[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Oct 24 19:34:47 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a2353010 by Salvatore Bonaccorso at 2025-10-24T20:32:54+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,23 @@
+CVE-2025-40024 [vhost: Take a reference on the task in struct vhost_task.]
+ - linux 6.16.10-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/afe16653e05db07d658b55245c7a2e0603f136c0 (6.17)
+CVE-2025-40023 [drm/xe/vf: Don't expose sysfs attributes not applicable for VFs]
+ - linux 6.16.10-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/500dad428e5b0de4c1bdfa893822a6e06ddad0b5 (6.17)
+CVE-2025-40022 [crypto: af_alg - Fix incorrect boolean values in af_alg_ctx]
+ - linux 6.16.10-1
+ NOTE: https://git.kernel.org/linus/d0ca0df179c4b21e2a6c4a4fb637aa8fa14575cb (6.17)
+CVE-2025-40021 [tracing: dynevent: Add a missing lockdown check on dynevent]
+ - linux 6.16.10-1
+ NOTE: https://git.kernel.org/linus/456c32e3c4316654f95f9d49c12cbecfb77d5660 (6.17)
+CVE-2025-40020 [can: peak_usb: fix shift-out-of-bounds issue]
+ - linux 6.16.10-1
+ NOTE: https://git.kernel.org/linus/c443be70aaee42c2d1d251e0329e0a69dd96ae54 (6.17)
CVE-2025-40019 [crypto: essiv - Check ssize for decryption and in-place encryption]
- linux <unfixed>
NOTE: https://git.kernel.org/linus/6bb73db6948c2de23e407fe1b7ef94bf02b7529f (6.18-rc1)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a23530101b49a6ff8d347a8911c38a93e178512d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a23530101b49a6ff8d347a8911c38a93e178512d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251024/8d49e2e1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list