[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Oct 9 14:53:23 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
4285095c by Salvatore Bonaccorso at 2025-10-09T15:52:54+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,29 @@
+CVE-2025-39959 [ASoC: amd: acp: Fix incorrect retrival of acp_chip_info]
+ - linux 6.16.9-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d7871f400cad1da376f1d7724209a1c49226c456 (6.17-rc7)
+CVE-2025-39958 [iommu/s390: Make attach succeed when the device was surprise removed]
+ - linux 6.16.9-1
+ NOTE: https://git.kernel.org/linus/9ffaf5229055fcfbb3b3d6f1c7e58d63715c3f73 (6.17-rc7)
+CVE-2025-39957 [wifi: mac80211: increase scan_ies_len for S1G]
+ - linux 6.16.9-1
+ NOTE: https://git.kernel.org/linus/7e2f3213e85eba00acb4cfe6d71647892d63c3a1 (6.17-rc5)
+CVE-2025-39956 [igc: don't fail igc_probe() on LED setup error]
+ - linux 6.16.9-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/528eb4e19ec0df30d0c9ae4074ce945667dde919 (6.17-rc7)
+CVE-2025-39955 [tcp: Clear tcp_sk(sk)->fastopen_rsk in tcp_disconnect().]
+ - linux 6.16.9-1
+ NOTE: https://git.kernel.org/linus/45c8a6cc2bcd780e634a6ba8e46bffbdf1fc5c01 (6.17-rc7)
+CVE-2025-39954 [clk: sunxi-ng: mp: Fix dual-divider clock rate readback]
+ - linux 6.16.9-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/25fbbaf515acd13399589bd5ee6de5f35740cef2 (6.17-rc7)
CVE-2025-9970 (Cleartext Storage of Sensitive Information in Memory vulnerability in ...)
NOT-FOR-US: ABB group
CVE-2025-9868 (Server-Side Request Forgery (SSRF) in the Remote Browser Plugin in Son ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4285095cfe144793121c07ee0cb2518feb16ef8a
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4285095cfe144793121c07ee0cb2518feb16ef8a
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251009/10eeea56/attachment.htm>
More information about the debian-security-tracker-commits
mailing list