[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Fri Sep 12 20:26:20 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
46ea8970 by Salvatore Bonaccorso at 2025-09-12T21:25:55+02:00
Merge Linux CVEs from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,40 @@
+CVE-2025-39799 [ACPI: processor: perflib: Move problematic pr->performance check]
+ - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/d405ec23df13e6df599f5bd965a55d13420366b8 (6.17-rc2)
+CVE-2025-39798 [NFS: Fix the setting of capabilities when automounting a new filesystem]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ NOTE: https://git.kernel.org/linus/b01f21cacde9f2878492cf318fee61bf4ccad323 (6.17-rc1)
+CVE-2025-39797 [xfrm: Duplicate SPI Handling]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ NOTE: https://git.kernel.org/linus/94f39804d891cffe4ce17737d295f3b195bc7299 (6.17-rc1)
+CVE-2025-39796 [net: lapbether: ignore ops-locked netdevs]
+ - linux 6.16.3-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/53898ebabe843bfa7baea9dae152797d5d0563c9 (6.17-rc2)
+CVE-2025-39795 [block: avoid possible overflow for chunk_sectors check in blk_stack_limits()]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ NOTE: https://git.kernel.org/linus/448dfecc7ff807822ecd47a5c052acedca7d09e8 (6.17-rc1)
+CVE-2025-39794 [ARM: tegra: Use I/O memcpy to write to IRAM]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ NOTE: https://git.kernel.org/linus/398e67e0f5ae04b29bcc9cbf342e339fe9d3f6f1 (6.17-rc1)
+CVE-2025-39793 [io_uring/memmap: cast nr_pages to size_t before shifting]
+ - linux 6.16.3-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/33503c083fda048c77903460ac0429e1e2c0e341 (6.17-rc1)
+CVE-2025-39792 [dm: Always split write BIOs to zoned device limits]
+ - linux 6.16.3-1
+ [trixie] - linux 6.12.43-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/2df7168717b7d2d32bcf017c68be16e4aae9dd13 (6.17-rc1)
CVE-2025-10256
- ffmpeg <unfixed>
[trixie] - ffmpeg <postponed> (Minor issue, wait until it's fixed in the 7.1 branch)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46ea897045ad8e596569acae3bafdb542d89b14d
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/46ea897045ad8e596569acae3bafdb542d89b14d
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250912/cc82005a/attachment.htm>
More information about the debian-security-tracker-commits
mailing list