[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri May 2 21:06:40 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
0927e8d5 by Salvatore Bonaccorso at 2025-05-02T22:06:09+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,435 @@
+CVE-2023-53144 [erofs: fix wrong kunmap when using LZMA on HIGHMEM platforms]
+ - linux 6.1.20-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8f121dfb15f7b4ab345992ce96003eb63fd608f4 (6.3-rc2)
+CVE-2023-53143 [ext4: fix another off-by-one fsmap error on 1k block filesystems]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/c993799baf9c5861f8df91beb80e1611b12efcbd (6.3-rc2)
+CVE-2023-53142 [ice: copy last block omitted in ice_get_module_eeprom()]
+ - linux 6.1.20-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/84cba1840e68430325ac133a11be06bfb2f7acd8 (6.3-rc2)
+CVE-2023-53141 [ila: do not generate empty messages in ila_xlat_nl_cmd_get_mapping()]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/693aa2c0d9b6d5b1f2745d31b6e70d09dbbaf06e (6.3-rc2)
+CVE-2023-53140 [scsi: core: Remove the /proc/scsi/${proc_name} directory earlier]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/fc663711b94468f4e1427ebe289c9f05669699c9 (6.3-rc1)
+CVE-2023-53139 [nfc: fdp: add null check of devm_kmalloc_array in fdp_nci_i2c_read_device_properties]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/11f180a5d62a51b484e9648f9b310e1bd50b1a57 (6.3-rc2)
+CVE-2023-53138 [net: caif: Fix use-after-free in cfusbl_device_notify()]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/9781e98a97110f5e76999058368b4be76a788484 (6.3-rc2)
+CVE-2023-53137 [ext4: Fix possible corruption when moving a directory]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/0813299c586b175d7edb25f56412c54b812d0379 (6.3-rc1)
+CVE-2023-53136 [af_unix: fix struct pid leaks in OOB support]
+ - linux 6.1.20-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2aab4b96900272885bc157f8b236abf1cdc02e08 (6.3-rc2)
+CVE-2023-53135 [riscv: Use READ_ONCE_NOCHECK in imprecise unwinding stack mode]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/76950340cf03b149412fe0d5f0810e52ac1df8cb (6.3-rc2)
+CVE-2023-53134 [bnxt_en: Avoid order-5 memory allocation for TPA data]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/accd7e23693aaaa9aa0d3e9eca0ae77d1be80ab3 (6.3-rc2)
+CVE-2023-53133 [bpf, sockmap: Fix an infinite loop error when len is 0 in tcp_bpf_recvmsg_parser()]
+ - linux 6.1.20-1
+ NOTE: https://git.kernel.org/linus/d900f3d20cc3169ce42ec72acc850e662a4d4db2 (6.3-rc2)
+CVE-2023-53132 [scsi: mpi3mr: Fix mpi3mr_hba_port memory leak in mpi3mr_remove()]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d0f3c3728da8af76dfe435f7f0cfa2b9d9e43ef0 (6.3-rc3)
+CVE-2023-53131 [SUNRPC: Fix a server shutdown leak]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/9ca6705d9d609441d34f8b853e1e4a6369b3b171 (6.3-rc2)
+CVE-2023-53130 [block: fix wrong mode for blkdev_put() from disk_scan_partitions()]
+ - linux 6.1.20-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/428913bce1e67ccb4dae317fd0332545bf8c9233 (6.3-rc2)
+CVE-2023-53129 [ext4: Fix deadlock during directory rename]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/3c92792da8506a295afb6d032b4476e46f979725 (6.3-rc2)
+CVE-2023-53128 [scsi: mpi3mr: Fix throttle_groups memory leak]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f305a7b6ca21a665e8d0cf70b5936991a298c93c (6.3-rc3)
+CVE-2023-53127 [scsi: mpi3mr: Fix expander node leak in mpi3mr_remove()]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ce756daa36e1ba271bb3334267295e447aa57a5c (6.3-rc3)
+CVE-2023-53126 [scsi: mpi3mr: Fix sas_hba.phy memory leak in mpi3mr_remove()]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d4caa1a4255cc44be56bcab3db2c97c632e6cc10 (6.3-rc3)
+CVE-2023-53125 [net: usb: smsc75xx: Limit packet length to skb->len]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/d8b228318935044dafe3a5bc07ee71a1f1424b8d (6.3-rc3)
+CVE-2023-53124 [scsi: mpt3sas: Fix NULL pointer access in mpt3sas_transport_port_add()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/d3c57724f1569311e4b81e98fad0931028b9bdcd (6.3-rc3)
+CVE-2023-53123 [PCI: s390: Fix use-after-free of PCI resources with per-function hotplug]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/ab909509850b27fd39b8ba99e44cda39dbc3858c (6.3-rc3)
+CVE-2023-53122 [RISC-V: fix taking the text_mutex twice during sifive errata patching]
+ - linux 6.3.7-1
+ [bookworm] - linux 6.1.37-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bf89b7ee52af5a5944fa3539e86089f72475055b (6.3-rc2)
+CVE-2023-53121 [tcp: tcp_make_synack() can be called from process context]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/bced3f7db95ff2e6ca29dc4d1c9751ab5e736a09 (6.3-rc3)
+CVE-2023-53120 [scsi: mpi3mr: Fix config page DMA memory leak]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7d2b02172b6a2ae6aecd7ef6480b9c4bf3dc59f4 (6.3-rc3)
+CVE-2023-53119 [nfc: pn533: initialize struct pn533_out_arg properly]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/484b7059796e3bc1cb527caa61dfc60da649b4f6 (6.3-rc3)
+CVE-2023-53118 [scsi: core: Fix a procfs host directory removal regression]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/be03df3d4bfe7e8866d4aa43d62e648ffe884f5f (6.3-rc3)
+CVE-2023-53117 [fs: prevent out-of-bounds array speculation when closing a file descriptor]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/609d54441493c99f21c1823dfd66fa7f4c512ff4 (6.3-rc2)
+CVE-2023-53116 [nvmet: avoid potential UAF in nvmet_req_complete()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/6173a77b7e9d3e202bdb9897b23f2a8afe7bf286 (6.3-rc3)
+CVE-2023-53115 [scsi: mpi3mr: Fix memory leaks in mpi3mr_init_ioc()]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c798304470cab88723d895726d17fcb96472e0e9 (6.3-rc3)
+CVE-2023-53114 [i40e: Fix kernel crash during reboot when adapter is in recovery mode]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/7e4f8a0c495413a50413e8c9f1032ce1bc633bae (6.3-rc3)
+CVE-2023-53113 [wifi: nl80211: fix NULL-ptr deref in offchan check]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f624bb6fad23df3270580b4fcef415c6e7bf7705 (6.3-rc3)
+CVE-2023-53112 [drm/i915/sseu: fix max_subslices array-index-out-of-bounds access]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/193c41926d152761764894f46e23b53c00186a82 (6.3-rc3)
+CVE-2023-53111 [loop: Fix use-after-free issues]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/9b0cb770f5d7b1ff40bea7ca385438ee94570eec (6.3-rc3)
+CVE-2023-53110 [net/smc: fix NULL sndbuf_desc in smc_cdc_tx_handler()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/22a825c541d775c1dbe7b2402786025acad6727b (6.3-rc3)
+CVE-2023-53109 [net: tunnels: annotate lockless accesses to dev->needed_headroom]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/4b397c06cb987935b1b097336532aa6b4210e091 (6.3-rc3)
+CVE-2023-53108 [net/iucv: Fix size of interrupt data]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/3d87debb8ed2649608ff432699e7c961c0c6f03b (6.3-rc3)
+CVE-2023-53107 [veth: Fix use after free in XDP_REDIRECT]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/7c10131803e45269ddc6c817f19ed649110f3cae (6.3-rc3)
+CVE-2023-53106 [nfc: st-nci: Fix use after free bug in ndlc_remove due to race condition]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/5000fe6c27827a61d8250a7e4a1d26c3298ef4f6 (6.3-rc3)
+CVE-2023-53105 [net/mlx5e: Fix cleanup null-ptr deref on encap lock]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/c9668f0b1d28570327dbba189f2c61f6f9e43ae7 (6.3-rc3)
+CVE-2023-53104 [net: usb: smsc75xx: Move packet length check to prevent kernel panic in skb_pull]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/43ffe6caccc7a1bb9d7442fbab521efbf6c1378c (6.3-rc3)
+CVE-2023-53103 [bonding: restore bond's IFF_SLAVE flag if a non-eth dev enslave fails]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/e667d469098671261d558be0cd93dca4d285ce1e (6.3-rc3)
+CVE-2023-53102 [ice: xsk: disable txq irq before flushing hw]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/b830c9642386867863ac64295185f896ff2928ac (6.3-rc3)
+CVE-2023-53101 [ext4: zero i_disksize when initializing the bootloader inode]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/f5361da1e60d54ec81346aee8e3d8baf1be0b762 (6.3-rc2)
+CVE-2023-53100 [ext4: fix WARNING in ext4_update_inline_data]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/2b96b4a5d9443ca4cad58b0040be455803c05a42 (6.3-rc2)
+CVE-2023-53099 [firmware: xilinx: don't make a sleepable memory allocation from an atomic context]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/38ed310c22e7a0fc978b1f8292136a4a4a8b3051 (6.3-rc3)
+CVE-2023-53098 [media: rc: gpio-ir-recv: add remove function]
+ - linux 6.1.20-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/30040818b338b8ebc956ce0ebd198f8d593586a6 (6.3-rc1)
+CVE-2023-53097 [powerpc/iommu: fix memory leak with using debugfs_lookup()]
+ - linux 6.1.20-1
+ NOTE: https://git.kernel.org/linus/b505063910c134778202dfad9332dfcecb76bab3 (6.3-rc1)
+CVE-2023-53096 [interconnect: fix mem leak when freeing nodes]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/a5904f415e1af72fa8fe6665aa4f554dc2099a95 (6.3-rc3)
+CVE-2023-53095 [drm/ttm: Fix a NULL pointer dereference]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9a9a8fe26751334b7739193a94eba741073b8a55 (6.3-rc3)
+CVE-2023-53094 [tty: serial: fsl_lpuart: fix race on RX DMA shutdown]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/1be6f2b15f902c02e055ae0b419ca789200473c9 (6.3-rc3)
+CVE-2023-53093 [tracing: Do not let histogram values have some modifiers]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/e0213434fe3e4a0d118923dc98d31e7ff1cd9e45 (6.3-rc3)
+CVE-2023-53092 [interconnect: exynos: fix node leak in probe PM QoS error path]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3aab264875bf3c915ea2517fae1eec213e0b4987 (6.3-rc3)
+CVE-2023-53091 [ext4: update s_journal_inum if it changes after journal replay]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/3039d8b8692408438a618fac2776b629852663c3 (6.3-rc1)
+CVE-2023-53090 [drm/amdkfd: Fix an illegal memory access]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/4fc8fff378b2f2039f2a666d9f8c570f4e58352c (6.3-rc1)
+CVE-2023-53089 [ext4: fix task hung in ext4_xattr_delete_inode]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/0f7bfd6f8164be32dbbdf36aa1e5d00485c53cd7 (6.3-rc1)
+CVE-2023-53088 [mptcp: fix UaF in listener shutdown]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0a3f4f1f9c27215e4ddcd312558342e57b93e518 (6.3-rc3)
+CVE-2023-53087 [drm/i915/active: Fix misuse of non-idle barriers as fence trackers]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/e0e6b416b25ee14716f3549e0cbec1011b193809 (6.3-rc3)
+CVE-2023-53086 [wifi: mt76: connac: do not check WED status for non-mmio devices]
+ - linux 6.3.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/5683e1488aa9b0805a9403d215e48fed29d6d923 (6.3-rc4)
+CVE-2023-53085 [drm/edid: fix info leak when failing to get panel id]
+ - linux 6.3.7-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4d8457fe0eb9c80ff7795cf8a30962128b71d853 (6.3-rc3)
+CVE-2023-53084 [drm/shmem-helper: Remove another errant put in error path]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/ee9adb7a45516cfa536ca92253d7ae59d56db9e4 (6.3-rc3)
+CVE-2023-53083 [nfsd: don't replace page in rq_pages if it's a continuation of last page]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.221-1
+ NOTE: https://git.kernel.org/linus/27c934dd8832dd40fd34776f916dc201e18b319b (6.3-rc4)
+CVE-2023-53082 [vp_vdpa: fix the crash in hot unplug with vp_vdpa]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/aed8efddd39b3434c96718d39009285c52b1cafc (6.3-rc3)
+CVE-2023-53081 [ocfs2: fix data corruption after failed write]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/90410bcf873cf05f54a32183afff0161f44f9715 (6.3-rc3)
+CVE-2023-53080 [xsk: Add missing overflow check in xdp_umem_reg]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/c7df4813b149362248d6ef7be41a311e27bf75fe (6.3-rc4)
+CVE-2023-53079 [net/mlx5: Fix steering rules cleanup]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/922f56e9a795d6f3dd72d3428ebdd7ee040fa855 (6.3-rc4)
+CVE-2023-53078 [scsi: scsi_dh_alua: Fix memleak for 'qdata' in alua_activate()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/a13faca032acbf2699293587085293bdfaafc8ae (6.3-rc4)
+CVE-2023-53077 [drm/amd/display: fix shift-out-of-bounds in CalculateVMAndRowBytes]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/031f196d1b1b6d5dfcb0533b431e3ab1750e6189 (6.3-rc1)
+CVE-2023-53076 [bpf: Adjust insufficient default bpf_jit_limit]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/10ec8ca8ec1a2f04c4ed90897225231c58c124a7 (6.3-rc4)
+CVE-2023-53075 [ftrace: Fix invalid address access in lookup_rec() when index is 0]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/ee92fa443358f4fc0017c1d0d325c27b37802504 (6.3-rc3)
+CVE-2023-53074 [drm/amdgpu: fix ttm_bo calltrace warning in psp_hw_fini]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/23f4a2d29ba57bf88095f817de5809d427fcbe7e (6.3-rc1)
+CVE-2023-53073 [perf/x86/amd/core: Always clear status for idx]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/263f5ecaf7080513efc248ec739b6d9e00f4129f (6.3-rc4)
+CVE-2023-53072 [mptcp: use the workqueue to destroy unaccepted sockets]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/b6985b9b82954caa53f862d6059d06c0526254f0 (6.3-rc3)
+CVE-2023-53071 [wifi: mt76: do not run mt76_unregister_device() on unregistered hw]
+ - linux 6.3.7-1
+ [bookworm] - linux 6.1.115-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/41130c32f3a18fcc930316da17f3a5f3bc326aa1 (6.3-rc4)
+CVE-2023-53070 [ACPI: PPTT: Fix to avoid sleep in the atomic context when PPTT is absent]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/91d7b60a65d9f71230ea09b86d2058a884a3c2af (6.3-rc3)
+CVE-2023-53069 [octeontx2-vf: Add missing free for alloc_percpu]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f038f3917baf04835ba2b7bcf2a04ac93fbf8a9c (6.3-rc4)
+CVE-2023-53068 [net: usb: lan78xx: Limit packet length to skb->len]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/7f247f5a2c18b3f21206cdd51193df4f38e1b9f5 (6.3-rc4)
+CVE-2023-53067 [LoongArch: Only call get_timer_irq() once in constant_clockevent_init()]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/bb7a78e343468873bf00b2b181fcfd3c02d8cb56 (6.3-rc1)
+CVE-2023-53066 [qed/qed_sriov: guard against NULL derefs from qed_iov_get_vf_info]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/25143b6a01d0cc5319edd3de22ffa2578b045550 (6.3-rc4)
+CVE-2023-53065 [perf/core: Fix perf_output_begin parameter is incorrectly invoked in perf_event_bpf_output]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/eb81a2ed4f52be831c9fb879752d89645a312c13 (6.3-rc3)
+CVE-2023-53064 [iavf: fix hang on reboot with ice]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4e264be98b88a6d6f476c11087fe865696e8bef5 (6.3-rc4)
+CVE-2023-53063 [Bluetooth: btsdio: fix use after free bug in btsdio_remove due to unfinished work]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/1e9ac114c4428fdb7ff4635b45d4f46017e8916f (6.3-rc4)
+CVE-2023-53062 [net: usb: smsc95xx: Limit packet length to skb->len]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/ff821092cf02a70c2bccd2d19269f01e29aa52cf (6.3-rc4)
+CVE-2023-53061 [ksmbd: fix possible refcount leak in smb2_open()]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2624b445544ffc1472ccabfb6ec867c199d4c95c (6.3-rc4)
+CVE-2023-53060 [igb: revert rtnl_lock() that causes deadlock]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/65f69851e44d71248b952a687e44759a7abb5016 (6.3-rc4)
+CVE-2023-53059 [platform/chrome: cros_ec_chardev: fix kernel data leak from ioctl]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/b20cf3f89c56b5f6a38b7f76a8128bf9f291bbd3 (6.3-rc4)
+CVE-2023-53058 [net/mlx5: E-Switch, Fix an Oops in error handling code]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/640fcdbcf27fc62de9223f958ceb4e897a00e791 (6.3-rc4)
+CVE-2023-53057 [Bluetooth: HCI: Fix global-out-of-bounds]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bce56405201111807cc8e4f47c6de3e10b17c1ac (6.3-rc4)
+CVE-2023-53056 [scsi: qla2xxx: Synchronize the IOCB count to be in order]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d3affdeb400f3adc925bd996f3839481f5291839 (6.3-rc4)
+CVE-2023-53055 [fscrypt: destroy keyring after security_sb_delete()]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/ccb820dc7d2236b1af0d54ae038a27b5b6d5ae5a (6.3-rc4)
+CVE-2023-53054 [usb: dwc2: fix a devres leak in hw_enable upon suspend resume]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/f747313249b74f323ddf841a9c8db14d989f296a (6.3-rc4)
+CVE-2023-53053 [erspan: do not use skb_mac_header() in ndo_start_xmit()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/8e50ed774554f93d55426039b27b1e38d7fa64d8 (6.3-rc4)
+CVE-2023-53052 [cifs: fix use-after-free bug in refresh_cache_worker()]
+ - linux 6.3.7-1
+ NOTE: https://git.kernel.org/linus/396935de145589c8bfe552fa03a5e38604071829 (6.3-rc3)
+CVE-2023-53051 [dm crypt: add cond_resched() to dmcrypt_write()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/fb294b1c0ba982144ca467a75e7d01ff26304e2b (6.3-rc4)
+CVE-2023-53050 [thunderbolt: Fix memory leak in margining]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/acec726473822bc6b585961f4ca2a11fa7f28341 (6.3-rc4)
+CVE-2023-53049 [usb: ucsi: Fix NULL pointer deref in ucsi_connector_change()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/f87fb985452ab2083967103ac00bfd68fb182764 (6.3-rc4)
+CVE-2023-53048 [usb: typec: tcpm: fix warning when handle discover_identity message]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/abfc4fa28f0160df61c7149567da4f6494dfb488 (6.3-rc4)
+CVE-2023-53047 [tee: amdtee: fix race condition in amdtee_open_session]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/f8502fba45bd30e1a6a354d9d898bc99d1a11e6d (6.3-rc4)
+CVE-2023-53046 [Bluetooth: Fix race condition in hci_cmd_sync_clear]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/1c66bee492a5fe00ae3fe890bb693bfc99f994c6 (6.3-rc4)
+CVE-2023-53045 [usb: gadget: u_audio: don't let userspace block driver unbind]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/6c67ed9ad9b83e453e808f9b31a931a20a25629b (6.3-rc4)
+CVE-2023-53044 [dm stats: check for and propagate alloc_percpu failure]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/d3aa3e060c4a80827eb801fc448debc9daa7c46b (6.3-rc4)
+CVE-2023-53043 [arm64: dts: qcom: sc7280: Mark PCIe controller as cache coherent]
+ - linux 6.1.25-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8a63441e83724fee1ef3fd37b237d40d90780766 (6.3-rc4)
+CVE-2023-53042 [drm/amd/display: Do not set DRR on pipe Commit]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/56574f89dbd84004c3fd6485bcaafb5aa9b8be14 (6.3-rc3)
+CVE-2023-53041 [scsi: qla2xxx: Perform lockless command completion in abort path]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/0367076b0817d5c75dfb83001ce7ce5c64d803a9 (6.3-rc4)
+CVE-2023-53040 [ca8210: fix mac_len negative array access]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/6c993779ea1d0cccdb3a5d7d45446dd229e610a3 (6.3-rc2)
+CVE-2023-53039 [HID: intel-ish-hid: ipc: Fix potential use-after-free in work function]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/8ae2f2b0a28416ed2f6d8478ac8b9f7862f36785 (6.3-rc2)
+CVE-2023-53038 [scsi: lpfc: Check kzalloc() in lpfc_sli4_cgn_params_read()]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/312320b0e0ec21249a17645683fe5304d796aec1 (6.3-rc2)
+CVE-2023-53037 [scsi: mpi3mr: Bad drive in topology results kernel crash]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/8e45183978d64699df639e795235433a60f35047 (6.3-rc2)
+CVE-2023-53036 [drm/amdgpu: Fix call trace warning and hang when removing amdgpu device]
+ - linux 6.1.25-1
+ NOTE: https://git.kernel.org/linus/93bb18d2a873d2fa9625c8ea927723660a868b95 (6.3-rc2)
+CVE-2023-53035 [nilfs2: fix kernel-infoleak in nilfs_ioctl_wrap_copy()]
+ - linux 6.1.25-1
+ [bullseye] - linux 5.10.178-1
+ NOTE: https://git.kernel.org/linus/003587000276f81d0114b5ce773d80c119d8cb30 (6.3-rc4)
+CVE-2022-49933 [KVM: VMX: Reset eVMCS controls in VP assist page during hardware disabling]
+ - linux 6.1.20-1
+ NOTE: https://git.kernel.org/linus/2916b70fc342719f570640de07251b7f91feebdb (6.3-rc1)
+CVE-2022-49932 [KVM: VMX: Do _all_ initialization before exposing /dev/kvm to userspace]
+ - linux 6.1.20-1
+ NOTE: https://git.kernel.org/linus/e32b120071ea114efc0b4ddd439547750b85f618 (6.3-rc1)
CVE-2025-37798 [codel: remove sch->q.qlen check before qdisc_tree_reduce_backlog()]
- linux 6.12.25-1
[bookworm] - linux 6.1.135-1
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0927e8d54c33a76cdf04214c33b6da843b288486
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/0927e8d54c33a76cdf04214c33b6da843b288486
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250502/c5bc604e/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list