[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Oct 20 18:20:47 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
d6c7a017 by Salvatore Bonaccorso at 2025-10-20T19:20:13+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,22 @@
+CVE-2025-40017 [media: iris: Fix memory leak by freeing untracked persist buffer]
+ - linux 6.16.11-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/02a24f13b3a1d9da9f3de56aa5fdb7cc1fe167a2 (6.18-rc1)
+CVE-2025-40016 [media: uvcvideo: Mark invalid entities with id UVC_INVALID_ENTITY_ID]
+ - linux 6.16.11-1
+ NOTE: https://git.kernel.org/linus/0e2ee70291e64a30fe36960c85294726d34a103e (6.18-rc1)
+CVE-2025-40015 [media: stm32-csi: Fix dereference before NULL check]
+ - linux 6.16.11-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/80eaf32672871bd2623ce6ba13ffc1f018756580 (6.18-rc1)
+CVE-2025-40013 [ASoC: qcom: audioreach: fix potential null pointer dereference]
+ - linux 6.16.11-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/8318e04ab2526b155773313b66a1542476ce1106 (6.18-rc1)
CVE-2025-40012 [net/smc: fix warning in smc_rx_splice() when calling get_page()]
- linux 6.16.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6c7a017e100eb9f6790ec8402d8c114c6518507
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d6c7a017e100eb9f6790ec8402d8c114c6518507
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251020/109eeb78/attachment.htm>
More information about the debian-security-tracker-commits
mailing list