()]
+CVE-2025-37762 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/395cc80051f8da267b27496a4029dd931a198855 (6.15-rc2)
-CVE-2025-37761 [drm/xe: Fix an out-of-bounds shift when invalidating TLB]
+CVE-2025-37761 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7bcfeddb36b77f9fe3b010bb0b282b7618420bba (6.15-rc2)
-CVE-2025-37760 [mm/vma: add give_up_on_oom option on modify/merge, use in uffd release]
+CVE-2025-37760 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/41e6ddcaa0f18dda4c3fadf22533775a30d6f72f (6.15-rc3)
-CVE-2025-37759 [ublk: fix handling recovery Description: reissue in ublk_abort_queue()]
+CVE-2025-37759 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6ee6bd5d4fce502a5b5a2ea805e9ff16e6aa890f (6.15-rc2)
-CVE-2025-37758 [ata: pata_pxa: Fix potential NULL pointer dereference in pxa_ata_probe()]
+CVE-2025-37758 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/ad320e408a8c95a282ab9c05cdf0c9b95e317985 (6.15-rc2)
-CVE-2025-37757 [tipc: fix memory leak in tipc_link_xmit]
+CVE-2025-37757 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/69ae94725f4fc9e75219d2d69022029c5b24bc9a (6.15-rc2)
-CVE-2025-37756 [net: tls: explicitly disallow disconnect]
+CVE-2025-37756 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/5071a1e606b30c0c11278d3c6620cd6a24724cf6 (6.15-rc2)
-CVE-2025-37755 [net: libwx: handle page_pool_dev_alloc_pages error]
+CVE-2025-37755 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7f1ff1b38a7c8b872382b796023419d87d78c47e (6.15-rc2)
-CVE-2025-37754 [drm/i915/huc: Fix fence not released on early probe errors]
+CVE-2025-37754 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e3ea2eae70692a455e256787e4f54153fb739b90 (6.15-rc2)
-CVE-2025-37753 [s390/cpumf: Fix double free on error in cpumf_pmu_event_init()]
+CVE-2025-37753 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/aa1ac98268cd1f380c713f07e39b1fa1d5c7650c (6.15-rc2)
-CVE-2025-37752 [net_sched: sch_sfq: move the limit validation]
+CVE-2025-37752 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b3bf8f63e6179076b57c9de660c9f80b5abefe70 (6.15-rc2)
-CVE-2025-37751 [x86/cpu: Avoid running off the end of an AMD erratum table]
+CVE-2025-37751 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f0df00ebc57f803603f2a2e0df197e51f06fbe90 (6.15-rc2)
-CVE-2025-37750 [smb: client: fix UAF in decryption with multichannel]
+CVE-2025-37750 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9502dd5c7029902f4a425bf959917a5a9e7c0e50 (6.15-rc2)
-CVE-2025-37749 [net: ppp: Add bound checking for skb data on ppp_sync_txmung]
+CVE-2025-37749 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/aabc6596ffb377c4c9c8f335124b92ea282c9821 (6.15-rc2)
-CVE-2025-37748 [iommu/mediatek: Fix NULL pointer deference in mtk_iommu_device_group]
+CVE-2025-37748 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/38e8844005e6068f336a3ad45451a562a0040ca1 (6.15-rc2)
-CVE-2025-37747 [perf: Fix hang while freeing sigtrap event]
+CVE-2025-37747 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/56799bc035658738f362acec3e7647bb84e68933 (6.15-rc2)
-CVE-2025-37746 [perf/dwc_pcie: fix duplicate pci_dev devices]
+CVE-2025-37746 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/7f35b429802a8065aa61e2a3f567089649f4d98e (6.15-rc1)
-CVE-2025-37745 [PM: hibernate: Avoid deadlock in hibernate_compressor_param_set()]
+CVE-2025-37745 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/52323ed1444ea5c2a5f1754ea0a2d9c8c216ccdf (6.15-rc1)
-CVE-2025-37744 [wifi: ath12k: fix memory leak in ath12k_pci_remove()]
+CVE-2025-37744 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/1b24394ed5c8a8d8f7b9e3aa9044c31495d46f2e (6.15-rc1)
-CVE-2025-37743 [wifi: ath12k: Avoid memory leak while enabling statistics]
+CVE-2025-37743 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux <unfixed>
NOTE: https://git.kernel.org/linus/ecfc131389923405be8e7a6f4408fd9321e4d19b (6.15-rc1)
-CVE-2025-37742 [jfs: Fix uninit-value access of imap allocated in the diMount() function]
+CVE-2025-37742 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/9629d7d66c621671d9a47afe27ca9336bfc8a9ea (6.15-rc1)
-CVE-2025-37741 [jfs: Prevent copying of nlink with value 0 from disk inode]
+CVE-2025-37741 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/b61e69bb1c049cf507e3c654fa3dc1568231bd07 (6.15-rc1)
-CVE-2025-37740 [jfs: add sanity check for agwidth in dbMount]
+CVE-2025-37740 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/ddf2846f22e8575d6b4b6a66f2100f168b8cd73d (6.15-rc1)
-CVE-2025-37739 [f2fs: fix to avoid out-of-bounds access in f2fs_truncate_inode_blocks()]
+CVE-2025-37739 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/e6494977bd4a83862118a05f57a8df40256951c0 (6.15-rc1)
-CVE-2025-37738 [ext4: ignore xattrs past end]
+CVE-2025-37738 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/c8e008b60492cf6fd31ef127aea6d02fd3d314cd (6.15-rc1)
-CVE-2025-23163 [net: vlan: don't propagate flags on open]
+CVE-2025-23163 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/27b918007d96402aba10ed52a6af8015230f1793 (6.15-rc1)
-CVE-2025-23162 [drm/xe/vf: Don't try to trigger a full GT reset if VF]
+CVE-2025-23162 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/459777724d306315070d24608fcd89aea85516d6 (6.15-rc1)
-CVE-2025-23161 [PCI: vmd: Make vmd_dev::cfg_lock a raw_spinlock_t type]
+CVE-2025-23161 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/18056a48669a040bef491e63b25896561ee14d90 (6.15-rc1)
-CVE-2025-23160 [media: mediatek: vcodec: Fix a resource leak related to the scp device in FW initialization]
+CVE-2025-23160 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4936cd5817af35d23e4d283f48fa59a18ef481e4 (6.15-rc1)
-CVE-2025-23159 [media: venus: hfi: add a check to handle OOB in sfr region]
+CVE-2025-23159 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/f4b211714bcc70effa60c34d9fa613d182e3ef1e (6.15-rc1)
-CVE-2025-23158 [media: venus: hfi: add check to handle incorrect queue size]
+CVE-2025-23158 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/69baf245b23e20efda0079238b27fc63ecf13de1 (6.15-rc1)
-CVE-2025-23157 [media: venus: hfi_parser: add check to avoid out of bound access]
+CVE-2025-23157 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/172bf5a9ef70a399bb227809db78442dc01d9e48 (6.15-rc1)
-CVE-2025-23156 [media: venus: hfi_parser: refactor hfi packet parsing logic]
+CVE-2025-23156 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/9edaaa8e3e15aab1ca413ab50556de1975bcb329 (6.15-rc1)
-CVE-2025-23155 [net: stmmac: Fix accessing freed irq affinity_hint]
+CVE-2025-23155 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux <unfixed>
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c60d101a226f18e9a8f01bb4c6ca2b47dfcb15ef (6.15-rc1)
-CVE-2025-23154 [io_uring/net: fix io_req_post_cqe abuse by send bundle]
+CVE-2025-23154 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6889ae1b4df1579bcdffef023e2ea9a982565dff (6.15-rc1)
-CVE-2025-23153 [arm/crc-t10dif: fix use of out-of-scope array in crc_t10dif_arch()]
+CVE-2025-23153 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3371f569223c4e8d36edbb0ba789ee5f5cb7316f (6.15-rc1)
-CVE-2025-23152 [arm64/crc-t10dif: fix use of out-of-scope array in crc_t10dif_arch()]
+CVE-2025-23152 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d48b663f410f8b35b8ba9bd597bafaa00f53293b (6.15-rc1)
-CVE-2025-23151 [bus: mhi: host: Fix race between unprepare and queue_buf]
+CVE-2025-23151 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0686a818d77a431fc3ba2fab4b46bbb04e8c9380 (6.15-rc1)
-CVE-2025-23150 [ext4: fix off-by-one error in do_split]
+CVE-2025-23150 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/94824ac9a8aaf2fb3c54b4bdde842db80ffa555d (6.15-rc2)
-CVE-2025-23149 [tpm: do not start chip while suspended]
+CVE-2025-23149 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.25-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/17d253af4c2c8a2acf84bb55a0c2045f150b7dfd (6.15-rc1)
-CVE-2025-23148 [soc: samsung: exynos-chipid: Add NULL pointer check in exynos_chipid_probe()]
+CVE-2025-23148 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/c8222ef6cf29dd7cad21643228f96535cc02b327 (6.15-rc1)
-CVE-2025-23147 [i3c: Add NULL pointer check in i3c_master_queue_ibi()]
+CVE-2025-23147 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/bd496a44f041da9ef3afe14d1d6193d460424e91 (6.15-rc1)
-CVE-2025-23146 [mfd: ene-kb3930: Fix a potential NULL pointer dereference]
+CVE-2025-23146 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/4cdf1d2a816a93fa02f7b6b5492dc7f55af2a199 (6.15-rc1)
-CVE-2025-23145 [mptcp: fix NULL pointer in can_accept_new_subflow]
+CVE-2025-23145 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/443041deb5ef6a1289a99ed95015ec7442f141dc (6.15-rc1)
-CVE-2025-23144 [backlight: led_bl: Hold led_access lock when calling led_sysfs_disable()]
+CVE-2025-23144 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/276822a00db3c1061382b41e72cafc09d6a0ec30 (6.15-rc1)
-CVE-2025-23143 [net: Fix null-ptr-deref by sock_lock_init_class_and_name() and rmmod.]
+CVE-2025-23143 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.25-1
NOTE: https://git.kernel.org/linus/0bb2f7a1ad1f11d861f58e5ee5051c8974ff9569 (6.15-rc2)
-CVE-2025-23142 [sctp: detect and prevent references to a freed transport in sendmsg]
+CVE-2025-23142 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/f1a69a940de58b16e8249dff26f74c8cc59b32be (6.15-rc2)
-CVE-2025-23141 [KVM: x86: Acquire SRCU in KVM_GET_MP_STATE to protect guest memory accesses]
+CVE-2025-23141 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/ef01cac401f18647d62720cf773d7bb0541827da (6.15-rc2)
-CVE-2025-23140 [misc: pci_endpoint_test: Avoid issue of interrupts remaining after request_irq error]
+CVE-2025-23140 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
NOTE: https://git.kernel.org/linus/f6cb7828c8e17520d4f5afb416515d3fae1af9a9 (6.15-rc1)
-CVE-2025-23139 [Bluetooth: hci_uart: Fix another race during initialization]
+CVE-2025-23139 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
@@ -1442,7 +1608,7 @@ CVE-2024-57698 (An issue in modernwms v.1.0 allows an attacker view the MD5 hash
CVE-2023-4377
REJECTED
CVE-2025-4093 (Memory safety bug present in Firefox ESR 128.9, and Thunderbird 128.9. ...)
- {DSA-5910-1}
+ {DSA-5912-1 DSA-5910-1}
- firefox-esr 128.10.0esr-1
- thunderbird 1:128.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4093
@@ -1451,24 +1617,24 @@ CVE-2025-4092 (Memory safety bugs present in Firefox 137 and Thunderbird 137. So
- firefox 138.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4092
CVE-2025-4091 (Memory safety bugs present in Firefox 137, Thunderbird 137, Firefox ES ...)
- {DSA-5910-1}
+ {DSA-5912-1 DSA-5910-1}
- firefox 138.0-1
- firefox-esr 128.10.0esr-1
- thunderbird 1:128.10.0esr-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4091
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4091
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-32/#CVE-2025-4091
-CVE-2025-4090 (A vulnerability existed in Firefox for Android where potentially sensi ...)
+CVE-2025-4090 (A vulnerability existed in Thunderbird for Android where potentially s ...)
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4090
CVE-2025-4089 (Due to insufficient escaping of special characters in the "copy as cUR ...)
- firefox 138.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4089
-CVE-2025-4088 (A security vulnerability in Firefox allowed malicious sites to use red ...)
+CVE-2025-4088 (A security vulnerability in Thunderbird allowed malicious sites to use ...)
- firefox 138.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4088
-CVE-2025-4087 (A vulnerability was identified in Firefox where XPath parsing could tr ...)
- {DSA-5910-1}
+CVE-2025-4087 (A vulnerability was identified in Thunderbird where XPath parsing coul ...)
+ {DSA-5912-1 DSA-5910-1}
- firefox 138.0-1
- firefox-esr 128.10.0esr-1
- thunderbird 1:128.10.0esr-1
@@ -1486,8 +1652,8 @@ CVE-2025-4084 (Due to insufficient escaping of the special characters in the "co
- thunderbird <not-affected> (Only affects Thunderbird on Windows)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4084
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-32/#CVE-2025-4084
-CVE-2025-4083 (A process isolation vulnerability in Firefox stemmed from improper han ...)
- {DSA-5910-1}
+CVE-2025-4083 (A process isolation vulnerability in Thunderbird stemmed from improper ...)
+ {DSA-5912-1 DSA-5910-1}
- firefox 138.0-1
- firefox-esr 128.10.0esr-1
- thunderbird 1:128.10.0esr-1
@@ -1501,7 +1667,7 @@ CVE-2025-4082 (Modification of specific WebGL shader attributes could trigger an
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-28/#CVE-2025-4082
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-29/#CVE-2025-4082
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-32/#CVE-2025-4082
-CVE-2025-2817 (Mozilla Firefox's update mechanism allowed a medium-integrity user pro ...)
+CVE-2025-2817 (Thunderbird's update mechanism allowed a medium-integrity user process ...)
- firefox <not-affected> (Only affects Firefox Updater on Windows)
- firefox-esr <not-affected> (Only affects Firefox ESR Updater on Windows)
- thunderbird <not-affected> (Only affects Thunderbird Updater on Windows)
@@ -2093,7 +2259,7 @@ CVE-2024-30152 (HCL SX v21 is affected by usage of a weak cryptographic algorith
NOT-FOR-US: HCL
CVE-2024-11917 (The JobSearch WP Job Board plugin for WordPress is vulnerable to authe ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-23244
+CVE-2025-23244 (NVIDIA GPU Display Driver for Linux contains a vulnerability which cou ...)
- nvidia-graphics-drivers <unfixed> (bug #1104068)
[bookworm] - nvidia-graphics-drivers <no-dsa> (Non-free not supported)
[bullseye] - nvidia-graphics-drivers <ignored> (Non-free not supported)
@@ -3910,9 +4076,9 @@ CVE-2025-29043 (An issue in dlink DIR 832x 240802 allows a remote attacker to ex
NOT-FOR-US: D-Link
CVE-2025-29042 (An issue in dlink DIR 832x 240802 allows a remote attacker to execute ...)
NOT-FOR-US: D-Link
-CVE-2025-29041 (An issue in dlink DIR 832x 240802 allows a remote attacker to execute ...)
+CVE-2025-29041 (An issue in dlink DIR 823x 240802 allows a remote attacker to execute ...)
NOT-FOR-US: D-Link
-CVE-2025-29040 (An issue in dlink DIR 832x 240802 allows a remote attacker to execute ...)
+CVE-2025-29040 (An issue in dlink DIR 823x 240802 allows a remote attacker to execute ...)
NOT-FOR-US: D-Link
CVE-2025-29039 (An issue in dlink DIR 832x 240802 allows a remote attacker to execute ...)
NOT-FOR-US: D-Link
@@ -5714,6 +5880,7 @@ CVE-2025-24949 (In JotUrl 2.0, is possible to bypass security requirements durin
CVE-2025-24948 (In JotUrl 2.0, passwords are sent via HTTP GET-type requests, potentia ...)
NOT-FOR-US: JotUrl
CVE-2025-24358 (gorilla/csrf provides Cross Site Request Forgery (CSRF) prevention mid ...)
+ {DLA-4151-1}
- golang-github-gorilla-csrf 1.7.2+ds1-2 (bug #1103584)
NOTE: https://github.com/gorilla/csrf/security/advisories/GHSA-rq77-p4h8-4crw
NOTE: https://github.com/gorilla/csrf/commit/9dd6af1f6d30fc79fb0d972394deebdabad6b5eb (v1.7.3)
@@ -5744,12 +5911,15 @@ CVE-2024-13177 (Netskope Client on Mac OS is impacted by a vulnerability in whic
CVE-2024-11084 (Helix ALM prior to 2025.1 returns distinct error responses during auth ...)
NOT-FOR-US: Helix ALM
CVE-2025-3523 (When an email contains multiple attachments with external links via th ...)
+ {DSA-5912-1}
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-27/#CVE-2025-3523
CVE-2025-2830 (By crafting a malformed file name for an attachment in a multipart mes ...)
+ {DSA-5912-1}
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-27/#CVE-2025-2830
CVE-2025-3522 (Thunderbird processes the X-Mozilla-External-Attachment-URL header to ...)
+ {DSA-5912-1}
- thunderbird <unfixed>
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-27/#CVE-2025-3522
CVE-2025-3622 (A vulnerability, which was classified as critical, has been found in X ...)
@@ -48794,7 +48964,7 @@ CVE-2024-36625 (Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the re
- zulip-server <itp> (bug #800052)
CVE-2024-36624 (Zulip 8.3 is vulnerable to Cross Site Scripting (XSS) via the construc ...)
- zulip-server <itp> (bug #800052)
-CVE-2024-36623 (moby v25.0.3 has a Race Condition vulnerability in the streamformatter ...)
+CVE-2024-36623 (moby through v25.0.3 has a Race Condition vulnerability in the streamf ...)
- docker.io 26.1.4+dfsg1-9
[bookworm] - docker.io <no-dsa> (Minor issue)
[bullseye] - docker.io <postponed> (Minor issue; can be fixed in next update)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30a3003895877a7123294be59c66296cda5c3cab
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/30a3003895877a7123294be59c66296cda5c3cab
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250501/e38095e0/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list