[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Thu Sep 11 19:38:50 BST 2025


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
e64fbf96 by Salvatore Bonaccorso at 2025-09-11T20:38:15+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,113 @@
+CVE-2025-39764 [netfilter: ctnetlink: remove refcounting in expectation dumpers]
+	- linux 6.16.3-1
+	NOTE: https://git.kernel.org/linus/1492e3dcb2be3aa46d1963da96aa9593e4e4db5a (6.17-rc2)
+CVE-2025-39763 [ACPI: APEI: send SIGBUS to current task if synchronous memory error not recovered]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/79a5ae3c4c5eb7e38e0ebe4d6bf602d296080060 (6.17-rc1)
+CVE-2025-39762 [drm/amd/display: add null check]
+	- linux 6.16.3-1
+	NOTE: https://git.kernel.org/linus/158b9201c17fc93ed4253c2f03b77fd2671669a1 (6.17-rc1)
+CVE-2025-39761 [wifi: ath12k: Decrement TID on RX peer frag setup error handling]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/7c0884fcd2ddde0544d2e77f297ae461e1f53f58 (6.17-rc1)
+CVE-2025-39760 [usb: core: config: Prevent OOB read in SS endpoint companion parsing]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/cf16f408364efd8a68f39011a3b073c83a03612d (6.17-rc1)
+CVE-2025-39759 [btrfs: qgroup: fix race between quota disable and quota rescan ioctl]
+	- linux 6.16.3-1
+	NOTE: https://git.kernel.org/linus/e1249667750399a48cafcf5945761d39fa584edf (6.17-rc1)
+CVE-2025-39758 [RDMA/siw: Fix the sendmsg byte count in siw_tcp_sendpages]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/c18646248fed07683d4cee8a8af933fc4fe83c0d (6.17-rc1)
+CVE-2025-39757 [ALSA: usb-audio: Validate UAC3 cluster segment descriptors]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/ecfd41166b72b67d3bdeb88d224ff445f6163869 (6.17-rc2)
+CVE-2025-39756 [fs: Prevent file descriptor table allocations exceeding INT_MAX]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/04a2c4b4511d186b0fce685da21085a5d4acd370 (6.17-rc1)
+CVE-2025-39754 [mm/smaps: fix race between smaps_hugetlb_range and migration]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/45d19b4b6c2d422771c29b83462d84afcbb33f01 (6.17-rc2)
+CVE-2025-39753 [gfs2: Set .migrate_folio in gfs2_{rgrp,meta}_aops]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/5c8f12cf1e64e0e8e6cb80b0c935389973e8be8d (6.17-rc1)
+CVE-2025-39752 [ARM: rockchip: fix kernel hang during smp initialization]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/7cdb433bb44cdc87dc5260cdf15bf03cc1cd1814 (6.17-rc1)
+CVE-2025-39751 [ALSA: hda/ca0132: Fix buffer overflow in add_tuning_control]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/a409c60111e6bb98fcabab2aeaa069daa9434ca0 (6.17-rc1)
+CVE-2025-39750 [wifi: ath12k: Correct tid cleanup when tid setup fails]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/4a2bf707270f897ab8077baee8ed5842a5321686 (6.17-rc1)
+CVE-2025-39749 [rcu: Protect ->defer_qs_iw_pending from data race]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/90c09d57caeca94e6f3f87c49e96a91edd40cbfd (6.17-rc1)
+CVE-2025-39748 [bpf: Forget ranges when refining tnum after JSET]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/6279846b9b2532e1b04559ef8bd0dec049f29383 (6.17-rc1)
+CVE-2025-39747 [drm/msm: Add error handling for krealloc in metadata setup]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/1c8c354098ea9d4376a58c96ae6b65288a6f15d8 (6.17-rc1)
+CVE-2025-39746 [wifi: ath10k: shutdown driver when hardware is unreliable]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/c256a94d1b1b15109740306f7f2a7c2173e12072 (6.17-rc1)
+CVE-2025-39745 [rcutorture: Fix rcutorture_one_extend_check() splat in RT kernels]
+	- linux 6.16.3-1
+	NOTE: https://git.kernel.org/linus/8d71351d88e478d3c4e945e3218e97ec677fd807 (6.17-rc1)
+CVE-2025-39744 [rcu: Fix rcu_read_unlock() deadloop due to IRQ work]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/b41642c87716bbd09797b1e4ea7d904f06c39b7b (6.17-rc1)
+CVE-2025-39743 [jfs: truncate good inode pages when hard link is 0]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/2d91b3765cd05016335cd5df5e5c6a29708ec058 (6.17-rc1)
+CVE-2025-39742 [RDMA: hfi1: fix possible divide-by-zero in find_hw_thread_mask()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/59f7d2138591ef8f0e4e4ab5f1ab674e8181ad3a (6.17-rc1)
+CVE-2025-39741 [drm/xe/migrate: don't overflow max copy size]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/4126cb327a2e3273c81fcef1c594c5b7b645c44c (6.17-rc2)
+CVE-2025-39740 [drm/xe/migrate: prevent potential UAF]
+	- linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/145832fbdd17b1d77ffd6cdd1642259e101d1b7e (6.17-rc2)
+CVE-2025-39739 [iommu/arm-smmu-qcom: Add SM6115 MDSS compatible]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/f7fa8520f30373ce99c436c4d57c76befdacbef3 (6.17-rc1)
+CVE-2025-39738 [btrfs: do not allow relocation of partially dropped subvolumes]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/4289b494ac553e74e86fed1c66b2bf9530bc1082 (6.17-rc2)
+CVE-2025-39737 [mm/kmemleak: avoid soft lockup in __kmemleak_do_cleanup()]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/d1534ae23c2b6be350c8ab060803fbf6e9682adc (6.17-rc2)
+CVE-2025-39736 [mm/kmemleak: avoid deadlock by moving pr_warn() outside kmemleak_lock]
+	- linux 6.16.3-1
+	[trixie] - linux 6.12.43-1
+	NOTE: https://git.kernel.org/linus/47b0f6d8f0d2be4d311a49e13d2fd5f152f492b2 (6.17-rc2)
 CVE-2025-40300 [x86/vmscape: Enable the mitigation]
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/2f8f173413f1cbf52660d04df92d0069c4306d25



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e64fbf962054a59b9b3ff9ade24588ab06c8e712

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e64fbf962054a59b9b3ff9ade24588ab06c8e712
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250911/56e6b9c0/attachment-0001.htm>
