[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Oct 29 19:24:20 GMT 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
06c2dfba by Salvatore Bonaccorso at 2025-10-29T20:23:31+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,17 @@
+CVE-2025-40085 [ALSA: usb-audio: Fix NULL pointer deference in try_to_register_card]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/28412b489b088fb88dff488305fd4e56bd47f6e4 (6.18-rc2)
+CVE-2025-40084 [ksmbd: transport_ipc: validate payload size before reading handle]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/6f40e50ceb99fc8ef37e5c56e2ec1d162733fef0
+CVE-2025-40083 [net/sched: sch_qfq: Fix null-deref in agg_dequeue]
+	- linux 6.16.3-1
+	NOTE: https://git.kernel.org/linus/dd831ac8221e691e9e918585b1003c7071df0379 (6.16-rc6)
+CVE-2023-7324 [scsi: ses: Fix possible addl_desc_ptr out-of-bounds accesses]
+	- linux 6.1.20-1
+	[bullseye] - linux 5.10.178-1
+	NOTE: https://git.kernel.org/linus/db95d4df71cb55506425b6e4a5f8d68e3a765b63 (6.3-rc1)
 CVE-2025-9544 (The Doppler Forms WordPress plugin through 2.5.1 registers an AJAX act ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-64296 (Missing Authorization vulnerability in Facebook Facebook for WooCommer ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06c2dfba958ed06f9926bf721be667aae1857dc2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/06c2dfba958ed06f9926bf721be667aae1857dc2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251029/d87afeb9/attachment.htm>

More information about the debian-security-tracker-commits mailing list