[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Thu Sep 4 20:49:35 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
637fa10e by Salvatore Bonaccorso at 2025-09-04T21:49:10+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,216 @@
+CVE-2025-38730 [io_uring/net: commit partial buffers on retry]
+	- linux 6.16.3-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/41b70df5b38bc80967d2e0ed55cc3c3896bba781 (6.17-rc2)
+CVE-2025-38729 [ALSA: usb-audio: Validate UAC3 power domain descriptors, too]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/d832ccbc301fbd9e5a1d691bdcf461cdb514595f (6.17-rc2)
+CVE-2025-38728 [smb3: fix for slab out of bounds on mount to ksmbd]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/7d34ec36abb84fdfb6632a0f2cbda90379ae21fc (6.17-rc2)
+CVE-2025-38727 [netlink: avoid infinite retry looping in netlink_unicast()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/759dfc7d04bab1b0b86113f1164dc1fec192b859 (6.17-rc1)
+CVE-2025-38726 [net: ftgmac100: fix potential NULL pointer access in ftgmac100_phy_disconnect]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e88fbc30dda1cb7438515303704ceddb3ade4ecd (6.17-rc1)
+CVE-2025-38725 [net: usb: asix_devices: add phy_mask for ax88772 mdio bus]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4faff70959d51078f9ee8372f8cff0d7045e4114 (6.17-rc2)
+CVE-2025-38724 [nfsd: handle get_client_locked() failure in nfsd4_setclientid_confirm()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/908e4ead7f757504d8b345452730636e298cbf68 (6.17-rc1)
+CVE-2025-38723 [LoongArch: BPF: Fix jump offset calculation in tailcall]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/cd39d9e6b7e4c58fa77783e7aedf7ada51d02ea3 (6.17-rc1)
+CVE-2025-38722 [habanalabs: fix UAF in export_dmabuf()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/33927f3d0ecdcff06326d6e4edb6166aed42811c (6.17-rc2)
+CVE-2025-38721 [netfilter: ctnetlink: fix refcount leak on table dump]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/de788b2e6227462b6dcd0e07474e72c089008f74 (6.17-rc2)
+CVE-2025-38720 [net: hibmcge: fix rtnl deadlock issue]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c875503a9b9082928d7d3fc60b5400d16fbfae4e (6.17-rc2)
+CVE-2025-38719 [net: hibmcge: fix the division by zero issue]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/7004b26f0b64331143eb0b312e77a357a11427ce (6.17-rc2)
+CVE-2025-38718 [sctp: linearize cloned gso packets in sctp_rcv]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/fd60d8a086191fe33c2d719732d2482052fa6805 (6.17-rc2)
+CVE-2025-38717 [net: kcm: Fix race condition in kcm_unattach()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/52565a935213cd6a8662ddb8efe5b4219343a25d (6.17-rc2)
+CVE-2025-38716 [hfs: fix general protection fault in hfs_find_init()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/736a0516a16268995f4898eded49bfef077af709 (6.17-rc1)
+CVE-2025-38715 [hfs: fix slab-out-of-bounds in hfs_bnode_read()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/a431930c9bac518bf99d6b1da526a7f37ddee8d8 (6.17-rc1)
+CVE-2025-38714 [hfsplus: fix slab-out-of-bounds in hfsplus_bnode_read()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/c80aa2aaaa5e69d5219c6af8ef7e754114bd08d2 (6.17-rc1)
+CVE-2025-38713 [hfsplus: fix slab-out-of-bounds read in hfsplus_uni2asc()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/94458781aee6045bd3d0ad4b80b02886b9e2219b (6.17-rc1)
+CVE-2025-38712 [hfsplus: don't use BUG_ON() in hfsplus_create_attributes_file()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/c7c6363ca186747ebc2df10c8a1a51e66e0e32d9 (6.17-rc1)
+CVE-2025-38711 [smb/server: avoid deadlock when linking with ReplaceIfExists]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/d5fc1400a34b4ea5e8f2ce296ea12bf8c8421694 (6.17-rc1)
+CVE-2025-38710 [gfs2: Validate i_depth for exhash directories]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/557c024ca7250bb65ae60f16c02074106c2f197b (6.17-rc1)
+CVE-2025-38709 [loop: Avoid updating block size under exclusive owner]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/7e49538288e523427beedd26993d446afef1a6fb (6.17-rc1)
+CVE-2025-38708 [drbd: add missing kref_get in handle_write_conflicts]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/00c9c9628b49e368d140cfa61d7df9b8922ec2a8 (6.17-rc1)
+CVE-2025-38707 [fs/ntfs3: Add sanity check for file name]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/e841ecb139339602bc1853f5f09daa5d1ea920a2 (6.17-rc1)
+CVE-2025-38706 [ASoC: core: Check for rtd == NULL in snd_soc_remove_pcm_runtime()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/2d91cb261cac6d885954b8f5da28b5c176c18131 (6.17-rc1)
+CVE-2025-38705 [drm/amd/pm: fix null pointer access]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/d524d40e3a6152a3ea1125af729f8cd8ca65efde (6.17-rc1)
+CVE-2025-38704 [rcu/nocb: Fix possible invalid rdp's->nocb_cb_kthread pointer access]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/1bba3900ca18bdae28d1b9fa10f16a8f8cb2ada1 (6.17-rc1)
+CVE-2025-38703 [drm/xe: Make dma-fences compliant with the safe access rules]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/6bd90e700b4285e6a7541e00f969cab0d696adde (6.17-rc1)
+CVE-2025-38702 [fbdev: fix potential buffer overflow in do_register_framebuffer()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/523b84dc7ccea9c4d79126d6ed1cf9033cf83b05 (6.17-rc1)
+CVE-2025-38701 [ext4: do not BUG when INLINE_DATA_FL lacks system.data xattr]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/099b847ccc6c1ad2f805d13cfbcc83f5b6d4bc42 (6.17-rc1)
+CVE-2025-38700 [scsi: libiscsi: Initialize iscsi_conn->dd_data only if memory is allocated]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/3ea3a256ed81f95ab0f3281a0e234b01a9cae605 (6.17-rc1)
+CVE-2025-38699 [scsi: bfa: Double-free fix]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/add4c4850363d7c1b72e8fce9ccb21fdd2cf5dc9 (6.17-rc1)
+CVE-2025-38698 [jfs: Regular file corruption check]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/2d04df8116426b6c7b9f8b9b371250f666a2a2fb (6.17-rc1)
+CVE-2025-38697 [jfs: upper bound check of tree index in dbAllocAG]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/c214006856ff52a8ff17ed8da52d50601d54f9ce (6.17-rc1)
+CVE-2025-38696 [MIPS: Don't crash in stack_top() for tasks without ABI or vDSO]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/e9f4a6b3421e936c3ee9d74710243897d74dbaa2 (6.17-rc1)
+CVE-2025-38695 [scsi: lpfc: Check for hdwq null ptr when cleaning up lpfc_vport structure]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/6698796282e828733cde3329c887b4ae9e5545e9 (6.17-rc1)
+CVE-2025-38694 [media: dvb-frontends: dib7090p: fix null-ptr-deref in dib7090p_rw_on_apb()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/ce5cac69b2edac3e3246fee03e8f4c2a1075238b (6.17-rc1)
+CVE-2025-38693 [media: dvb-frontends: w7090p: fix null-ptr-deref in w7090p_tuner_write_serpar and w7090p_tuner_read_serpar]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/ed0234c8458b3149f15e496b48a1c9874dd24a1b (6.17-rc1)
+CVE-2025-38692 [exfat: add cluster chain loop check for dir]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/99f9a97dce39ad413c39b92c90393bbd6778f3fd (6.17-rc1)
+CVE-2025-38691 [pNFS: Fix uninited ptr deref in block/scsi layout]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/9768797c219326699778fba9cd3b607b2f1e7950 (6.17-rc1)
+CVE-2025-38690 [drm/xe/migrate: prevent infinite recursion]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9d7a1cbebbb691891671def57407ba2f8ee914e8 (6.17-rc2)
+CVE-2025-38689 [x86/fpu: Fix NULL dereference in avx512_status()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/31cd31c9e17ece125aad27259501a2af69ccb020 (6.17-rc2)
+CVE-2025-38688 [iommufd: Prevent ALIGN() overflow]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/b42497e3c0e74db061eafad41c0cd7243c46436b (6.17-rc1)
+CVE-2025-38687 [comedi: fix race between polling and detaching]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/35b6fc51c666fc96355be5cd633ed0fe4ccf68b2 (6.17-rc1)
+CVE-2025-38686 [userfaultfd: fix a crash in UFFDIO_MOVE when PMD is a migration entry]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/aba6faec0103ed8f169be8dce2ead41fcb689446 (6.17-rc2)
+CVE-2025-38685 [fbdev: Fix vmalloc out-of-bounds write in fast_imageblit]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/af0db3c1f898144846d4c172531a199bb3ca375d (6.17-rc1)
+CVE-2025-38684 [net/sched: ets: use old 'nbands' while purging unused classes]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/87c6efc5ce9c126ae4a781bc04504b83780e3650 (6.17-rc2)
+CVE-2025-38683 [hv_netvsc: Fix panic during namespace deletion with VF]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/33caa208dba6fa639e8a92fd0c8320b652e5550c (6.17-rc2)
+CVE-2025-38682 [i2c: core: Fix double-free of fwnode in i2c_unregister_device()]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1c24e5fc0c7096e00c202a6a3e0c342c1afb47c2 (6.17-rc1)
+CVE-2025-38681 [mm/ptdump: take the memory hotplug lock inside ptdump_walk_pgd()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/59305202c67fea50378dcad0cc199dbc13a0e99a (6.17-rc1)
+CVE-2025-38680 [media: uvcvideo: Fix 1-byte out-of-bounds read in uvc_parse_format()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/782b6a718651eda3478b1824b37a8b3185d2740c (6.17-rc1)
+CVE-2025-38679 [media: venus: Fix OOB read due to missing payload bound check]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/06d6770ff0d8cc8dfd392329a8cc03e2a83e7289 (6.17-rc1)
 CVE-2025-9942 (A vulnerability has been found in CodeAstro Real Estate Management Sys ...)
 	NOT-FOR-US: CodeAstro
 CVE-2025-9941 (A flaw has been found in CodeAstro Real Estate Management System 1.0.  ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/637fa10e557a4f75abe4791e3fb2f5e8f8883615

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/637fa10e557a4f75abe4791e3fb2f5e8f8883615
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250904/c10b924b/attachment.htm>

More information about the debian-security-tracker-commits mailing list