[Git][security-tracker-team/security-tracker][master] Add new batch of Linux CVEs assigned

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue May 20 20:19:02 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6593025a by Salvatore Bonaccorso at 2025-05-20T21:18:34+02:00
Add new batch of Linux CVEs assigned

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,186 @@
+CVE-2025-37936 [perf/x86/intel: KVM: Mask PEBS_ENABLE loaded for guest with vCPU's value.]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/58f6217e5d0132a9f14e401e62796916aa055c1b (6.15-rc5)
+CVE-2025-37935 [net: ethernet: mtk_eth_soc: fix SER panic with 4GB+ RAM]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6e0490fc36cdac696f96e57b61d93b9ae32e0f4c (6.15-rc5)
+CVE-2025-37934 [ASoC: simple-card-utils: Fix pointer check in graph_util_parse_link_direction]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/3cc393d2232ec770b5f79bf0673d67702a3536c3 (6.15-rc5)
+CVE-2025-37933 [octeon_ep: Fix host hang issue during device reboot]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/34f42736b325287a7b2ce37e415838f539767bda (6.15-rc5)
+CVE-2025-37932 [sch_htb: make htb_qlen_notify() idempotent]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/5ba8b837b522d7051ef81bacf3d95383ff8edce5 (6.15-rc2)
+CVE-2025-37931 [btrfs: adjust subpage bit start based on sectorsize]
+	- linux 6.12.29-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e08e49d986f82c30f42ad0ed43ebbede1e1e3739 (6.15-rc5)
+CVE-2025-37930 [drm/nouveau: Fix WARN_ON in nouveau_fence_context_kill()]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/bbe5679f30d7690a9b6838a583b9690ea73fe0e9 (6.15-rc5)
+CVE-2025-37929 [arm64: errata: Add missing sentinels to Spectre-BHB MIDR arrays]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/fee4d171451c1ad9e8aaf65fc0ab7d143a33bd72 (6.15-rc5)
+CVE-2025-37928 [dm-bufio: don't schedule in atomic context]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/a3d8f0a7f5e8b193db509c7191fefeed3533fc44 (6.15-rc5)
+CVE-2025-37927 [iommu/amd: Fix potential buffer overflow in parse_ivrs_acpihid]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/8dee308e4c01dea48fc104d37f92d5b58c50b96c (6.15-rc5)
+CVE-2025-37926 [ksmbd: fix use-after-free in ksmbd_session_rpc_open]
+	- linux 6.12.29-1
+	NOTE: https://git.kernel.org/linus/a1f46c99d9ea411f9bf30025b912d881d36fc709 (6.15-rc5)
+CVE-2025-37924 [ksmbd: fix use-after-free in kerberos authentication]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/e86e9134e1d1c90a960dd57f59ce574d27b9a124 (6.15-rc5)
+CVE-2025-37923 [tracing: Fix oob write in trace_seq_to_buffer()]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/f5178c41bb43444a6008150fe6094497135d07cb (6.15-rc5)
+CVE-2025-37922 [book3s64/radix : Align section vmemmap start address to PAGE_SIZE]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9cf7e13fecbab0894f6986fc6986ab2eba8de52e (6.15-rc5)
+CVE-2025-37921 [vxlan: vnifilter: Fix unlocked deletion of default FDB entry]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/087a9eb9e5978e3ba362e1163691e41097e8ca20 (6.15-rc5)
+CVE-2025-37920 [xsk: Fix race condition in AF_XDP generic RX path]
+	- linux 6.12.29-1
+	NOTE: https://git.kernel.org/linus/a1356ac7749cafc4e27aa62c0c4604b5dca4983e (6.15-rc5)
+CVE-2025-37919 [ASoC: amd: acp: Fix NULL pointer deref in acp_i2s_set_tdm_slot]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6d9b64156d849e358cb49b6b899fb0b7d262bda8 (6.15-rc5)
+CVE-2025-37918 [Bluetooth: btusb: avoid NULL pointer dereference in skb_dequeue()]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0317b033abcd1d8dd2798f0e2de5e84543d0bd22 (6.15-rc5)
+CVE-2025-37917 [net: ethernet: mtk-star-emac: fix spinlock recursion issues on rx/tx poll]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6fe0866014486736cc3ba1c6fd4606d3dbe55c9c (6.15-rc5)
+CVE-2025-37916 [pds_core: remove write-after-free of client_id]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dfd76010f8e821b66116dec3c7d90dd2403d1396 (6.15-rc5)
+CVE-2025-37915 [net_sched: drr: Fix double list add in class with netem as child qdisc]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/f99a3fbf023e20b626be4b0f042463d598050c9a (6.15-rc5)
+CVE-2025-37914 [net_sched: ets: Fix double list add in class with netem as child qdisc]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/1a6d0c00fa07972384b0c308c72db091d49988b6 (6.15-rc5)
+CVE-2025-37913 [net_sched: qfq: Fix double list add in class with netem as child qdisc]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/f139f37dcdf34b67f5bf92bc8e0f7f6b3ac63aa4 (6.15-rc5)
+CVE-2025-37912 [ice: Check VF VSI Pointer Value in ice_vc_add_fdir_fltr()]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/425c5f266b2edeee0ce16fedd8466410cdcfcfe3 (6.15-rc5)
+CVE-2025-37911 [bnxt_en: Fix out-of-bound memcpy() during ethtool -w]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/6b87bd94f34370bbf1dfa59352bed8efab5bf419 (6.15-rc5)
+CVE-2025-37910 [ptp: ocp: Fix NULL dereference in Adva board SMA sysfs operations]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e98386d79a23c57cf179fe4138322e277aa3aa74 (6.15-rc5)
+CVE-2025-37909 [net: lan743x: Fix memleak issue when GSO enabled]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/2d52e2e38b85c8b7bc00dca55c2499f46f8c8198 (6.15-rc5)
+CVE-2025-37908 [mm, slab: clean up slab->obj_exts always]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/be8250786ca94952a19ce87f98ad9906448bc9ef (6.15-rc5)
+CVE-2025-37907 [accel/ivpu: Fix locking order in ivpu_job_submit]
+	- linux 6.12.29-1
+	NOTE: https://git.kernel.org/linus/ab680dc6c78aa035e944ecc8c48a1caab9f39924 (6.15-rc1)
+CVE-2025-37906 [ublk: fix race between io_uring_cmd_complete_in_task and ublk_cancel_cmd]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f40139fde5278d81af3227444fd6e76a76b9506d (6.15-rc4)
+CVE-2025-37905 [firmware: arm_scmi: Balance device refcount when destroying devices]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9ca67840c0ddf3f39407339624cef824a4f27599 (6.15-rc6)
+CVE-2025-37904 [btrfs: fix the inode leak in btrfs_iget()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/48c1d1bb525b1c44b8bdc8e7ec5629cb6c2b9fc4 (6.15-rc5)
+CVE-2025-37903 [drm/amd/display: Fix slab-use-after-free in hdcp]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	NOTE: https://git.kernel.org/linus/be593d9d91c5a3a363d456b9aceb71029aeb3f1d (6.15-rc5)
+CVE-2025-37902 [dm: fix copying after src array boundaries]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f1aff4bc199cb92c055668caed65505e3b4d2656 (6.15-rc6)
+CVE-2025-37901 [irqchip/qcom-mpm: Prevent crash when trying to handle non-wake GPIOs]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/38a05c0b87833f5b188ae43b428b1f792df2b384 (6.15-rc5)
+CVE-2025-37900 [iommu: Fix two issues in iommu_copy_struct_from_user()]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/30a3f2f3e4bd6335b727c83c08a982d969752bc1 (6.15-rc5)
+CVE-2025-37899 [ksmbd: fix use-after-free in session logoff]
+	- linux 6.12.29-1
+	NOTE: https://git.kernel.org/linus/2fc9feff45d92a92cd5f96487655d5be23fb7e2b (6.15-rc5)
+CVE-2025-37898 [powerpc64/ftrace: fix module loading without patchable function entries]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/534f5a8ba27863141e29766467a3e1f61bcb47ac (6.15-rc5)
+CVE-2025-37897 [wifi: plfxlc: Remove erroneous assert in plfxlc_mac_release]
+	- linux 6.12.29-1
+	[bookworm] - linux 6.1.139-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/0fb15ae3b0a9221be01715dac0335647c79f3362 (6.15-rc5)
+CVE-2025-37896 [spi: spi-mem: Add fix to avoid divide error]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8e4d3d8a5e51e07bd0d6cdd81b5e4af79f796927 (6.15-rc5)
+CVE-2025-37895 [bnxt_en: Fix error handling path in bnxt_init_chip()]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9ab7a709c926c16b4433cf02d04fcbcf35aaab2b (6.15-rc5)
+CVE-2025-37894 [net: use sock_gen_put() when sk_state is TCP_TIME_WAIT]
+	- linux 6.12.29-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f920436a44295ca791ebb6dae3f4190142eec703 (6.15-rc5)
 CVE-2025-37892 [mtd: inftlcore: Add error check for inftl_read_oob()]
 	- linux 6.12.25-1
 	[bookworm] - linux 6.1.135-1



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6593025a68267a049a3dff9eb0d501441239e4ef

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6593025a68267a049a3dff9eb0d501441239e4ef
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250520/d210250e/attachment.htm>

More information about the debian-security-tracker-commits mailing list