[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Fri May 9 10:25:44 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c5b73d3f by Salvatore Bonaccorso at 2025-05-09T11:24:54+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,61 @@
+CVE-2025-37875 [igc: fix PTM cycle trigger logic]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8e404ad95d2c10c261e2ef6992c7c12dde03df0e (6.15-rc3)
+CVE-2025-37874 [net: ngbe: fix memory leak in ngbe_probe() error path]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/88fa80021b77732bc98f73fb69d69c7cc37b9f0d (6.15-rc3)
+CVE-2025-37873 [eth: bnxt: fix missing ring index trim on error path]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/12f2d033fae957d84c2c0ce604d2a077e61fa2c0 (6.15-rc3)
+CVE-2025-37872 [net: txgbe: fix memory leak in txgbe_probe() error path]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b2727326d0a53709380aa147018085d71a6d4843 (6.15-rc3)
+CVE-2025-37871 [nfsd: decrease sc_count directly if fail to queue dl_recall]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/a1d14d931bf700c1025db8c46d6731aa5cf440f9 (6.15-rc3)
+CVE-2025-37870 [drm/amd/display: prevent hang on link training fail]
+	- linux 6.12.25-1
+	NOTE: https://git.kernel.org/linus/8058061ed9d6bc259d1e678607b07d259342c08f (6.15-rc1)
+CVE-2025-37869 [drm/xe: Use local fence in error path of xe_migrate_clear]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/20659d3150f1a2a258a173fe011013178ff2a197 (6.15-rc2)
+CVE-2025-37868 [drm/xe/userptr: fix notifier vs folio deadlock]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/2577b202458cddff85cc154b1fe7f313e0d1f418 (6.15-rc3)
+CVE-2025-37867 [RDMA/core: Silence oversized kvmalloc() warning]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	NOTE: https://git.kernel.org/linus/9a0e6f15029e1a8a21e40f06fd05aa52b7f063de (6.15-rc3)
+CVE-2025-37866 [mlxbf-bootctl: use sysfs_emit_at() in secure_boot_fuse_state_show()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b129005ddfc0e6daf04a6d3b928a9e474f9b3918 (6.15-rc3)
+CVE-2025-37865 [net: dsa: mv88e6xxx: fix -ENOENT when deleting VLANs and MST is unsupported]
+	- linux 6.12.25-1
+	[bookworm] - linux 6.1.135-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/ea08dfc35f83cfc73493c52f63ae4f2e29edfe8d (6.15-rc3)
+CVE-2025-37864 [net: dsa: clean up FDB, MDB, VLAN entries on unbind]
+	- linux 6.12.25-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7afb5fb42d4950f33af2732b8147c552659f79b7 (6.15-rc3)
+CVE-2025-37863 [ovl: don't allow datadir only]
+	- linux 6.12.25-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/eb3a04a8516ee9b5174379306f94279fc90424c4 (6.15-rc3)
 CVE-2025-37862 [HID: pidff: Fix null pointer dereference in pidff_find_fields]
 	- linux 6.12.25-1
 	[bookworm] - linux 6.1.135-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5b73d3fcc42dbfef76cc9a05279de29d8decc8d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c5b73d3fcc42dbfef76cc9a05279de29d8decc8d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250509/62d51540/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list