[Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Sep 7 19:55:50 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
780d8dfd by Salvatore Bonaccorso at 2025-09-07T20:55:38+02:00
Merge Linux CVE changes from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,36 @@
+CVE-2025-39734 [Revert "fs/ntfs3: Replace inode_trylock with inode_lock"]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ [bookworm] - linux 6.1.148-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/a49f0abd8959048af18c6c690b065eb0d65b2d21 (6.17-rc1)
+CVE-2025-39733 [team: replace team lock with rtnl lock]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/bfb4fb77f9a8ce33ce357224569eae5564eec573 (6.17-rc1)
+CVE-2025-39732 [wifi: ath11k: fix sleeping-in-atomic in ath11k_mac_op_set_bitrate_mask()]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ NOTE: https://git.kernel.org/linus/65c12b104cb942d588a1a093acc4537fb3d3b129 (6.17-rc1)
+CVE-2025-39731 [f2fs: vm_unmap_ram() may be called from an invalid context]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ [bookworm] - linux 6.1.148-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/08a7efc5b02a0620ae16aa9584060e980a69cb55 (6.17-rc1)
+CVE-2025-39730 [NFS: Fix filehandle bounds checking in nfs_fh_to_dentry()]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ [bookworm] - linux 6.1.148-1
+ NOTE: https://git.kernel.org/linus/ef93a685e01a281b5e2a25ce4e3428cf9371a205 (6.17-rc1)
+CVE-2025-39729 [crypto: ccp - Fix dereferencing uninitialized error pointer]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0fa766726c091ff0ec7d26874f6e4724d23ecb0e (6.17-rc1)
+CVE-2025-39727 [mm: swap: fix potential buffer overflow in setup_clusters()]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/152c1339dc13ad46f1b136e8693de15980750835 (6.17-rc1)
CVE-2025-36100 (IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 ...)
NOT-FOR-US: IBM
CVE-2025-10068 (A flaw has been found in itsourcecode Online Discussion Forum 1.0. Thi ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/780d8dfd555b2aa0a1b5db993ba482d9f7b000cb
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/780d8dfd555b2aa0a1b5db993ba482d9f7b000cb
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250907/283c560c/attachment.htm>
More information about the debian-security-tracker-commits
mailing list