[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Sep 15 21:13:12 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a7fa5860 by security tracker role at 2025-09-15T20:13:05+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,877 +1,1023 @@
-CVE-2022-50338 [binder: fix UAF of alloc->vma in race with munmap()]
+CVE-2025-9826 (Stored cross-site scripting vulnerability in M-Files Hubshare before v ...)
+ TODO: check
+CVE-2025-9084 (Mattermost versions 10.5.x <= 10.5.9 fail to properly validate redirec ...)
+ TODO: check
+CVE-2025-9078 (Mattermost versions 10.8.x <= 10.8.3, 10.5.x <= 10.5.8, 9.11.x <= 9.11 ...)
+ TODO: check
+CVE-2025-9076 (Mattermost versions 10.10.x <= 10.10.1 fail to properly sanitize user ...)
+ TODO: check
+CVE-2025-9072 (Mattermost versions 10.10.x <= 10.10.1, 10.5.x <= 10.5.9, 10.9.x <= 10 ...)
+ TODO: check
+CVE-2025-8396 (Insufficiently specific bounds checking on authorization header could ...)
+ TODO: check
+CVE-2025-6202 (Vulnerability in SK Hynix DDR5 on x86 allows a local attacker to trigg ...)
+ TODO: check
+CVE-2025-59399 (libocpp before 0.28.0 allows a denial of service (EVerest crash) becau ...)
+ TODO: check
+CVE-2025-59398 (The OCPP implementation in libocpp before 0.26.2 allows a denial of se ...)
+ TODO: check
+CVE-2025-59397 (Open Web Analytics (OWA) before 1.8.1 allows SQL injection.)
+ TODO: check
+CVE-2025-59377 (feiskyer mcp-kubernetes-server through 0.1.11 allows OS command inject ...)
+ TODO: check
+CVE-2025-59376 (feiskyer mcp-kubernetes-server through 0.1.11 does not consider chaine ...)
+ TODO: check
+CVE-2025-59361 (The cleanIptables mutation in Chaos Controller Manager is vulnerable t ...)
+ TODO: check
+CVE-2025-59360 (The killProcesses mutation in Chaos Controller Manager is vulnerable t ...)
+ TODO: check
+CVE-2025-59359 (The cleanTcs mutation in Chaos Controller Manager is vulnerable to OS ...)
+ TODO: check
+CVE-2025-59358 (The Chaos Controller Manager in Chaos Mesh exposes a GraphQL debugging ...)
+ TODO: check
+CVE-2025-59331 (is-arrayish checks if an object can be used like an Array. On 8 Septem ...)
+ TODO: check
+CVE-2025-59330 (error-ex allows error subclassing and stack customization. On 8 Septem ...)
+ TODO: check
+CVE-2025-59328 (A vulnerability in Apache Fory allows a remote attacker to cause a Den ...)
+ TODO: check
+CVE-2025-59162 (color-convert provides plain color conversion functions in JavaScript. ...)
+ TODO: check
+CVE-2025-59155 (hackmd-mcp is a Model Context Protocol server for integrating HackMD's ...)
+ TODO: check
+CVE-2025-59154 (Openfire is an XMPP server licensed under the Open Source Apache Licen ...)
+ TODO: check
+CVE-2025-59144 (debug is a JavaScript debugging utility. On 8 September 2025, the npm ...)
+ TODO: check
+CVE-2025-59143 (color is a Javascript color conversion and manipulation library. On 8 ...)
+ TODO: check
+CVE-2025-59142 (color-string is a parser and generator for CSS color strings. On 8 Sep ...)
+ TODO: check
+CVE-2025-59141 (simple-swizzle swizzles function arguments. On 8 September 2025, the n ...)
+ TODO: check
+CVE-2025-59140 (backlash parses collected strings with escapes. On 8 September 2025, t ...)
+ TODO: check
+CVE-2025-58748 (Dataease is an open source data analytics and visualization platform. ...)
+ TODO: check
+CVE-2025-58177 (n8n is an open source workflow automation platform. From 1.24.0 to bef ...)
+ TODO: check
+CVE-2025-58172 (drawnix is an all in one open-source whiteboard tool. In drawnix versi ...)
+ TODO: check
+CVE-2025-58046 (Dataease is an open-source data visualization and analysis platform. I ...)
+ TODO: check
+CVE-2025-58045 (Dataease is an open source data analytics and visualization platform. ...)
+ TODO: check
+CVE-2025-57248 (A null pointer dereference vulnerability was discovered in SumatraPDF ...)
+ TODO: check
+CVE-2025-57176 (The rfpiped service on TCP port 555 in Ceragon Networks / Siklu Commun ...)
+ TODO: check
+CVE-2025-57174 (An issue was discovered in Siklu Communications Etherhaul 8010TX and 1 ...)
+ TODO: check
+CVE-2025-57104 (Teampel 5.1.6 is vulnerable to SQL Injection in /Common/login.aspx.)
+ TODO: check
+CVE-2025-56710 (A Cross-Site Request Forgery (CSRF) vulnerability was identified in th ...)
+ TODO: check
+CVE-2025-56252 (Cross Site Scripting (xss) vulnerability in ServitiumCRM 2.10 allowing ...)
+ TODO: check
+CVE-2025-55777
+ REJECTED
+CVE-2025-52344 (Multiple Cross Site Scripting (XSS) vulnerabilities in input fields in ...)
+ TODO: check
+CVE-2025-52053 (TOTOLINK X6000R V9.4.0cu.1360_B20241207 was found to contain a command ...)
+ TODO: check
+CVE-2025-52048 (In Frappe 15.x.x before 15.72.0 and 14.x.x before 14.96.10, in the fun ...)
+ TODO: check
+CVE-2025-50944 (An issue was discovered in the method push.lite.avtech.com.MySSLSocket ...)
+ TODO: check
+CVE-2025-50110 (An issue was discovered in the method push.lite.avtech.com.AvtechLib.G ...)
+ TODO: check
+CVE-2025-49089 (wangxutech MoneyPrinterTurbo 1.2.6 allows path traversal via /api/v1/d ...)
+ TODO: check
+CVE-2025-46408 (An issue was discovered in the methods push.lite.avtech.com.AvtechLib. ...)
+ TODO: check
+CVE-2025-45091 (Seafile versions 11.0.18-Pro, 12.0.10, and 12.0.10-Pro are vulnerable ...)
+ TODO: check
+CVE-2025-43800 (Cross-site scripting (XSS) vulnerability in Objects in Liferay Portal ...)
+ TODO: check
+CVE-2025-43794 (Stored cross-site scripting (XSS) vulnerability in Liferay Portal 7.4. ...)
+ TODO: check
+CVE-2025-43793 (Liferay Portal 7.4.0 through 7.4.3.105, and older unsupported versions ...)
+ TODO: check
+CVE-2025-43792 (Remote staging in Liferay Portal 7.4.0 through 7.4.3.105, and older un ...)
+ TODO: check
+CVE-2025-43791 (Multiple cross-site scripting (XSS) vulnerabilities in Liferay Portal ...)
+ TODO: check
+CVE-2025-3025 (Elevation of Privileges in the cleaning feature of Gen Digital CCleane ...)
+ TODO: check
+CVE-2025-36082 (IBM OpenPages 9.0 and 9.1 allows web page cache to be stored locally w ...)
+ TODO: check
+CVE-2025-10491 (The MongoDB Windows installation MSI may leave ACLs unset on custom in ...)
+ TODO: check
+CVE-2025-10475 (A weakness has been identified in SpyShelter up to 15.4.0.1015. Affect ...)
+ TODO: check
+CVE-2025-10473 (A security flaw has been discovered in yangzongzhuan RuoYi up to 4.8.1 ...)
+ TODO: check
+CVE-2025-10472 (A vulnerability has been found in harry0703 MoneyPrinterTurbo up to 1. ...)
+ TODO: check
+CVE-2025-10471 (A vulnerability was detected in ZKEACMS 4.3. Impacted is the function ...)
+ TODO: check
+CVE-2025-10459 (A security flaw has been discovered in PHPGurukul Beauty Parlour Manag ...)
+ TODO: check
+CVE-2025-10448 (A flaw has been found in Campcodes Online Job Finder System 1.0. This ...)
+ TODO: check
+CVE-2025-10447 (A vulnerability was detected in Campcodes Online Job Finder System 1.0 ...)
+ TODO: check
+CVE-2025-10446 (A security vulnerability has been detected in Campcodes Computer Sales ...)
+ TODO: check
+CVE-2025-10445 (A weakness has been identified in Campcodes Computer Sales and Invento ...)
+ TODO: check
+CVE-2025-10444 (A security flaw has been discovered in Campcodes Online Job Finder Sys ...)
+ TODO: check
+CVE-2025-10443 (A vulnerability was identified in Tenda AC9 and AC15 15.03.05.14/15.03 ...)
+ TODO: check
+CVE-2025-10442 (A vulnerability was determined in Tenda AC9 and AC15 15.03.05.14. This ...)
+ TODO: check
+CVE-2025-10441 (A vulnerability was found in D-Link DI-8100G, DI-8200G and DI-8003G 17 ...)
+ TODO: check
+CVE-2025-10440 (A vulnerability has been found in D-Link DI-8100, DI-8100G, DI-8200, D ...)
+ TODO: check
+CVE-2025-10436 (A weakness has been identified in Campcodes Computer Sales and Invento ...)
+ TODO: check
+CVE-2025-10435 (A security flaw has been discovered in Campcodes Computer Sales and In ...)
+ TODO: check
+CVE-2025-10434 (A vulnerability was identified in IbuyuCMS up to 2.6.3. Impacted is an ...)
+ TODO: check
+CVE-2025-10203 (Relative path traversal vulnerability due to improper input validation ...)
+ TODO: check
+CVE-2022-50338 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 5.5.13-1
NOTE: https://git.kernel.org/linus/27a594bc7a7c8238d239e3cdbcf2edfa3bbe9a1b (5.4.224)
-CVE-2022-50337 [ocxl: fix pci device refcount leak when calling get_function_0()]
+CVE-2022-50337 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/27158c72678b39ee01cc01de1aba6b51c71abe2f (6.2-rc1)
-CVE-2022-50336 [fs/ntfs3: Add null pointer check to attr_load_runs_vcn]
+CVE-2022-50336 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/2681631c29739509eec59cc0b34e977bb04c6cf1 (6.2-rc1)
-CVE-2022-50335 [9p: set req refcount to zero to avoid uninitialized usage]
+CVE-2022-50335 (In the Linux kernel, the following vulnerability has been resolved: 9 ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/26273ade77f54716e30dfd40ac6e85ceb54ac0f9 (6.2-rc1)
-CVE-2022-50334 [hugetlbfs: fix null-ptr-deref in hugetlbfs_parse_param()]
+CVE-2022-50334 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/26215b7ee923b9251f7bb12c4e5f09dc465d35f2 (6.2-rc1)
-CVE-2022-50333 [fs: jfs: fix shift-out-of-bounds in dbDiscardAG]
+CVE-2022-50333 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/25e70c6162f207828dd405b432d8f2a98dbf7082 (6.2-rc1)
-CVE-2022-50332 [video/aperture: Call sysfb_disable() before removing PCI devices]
+CVE-2022-50332 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/25a6688f27ff54f97adf7cce1d7e18c38bf51eb4 (6.0.6)
-CVE-2022-50331 [wwan_hwsim: fix possible memory leak in wwan_hwsim_dev_new()]
+CVE-2022-50331 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/258ad2fe5ede773625adfda88b173f4123e59f45 (6.1-rc2)
-CVE-2022-50330 [crypto: cavium - prevent integer overflow loading firmware]
+CVE-2022-50330 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2526d6bf27d15054bb0778b2f7bc6625fd934905 (6.1-rc1)
-CVE-2022-50329 [block, bfq: fix uaf for bfqq in bfq_exit_icq_bfqq]
+CVE-2022-50329 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/246cf66e300b76099b5dbd3fdd39e9a5dbc53f02 (6.2-rc2)
-CVE-2022-50328 [jbd2: fix potential use-after-free in jbd2_fc_wait_bufs]
+CVE-2022-50328 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/243d1a5d505d0b0460c9af0ad56ed4a56ef0bebd (6.1-rc1)
-CVE-2022-50327 [ACPI: processor: idle: Check acpi_fetch_acpi_dev() return value]
+CVE-2022-50327 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/2437513a814b3e93bd02879740a8a06e52e2cf7d (6.2-rc1)
-CVE-2022-50326 [media: airspy: fix memory leak in airspy probe]
+CVE-2022-50326 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/23bc5eb55f8c9607965c20d9ddcc13cb1ae59568 (6.1-rc1)
-CVE-2022-50325 [ASoC: Intel: avs: Fix potential RX buffer overflow]
+CVE-2022-50325 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/23ae34e033b2c0e5e88237af82b163b296fd6aa9 (6.2-rc1)
-CVE-2022-50324 [mtd: maps: pxa2xx-flash: fix memory leak in probe]
+CVE-2022-50324 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2399401feee27c639addc5b7e6ba519d3ca341bf (6.2-rc1)
-CVE-2022-50323 [net: do not sense pfmemalloc status in skb_append_pagefrags()]
+CVE-2022-50323 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/228ebc41dfab5b5d34cd76835ddb0ca8ee12f513 (6.1-rc3)
-CVE-2022-50322 [rtc: msc313: Fix function prototype mismatch in msc313_rtc_probe()]
+CVE-2022-50322 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/21b8a1dd56a163825e5749b303858fb902ebf198 (6.2-rc1)
-CVE-2022-50321 [wifi: brcmfmac: fix potential memory leak in brcmf_netdev_start_xmit()]
+CVE-2022-50321 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/212fde3fe76e962598ce1d47b97cc78afdfc71b3 (6.3-rc1)
-CVE-2022-50320 [ACPI: tables: FPDT: Don't call acpi_os_map_memory() on invalid phys address]
+CVE-2022-50320 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/211391bf04b3c74e250c566eeff9cf808156c693 (6.1-rc1)
-CVE-2022-50319 [coresight: trbe: remove cpuhp instance node before remove cpuhp state]
+CVE-2022-50319 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/20ee8c223f792947378196307d8e707c9cdc2d61 (6.2-rc1)
-CVE-2022-50318 [perf/x86/intel/uncore: Fix reference count leak in hswep_has_limit_sbox()]
+CVE-2022-50318 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/1ff9dd6e7071a561f803135c1d684b13c7a7d01d (6.2-rc1)
-CVE-2022-50317 [drm/bridge: megachips: Fix a null pointer dereference bug]
+CVE-2022-50317 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1ff673333d46d2c1b053ebd0c1c7c7c79e36943e (6.1-rc1)
-CVE-2022-50316 [orangefs: Fix kmemleak in orangefs_sysfs_init()]
+CVE-2022-50316 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/1f2c0e8a587bcafad85019a2d80f158d8d41a868 (6.2-rc1)
-CVE-2023-53262 [f2fs: fix scheduling while atomic in decompression path]
+CVE-2023-53262 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1aa161e43106d46ca8e9a86f4aa28d420258134b (6.4-rc1)
-CVE-2023-53261 [coresight: Fix memory leak in acpi_buffer->pointer]
+CVE-2023-53261 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.5.3-1
NOTE: https://git.kernel.org/linus/1a9e02673e2550f5612099e64e8761f0c8fc0f50 (6.6-rc1)
-CVE-2023-53260 [ovl: fix null pointer dereference in ovl_permission()]
+CVE-2023-53260 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1a73f5b8f079fd42a544c1600beface50c63af7c (6.5-rc1)
-CVE-2023-53259 [VMCI: check context->notify_page after call to get_user_pages_fast() to avoid GPF]
+CVE-2023-53259 (In the Linux kernel, the following vulnerability has been resolved: V ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/1a726cb47fd204109c767409fa9ca15a96328f14 (6.3-rc1)
-CVE-2023-53258 [drm/amd/display: Fix possible underflow for displays with large vblank]
+CVE-2023-53258 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/1a4bcdbea4319efeb26cc4b05be859a7867e02dc (6.5-rc1)
-CVE-2023-53257 [wifi: mac80211: check S1G action frame size]
+CVE-2023-53257 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/19e4a47ee74718a22e963e8a647c8c3bfe8bb05c (6.6-rc1)
-CVE-2023-53256 [firmware: arm_ffa: Fix FFA device names for logical partitions]
+CVE-2023-53256 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/19b8766459c41c6f318f8a548cc1c66dffd18363 (6.4-rc4)
-CVE-2023-53255 [firmware: stratix10-svc: Fix a potential resource leak in svc_create_memory_pool()]
+CVE-2023-53255 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/1995f15590ca222f91193ed11461862b450abfd6 (6.5-rc1)
-CVE-2023-53254 [cacheinfo: Fix shared_cpu_map to handle shared caches at different levels]
+CVE-2023-53254 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/198102c9103fc78d8478495971947af77edb05c1 (6.3-rc1)
-CVE-2023-53253 [HID: nvidia-shield: Reference hid_device devm allocation of input_dev name]
+CVE-2023-53253 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.5.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/197d3143520fec9fde89aebabc9f0d7464f08e50 (6.6-rc1)
-CVE-2023-53252 [Bluetooth: use RCU for hci_conn_params and iterate safely in hci_sync]
+CVE-2023-53252 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/195ef75e19287b4bc413da3e3e3722b030ac881e (6.5-rc3)
-CVE-2023-53251 [wifi: iwlwifi: pcie: fix NULL pointer dereference in iwl_pcie_irq_rx_msix_handler()]
+CVE-2023-53251 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1902f1953b8ba100ee8705cb8a6f1a9795550eca (6.5-rc1)
-CVE-2023-53250 [firmware: dmi-sysfs: Fix null-ptr-deref in dmi_sysfs_register_handle]
+CVE-2023-53250 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/18e126e97c961f7a93823795c879d7c085fe5098 (6.3-rc1)
-CVE-2023-53249 [clk: imx: clk-imx8mn: fix memory leak in imx8mn_clocks_probe]
+CVE-2023-53249 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/188d070de9132667956f5aadd98d2bd87d3eac89 (6.5-rc1)
-CVE-2023-53248 [drm/amdgpu: install stub fence into potential unused fence pointers]
+CVE-2023-53248 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/187916e6ed9d0c3b3abc27429f7a5f8c936bd1f0 (6.5-rc1)
-CVE-2023-53247 [btrfs: set_page_extent_mapped after read_folio in btrfs_cont_expand]
+CVE-2023-53247 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/17b17fcd6d446b95904a6929c40012ee7f0afc0c (6.5-rc3)
-CVE-2023-53246 [cifs: fix DFS traversal oops without CONFIG_CIFS_DFS_UPCALL]
+CVE-2023-53246 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/179a88a8558bbf42991d361595281f3e45d7edfc (6.3-rc5)
-CVE-2023-53245 [scsi: storvsc: Fix handling of virtual Fibre Channel timeouts]
+CVE-2023-53245 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/175544ad48cbf56affeef2a679c6a4d4fb1e2881 (6.5-rc6)
-CVE-2023-53244 [media: pci: tw68: Fix null-ptr-deref bug in buf prepare and finish]
+CVE-2023-53244 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/1634b7adcc5bef645b3666fdd564e5952a9e24e0 (6.4-rc1)
-CVE-2023-53243 [btrfs: add handling for RAID1C23/DUP to btrfs_reduce_alloc_profile]
+CVE-2023-53243 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/160fe8f6fdb13da6111677be6263e5d65e875987 (6.5-rc1)
-CVE-2022-50315 [ata: ahci: Match EM_MAX_SLOTS with SATA_PMP_MAX_PORTS]
+CVE-2022-50315 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1e41e693f458eef2d5728207dbd327cd3b16580a (6.1-rc2)
-CVE-2022-50314 [nbd: Fix hung when signal interrupts nbd_start_device_ioctl()]
+CVE-2022-50314 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1de7c3cf48fc41cd95adb12bd1ea9033a917798a (6.1-rc1)
-CVE-2022-50313 [erofs: fix order >= MAX_ORDER warning due to crafted negative i_size]
+CVE-2022-50313 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.234-1
NOTE: https://git.kernel.org/linus/1dd73601a1cba37a0ed5f89a8662c90191df5873 (6.1-rc1)
-CVE-2022-50312 [drivers: serial: jsm: fix some leaks in probe]
+CVE-2022-50312 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1d5859ef229e381f4db38dce8ed58e4bf862006b (6.1-rc1)
-CVE-2022-50311 [cxl: Fix refcount leak in cxl_calc_capp_routing]
+CVE-2022-50311 (In the Linux kernel, the following vulnerability has been resolved: c ...)
NOTE: https://git.kernel.org/linus/1d09697ff22908ae487fc8c4fbde1811732be523 (6.2-rc1)
-CVE-2022-50310 [ip6mr: fix UAF issue in ip6mr_sk_done() when addrconf_init_net() failed]
+CVE-2022-50310 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1ca695207ed2271ecbf8ee6c641970f621c157cc (6.1-rc2)
-CVE-2022-50309 [media: xilinx: vipp: Fix refcount leak in xvip_graph_dma_init]
+CVE-2022-50309 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1c78f19c3a0ea312a8178a6bfd8934eb93e9b10a (6.1-rc1)
-CVE-2022-50308 [ASoC: qcom: Add checks for devm_kcalloc]
+CVE-2022-50308 (In the Linux kernel, the following vulnerability has been resolved: A ...)
NOTE: https://git.kernel.org/linus/1bf5ee979076ceb121ee51c95197d890b1cee7f4 (6.2-rc1)
-CVE-2022-50307 [s390/cio: fix out-of-bounds access on cio_ignore free]
+CVE-2022-50307 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1b6074112742f65ece71b0f299ca5a6a887d2db6 (6.1-rc3)
-CVE-2022-50306 [ext4: fix potential out of bound read in ext4_fc_replay_scan()]
+CVE-2022-50306 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.0.6-1
NOTE: https://git.kernel.org/linus/1b45cc5c7b920fd8bf72e5a888ec7abeadf41e09 (6.1-rc1)
-CVE-2022-50305 [ASoC: sof_es8336: fix possible use-after-free in sof_es8336_remove()]
+CVE-2022-50305 (In the Linux kernel, the following vulnerability has been resolved: A ...)
NOTE: https://git.kernel.org/linus/1b41beaa7a58467505ec3023af8aad74f878b888 (6.2-rc1)
-CVE-2022-50304 [mtd: core: fix possible resource leak in init_mtd()]
+CVE-2022-50304 (In the Linux kernel, the following vulnerability has been resolved: m ...)
NOTE: https://git.kernel.org/linus/1aadf01e5076b9ab6bf294b9622335c651314895 (6.2-rc1)
-CVE-2022-50303 [drm/amdkfd: Fix double release compute pasid]
+CVE-2022-50303 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.7-1
NOTE: https://git.kernel.org/linus/1a799c4c190ea9f0e81028e3eb3037ed0ab17ff5 (6.2-rc1)
-CVE-2022-50302 [lockd: set other missing fields when unlocking files]
+CVE-2022-50302 (In the Linux kernel, the following vulnerability has been resolved: l ...)
NOTE: https://git.kernel.org/linus/18ebd35b61b4693a0ddc270b6d4f18def232e770 (6.2-rc1)
-CVE-2022-50301 [iommu/omap: Fix buffer overflow in debugfs]
+CVE-2022-50301 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/184233a5202786b20220acd2d04ddf909ef18f29 (6.1-rc1)
-CVE-2022-50300 [btrfs: fix extent map use-after-free when handling missing device in read_one_chunk]
+CVE-2022-50300 (In the Linux kernel, the following vulnerability has been resolved: b ...)
NOTE: https://git.kernel.org/linus/1742e1c90c3da344f3bb9b1f1309b3f47482756a (6.2-rc1)
-CVE-2022-50299 [md: Replace snprintf with scnprintf]
+CVE-2022-50299 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/1727fd5015d8f93474148f94e34cda5aa6ad4a43 (6.1-rc1)
-CVE-2022-50298 [slimbus: qcom-ngd: cleanup in probe error path]
+CVE-2022-50298 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/16f14551d0df9e7cd283545d7d748829594d912f (6.1-rc1)
-CVE-2022-50297 [wifi: ath9k: verify the expected usb_endpoints are present]
+CVE-2022-50297 (In the Linux kernel, the following vulnerability has been resolved: w ...)
NOTE: https://git.kernel.org/linus/16ef02bad239f11f322df8425d302be62f0443ce (6.2-rc1)
-CVE-2022-50296 [UM: cpuinfo: Fix a warning for CONFIG_CPUMASK_OFFSTACK]
+CVE-2022-50296 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/16c546e148fa6d14a019431436a6f7b4087dbccd (6.1-rc1)
-CVE-2022-50295 [io_uring/msg_ring: Fix NULL pointer dereference in io_msg_send_fd()]
+CVE-2022-50295 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/16bbdfe5fb0e78e0acb13e45fc127e9a296913f2 (6.1-rc2)
-CVE-2022-50294 [wifi: libertas: fix memory leak in lbs_init_adapter()]
+CVE-2022-50294 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/16a03958618fb91bb1bc7077cf3211055162cc2f (6.3-rc1)
-CVE-2022-50293 [btrfs: do not BUG_ON() on ENOMEM when dropping extent items for a range]
+CVE-2022-50293 (In the Linux kernel, the following vulnerability has been resolved: b ...)
NOTE: https://git.kernel.org/linus/162d053e15fe985f754ef495a96eb3db970c43ed (6.2-rc1)
-CVE-2022-50292 [drm/msm/dp: fix bridge lifetime]
+CVE-2022-50292 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/16194958f888d63839042d1190f7001e5ddec47b (6.1-rc3)
-CVE-2022-50291 [kcm: annotate data-races around kcm->rx_psock]
+CVE-2022-50291 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.0.7-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/15e4dabda11b0fa31d510a915d1a580f47dfc92e (6.1-rc3)
-CVE-2023-53242 [thermal/drivers/hisi: Drop second sensor hi3660]
+CVE-2023-53242 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/15cc25829a97c3957e520e971868aacc84341317 (6.3-rc1)
-CVE-2023-53241 [nfsd: call op_release, even when op_func returns an error]
+CVE-2023-53241 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.221-1
NOTE: https://git.kernel.org/linus/15a8b55dbb1ba154d82627547c5761cac884d810 (6.3-rc6)
-CVE-2023-53240 [xsk: check IFF_UP earlier in Tx path]
+CVE-2023-53240 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1596dae2f17ec5c6e8c8f0e3fec78c5ae55c1e0b (6.3-rc1)
-CVE-2023-53239 [drm/msm/mdp5: Add check for kzalloc]
+CVE-2023-53239 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/13fcfcb2a9a4787fe4e49841d728f6f2e9fa6911 (6.3-rc1)
-CVE-2023-53238 [phy: hisilicon: Fix an out of bounds check in hisi_inno_phy_probe()]
+CVE-2023-53238 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/13c088cf3657d70893d75cf116be937f1509cc0f (6.5-rc4)
-CVE-2023-53237 [drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v11_0_hw_fini]
+CVE-2023-53237 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/13af556104fa93b1945c70bbf8a0a62cd2c92879 (6.4-rc1)
-CVE-2023-53236 [iommufd: Do not corrupt the pfn list when doing batch carry]
+CVE-2023-53236 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/13a0d1ae7ee6b438f5537711a8c60cba00554943 (6.3-rc6)
-CVE-2023-53235 [drm/tests: helpers: Avoid a driver uaf]
+CVE-2023-53235 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.5.6-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/139a27854bf5ce93ff9805f9f7683b88c13074dc (6.6-rc2)
-CVE-2023-53234 [watchdog: Fix kmemleak in watchdog_cdev_register]
+CVE-2023-53234 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/13721a2ac66b246f5802ba1b75ad8637e53eeecc (6.3-rc1)
-CVE-2023-53233 [net/smc: fix deadlock triggered by cancel_delayed_work_syn()]
+CVE-2023-53233 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/13085e1b5cab8ad802904d72e6a6dae85ae0cd20 (6.3-rc3)
-CVE-2023-53232 [mt76: mt7921: fix kernel panic by accessing unallocated eeprom.data]
+CVE-2023-53232 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/12db28c3ef31f719bd18fa186a40bb152e6a527c (6.4-rc1)
-CVE-2023-53231 [erofs: Fix detection of atomic context]
+CVE-2023-53231 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.4.11-1
NOTE: https://git.kernel.org/linus/12d0a24afd9ea58e581ea64d64e066f2027b28d9 (6.5-rc1)
-CVE-2023-53230 [smb: client: fix warning in cifs_smb3_do_mount()]
+CVE-2023-53230 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/12c30f33cc6769bf411088a2872843c4f9ea32f9 (6.5-rc1)
-CVE-2023-53229 [wifi: mac80211: fix invalid drv_sta_pre_rcu_remove calls for non-uploaded sta]
+CVE-2023-53229 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/12b220a6171faf10638ab683a975cadcf1a352d6 (6.3-rc6)
-CVE-2023-53228 [drm/amdgpu: drop redundant sched job cleanup when cs is aborted]
+CVE-2023-53228 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1253685f0d3eb3eab0bfc4bf15ab341a5f3da0c8 (6.4-rc1)
-CVE-2023-53227 [ubifs: dirty_cow_znode: Fix memleak in error handling path]
+CVE-2023-53227 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/122deabfe1428bffe95e2bf364ff8a5059bdf089 (6.3-rc1)
-CVE-2023-53226 [wifi: mwifiex: Fix OOB and integer underflow when rx packets]
+CVE-2023-53226 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/11958528161731c58e105b501ed60b83a91ea941 (6.6-rc1)
-CVE-2023-53225 [spi: imx: Don't skip cleanup in remove's error path]
+CVE-2023-53225 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/11951c9e3f364d7ae3b568a0e52c8335d43066b5 (6.4-rc1)
-CVE-2023-53224 [ext4: Fix function prototype mismatch for ext4_feat_ktype]
+CVE-2023-53224 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.15-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/118901ad1f25d2334255b3d50512fa20591531cd (6.3-rc1)
-CVE-2023-53223 [drm/msm/dsi: Add missing check for alloc_ordered_workqueue]
+CVE-2023-53223 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/115906ca7b535afb1fe7b5406c566ccd3873f82b (6.3-rc1)
-CVE-2023-53222 [jfs: jfs_dmap: Validate db_l2nbperpage while mounting]
+CVE-2023-53222 (In the Linux kernel, the following vulnerability has been resolved: j ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/11509910c599cbd04585ec35a6d5e1a0053d84c1 (6.5-rc1)
-CVE-2023-53221 [bpf: Fix memleak due to fentry attach failure]
+CVE-2023-53221 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/108598c39eefbedc9882273ac0df96127a629220 (6.5-rc1)
-CVE-2023-53220 [media: az6007: Fix null-ptr-deref in az6007_i2c_xfer()]
+CVE-2023-53220 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/1047f9343011f2cedc73c64829686206a7e9fc3f (6.6-rc1)
-CVE-2023-53219 [media: netup_unidvb: fix use-after-free at del_timer()]
+CVE-2023-53219 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/0f5bb36bf9b39a2a96e730bf4455095b50713f63 (6.4-rc3)
-CVE-2023-53218 [rxrpc: Make it so that a waiting process can be aborted]
+CVE-2023-53218 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.3.7-1
NOTE: https://git.kernel.org/linus/0eb362d254814ce04848730bf32e75b8ee1a4d6c (6.4-rc1)
-CVE-2023-53217 [nubus: Partially revert proc_create_single_data() conversion]
+CVE-2023-53217 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.38-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/0e96647cff9224db564a1cee6efccb13dbe11ee2 (6.5-rc1)
-CVE-2023-53216 [arm64: efi: Make efi_rt_lock a raw_spinlock]
+CVE-2023-53216 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0e68b5517d3767562889f1d83fdb828c26adb24f (6.3-rc1)
-CVE-2023-53215 [sched/fair: Don't balance task to its current running CPU]
+CVE-2023-53215 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/0dd37d6dd33a9c23351e6115ae8cdac7863bc7de (6.5-rc1)
-CVE-2023-53214 [f2fs: fix to avoid potential memory corruption in __update_iostat_latency()]
+CVE-2023-53214 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0dbbf0fb38d5ec5d4138d1aeaeb43d9217b9a592 (6.3-rc1)
-CVE-2023-53213 [wifi: brcmfmac: slab-out-of-bounds read in brcmf_get_assoc_ies()]
+CVE-2023-53213 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.27-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/0da40e018fd034d87c9460123fa7f897b69fdee7 (6.4-rc1)
CVE-2023-53212
REJECTED
-CVE-2023-53211 [driver core: location: Free struct acpi_pld_info *pld before return false]
+CVE-2023-53211 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0d150f967e8410e1e6712484543eec709356a65d (6.3-rc1)
-CVE-2023-53210 [md/raid5-cache: fix null-ptr-deref for r5l_flush_stripe_to_raid()]
+CVE-2023-53210 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0d0bd28c500173bfca78aa840f8f36d261ef1765 (6.6-rc1)
-CVE-2023-53209 [wifi: mac80211_hwsim: Fix possible NULL dereference]
+CVE-2023-53209 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/0cc80943ef518a1c51a1111e9346d1daf11dd545 (6.5-rc1)
-CVE-2023-53208 [KVM: nSVM: Load L1's TSC multiplier based on L1 state, not L2 state]
+CVE-2023-53208 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0c94e2468491cbf0754f49a5136ab51294a96b69 (6.6-rc1)
-CVE-2023-53207 [ublk: fail to recover device if queue setup is interrupted]
+CVE-2023-53207 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0c0cbd4ebc375ceebc75c89df04b74f215fab23a (6.5-rc4)
-CVE-2023-53206 [hwmon: (pmbus_core) Fix NULL pointer dereference]
+CVE-2023-53206 (In the Linux kernel, the following vulnerability has been resolved: h ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0bd66784274a287beada2933c2c0fa3a0ddae0d7 (6.5-rc4)
-CVE-2023-53205 [KVM: s390/diag: fix racy access of physical cpu number in diag 9c handler]
+CVE-2023-53205 (In the Linux kernel, the following vulnerability has been resolved: K ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0bc380beb78aa352eadbc21d934dd9606fcee808 (6.5-rc1)
-CVE-2023-53204 [af_unix: Fix data-races around user->unix_inflight.]
+CVE-2023-53204 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/0bc36c0650b21df36fbec8136add83936eaf0607 (6.6-rc1)
-CVE-2023-53203 [wifi: mt76: mt7996: rely on mt76_connac2_mac_tx_rate_val]
+CVE-2023-53203 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0b8e2d69467f78a7c9d87b452220e87012435e33 (6.3-rc1)
-CVE-2023-53202 [PM: domains: fix memory leak with using debugfs_lookup()]
+CVE-2023-53202 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/0b6200e1e9f53dabdc30d0f6c51af9a5f664d32b (6.3-rc1)
-CVE-2023-53201 [RDMA/bnxt_re: wraparound mbox producer index]
+CVE-2023-53201 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/0af91306e17ef3d18e5f100aa58aa787869118af (6.5-rc1)
-CVE-2023-53200 [netfilter: x_tables: fix percpu counter block leak on error path when creating new netns]
+CVE-2023-53200 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/0af8c09c896810879387decfba8c942994bb61f5 (6.3-rc1)
-CVE-2023-53199 [wifi: ath9k: hif_usb: clean up skbs if ath9k_hif_usb_rx_stream() fails]
+CVE-2023-53199 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0af54343a76263a12dbae7fafb64eb47c4a6ad38 (6.3-rc1)
-CVE-2022-50290 [wifi: mac80211: fix memory leak in ieee80211_if_add()]
+CVE-2022-50290 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/13e5afd3d773c6fc6ca2b89027befaaaa1ea7293 (6.2-rc1)
-CVE-2022-50289 [ocfs2: fix memory leak in ocfs2_stack_glue_init()]
+CVE-2022-50289 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/13b6269dd022aaa69ca8d1df374ab327504121cf (6.2-rc1)
-CVE-2022-50288 [qlcnic: prevent ->dcb use-after-free on qlcnic_dcb_enable() failure]
+CVE-2022-50288 (In the Linux kernel, the following vulnerability has been resolved: q ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/13a7c8964afcd8ca43c0b6001ebb0127baa95362 (6.2-rc3)
-CVE-2022-50287 [drm/i915/bios: fix a memory leak in generate_lfp_data_ptrs]
+CVE-2022-50287 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/1382901f75a5a7dc8eac05059fd0c7816def4eae (6.2-rc1)
-CVE-2022-50286 [ext4: fix delayed allocation bug in ext4_clu_mapped for bigalloc + inline]
+CVE-2022-50286 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/131294c35ed6f777bd4e79d42af13b5c41bf2775 (6.2-rc1)
-CVE-2022-50285 [mm,hugetlb: take hugetlb_lock before decrementing h->resv_huge_pages]
+CVE-2022-50285 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/12df140f0bdfae5dcfc81800970dd7f6f632e00c (6.1-rc2)
-CVE-2022-50284 [ipc: fix memory leak in init_mqueue_fs()]
+CVE-2022-50284 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/12b677f2c697d61e5ddbcb6c1650050a39392f54 (6.2-rc1)
-CVE-2022-50283 [mtd: core: add missing of_node_get() in dynamic partitions code]
+CVE-2022-50283 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/12b58961de0bd88b3c7dfa5d21f6d67f4678b780 (6.1-rc3)
-CVE-2022-50282 [chardev: fix error handling in cdev_device_add()]
+CVE-2022-50282 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/11fa7fefe3d8fac7da56bc9aa3dd5fb3081ca797 (6.2-rc1)
-CVE-2022-50281 [MIPS: SGI-IP27: Fix platform-device leak in bridge_platform_create()]
+CVE-2022-50281 (In the Linux kernel, the following vulnerability has been resolved: M ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/11bec9cba4de06b3c0e9e4041453c2caaa1cbec1 (6.1-rc1)
-CVE-2022-50280 [pnode: terminate at peers of source]
+CVE-2022-50280 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/11933cf1d91d57da9e5c53822a540bbdc2656c16 (6.2-rc1)
-CVE-2022-50279 [wifi: rtlwifi: Fix global-out-of-bounds bug in _rtl8812ae_phy_set_txpower_limit()]
+CVE-2022-50279 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/117dbeda22ec5ea0918254d03b540ef8b8a64d53 (6.3-rc1)
-CVE-2022-50278 [PNP: fix name memory leak in pnp_alloc_dev()]
+CVE-2022-50278 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/110d7b0325c55ff3620073ba4201845f59e22ebf (6.2-rc1)
-CVE-2022-50277 [ext4: don't allow journal inode to have encrypt flag]
+CVE-2022-50277 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/105c78e12468413e426625831faa7db4284e1fec (6.2-rc1)
-CVE-2022-50276 [power: supply: fix null pointer dereferencing in power_supply_get_battery_info]
+CVE-2022-50276 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/104bb8a663451404a26331263ce5b96c34504049 (6.2-rc1)
-CVE-2022-50275 [drm/radeon: Add the missed acpi_put_table() to fix memory leak]
+CVE-2022-50275 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/10276a20be1115e1f76c189330da2992df980eee (6.2-rc1)
-CVE-2022-50274 [media: dvbdev: adopts refcnt to avoid UAF]
+CVE-2022-50274 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0fc044b2b5e2d05a1fa1fb0d7f270367a7855d79 (6.2-rc1)
-CVE-2022-50273 [f2fs: fix to do sanity check on destination blkaddr during recovery]
+CVE-2022-50273 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0ef4ca04a3f9223ff8bc440041c524b2123e09a3 (6.1-rc1)
-CVE-2022-50272 [media: dvb-usb: az6027: fix null-ptr-deref in az6027_i2c_xfer()]
+CVE-2022-50272 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0ed554fd769a19ea8464bb83e9ac201002ef74ad (6.2-rc1)
-CVE-2022-50271 [vhost/vsock: Use kvmalloc/kvfree for larger packets.]
+CVE-2022-50271 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0e3f72931fc47bb81686020cc643cde5d9cd0bb8 (6.1-rc1)
-CVE-2022-50270 [f2fs: fix the assign logic of iocb]
+CVE-2022-50270 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0db18eec0d9a7ee525209e31e3ac2f673545b12f (6.2-rc1)
-CVE-2022-50269 [drm/vkms: Fix memory leak in vkms_init()]
+CVE-2022-50269 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0d0b368b9d104b437e1f4850ae94bdb9a3601e89 (6.3-rc1)
-CVE-2022-50268 [mmc: moxart: fix return value check of mmc_add_host()]
+CVE-2022-50268 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0ca18d09c744fb030ae9bc5836c3e357e0237dea (6.2-rc1)
-CVE-2022-50267 [mmc: rtsx_pci: fix return value check of mmc_add_host()]
+CVE-2022-50267 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/0c87db77423a282b3b38b8a6daf057b822680516 (6.2-rc1)
-CVE-2022-50266 [kprobes: Fix check for probe enabled in kill_kprobe()]
+CVE-2022-50266 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/0c76ef3f26d5ef2ac2c21b47e7620cff35809fbb (6.2-rc1)
-CVE-2022-50265 [kcm: annotate data-races around kcm->rx_wait]
+CVE-2022-50265 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.0.7-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0c745b5141a45a076f1cb9772a399f7ebcb0948a (6.1-rc3)
-CVE-2022-50264 [clk: socfpga: Fix memory leak in socfpga_gate_init()]
+CVE-2022-50264 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0b8ba891ad4d1ef6bfa4c72efc83f9f9f855f68b (6.2-rc1)
-CVE-2022-50263 [vdpasim: fix memory leak when freeing IOTLBs]
+CVE-2022-50263 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.1.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0b7a04a30eef20e6b24926a45c0ce7906ae85bd6 (6.2-rc3)
-CVE-2022-50262 [fs/ntfs3: Validate BOOT record_size]
+CVE-2022-50262 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/0b66046266690454dc04e6307bcff4a5605b42a1 (6.2-rc1)
-CVE-2023-53198 [raw: Fix NULL deref in raw_get_next().]
+CVE-2023-53198 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0a78cf7264d29abeca098eae0b188a10aabc8a32 (6.3-rc6)
-CVE-2023-53197 [USB: uhci: fix memory leak with using debugfs_lookup()]
+CVE-2023-53197 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/0a3f82c79c86278e7f144564b1cb6cc5c3657144 (6.3-rc1)
-CVE-2023-53196 [usb: dwc3: qcom: Fix potential memory leak]
+CVE-2023-53196 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/097fb3ee710d4de83b8d4f5589e8ee13e0f0541e (6.5-rc1)
-CVE-2023-53195 [mlxsw: minimal: fix potential memory leak in mlxsw_m_linecards_init]
+CVE-2023-53195 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/08fc75735fda3be97194bfbf3c899c87abb3d0fe (6.5-rc1)
-CVE-2023-53194 [fs/ntfs3: Add length check in indx_get_root]
+CVE-2023-53194 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.82-1
NOTE: https://git.kernel.org/linus/08e8cf5f2d9ec383a2e339a2711b62a54ff3fba0 (6.4-rc1)
-CVE-2023-53193 [drm/amdgpu: fix amdgpu_irq_put call trace in gmc_v10_0_hw_fini]
+CVE-2023-53193 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/08c677cb0b436a96a836792bb35a8ec5de4999c2 (6.4-rc1)
-CVE-2023-53192 [vxlan: Fix nexthop hash size]
+CVE-2023-53192 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/0756384fb1bd38adb2ebcfd1307422f433a1d772 (6.5-rc5)
-CVE-2023-53191 [irqchip/alpine-msi: Fix refcount leak in alpine_msix_init_domains]
+CVE-2023-53191 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/071d068b89e95d1b078aa6bbcb9d0961b77d6aa1 (6.3-rc1)
-CVE-2023-53190 [vxlan: Fix memory leaks in error path]
+CVE-2023-53190 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.1.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/06bf62944144a92d83dd14fd1378d2a288259561 (6.2-rc3)
-CVE-2023-53189 [ipv6/addrconf: fix a potential refcount underflow for idev]
+CVE-2023-53189 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/06a0716949c22e2aefb648526580671197151acc (6.5-rc2)
-CVE-2023-53188 [net: openvswitch: fix race on port output]
+CVE-2023-53188 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.237-1
NOTE: https://git.kernel.org/linus/066b86787fa3d97b7aefb5ac0a99a22dad2d15f8 (6.3-rc7)
-CVE-2023-53187 [btrfs: fix use-after-free of new block group that became unused]
+CVE-2023-53187 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0657b20c5a76c938612f8409735a8830d257866e (6.5-rc3)
-CVE-2023-53186 [skbuff: Fix a race between coalescing and releasing SKBs]
+CVE-2023-53186 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0646dc31ca886693274df5749cd0c8c1eaaeb5ca (6.3-rc7)
-CVE-2023-53185 [wifi: ath9k: don't allow to overwrite ENDPOINT0 attributes]
+CVE-2023-53185 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/061b0cb9327b80d7a0f63a33e7c3e2a91a71f142 (6.5-rc1)
-CVE-2023-53184 [arm64/sme: Set new vector length before reallocating]
+CVE-2023-53184 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/05d881b85b48c7ac6a7c92ce00aa916c4a84d052 (6.5-rc4)
-CVE-2023-53183 [btrfs: exit gracefully if reloc roots don't match]
+CVE-2023-53183 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/05d7ce504545f7874529701664c90814ca645c5d (6.5-rc6)
-CVE-2023-53182 [ACPICA: Avoid undefined behavior: applying zero offset to null pointer]
+CVE-2023-53182 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/05bb0167c80b8f93c6a4e0451b7da9b96db990c2 (6.4-rc1)
-CVE-2023-53181 [dma-buf/dma-resv: Stop leaking on krealloc() failure]
+CVE-2023-53181 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/05abb3be91d8788328231ee02973ab3d47f5e3d2 (6.5-rc3)
-CVE-2023-53180 [wifi: ath12k: Avoid NULL pointer access during management transmit cleanup]
+CVE-2023-53180 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.4.11-1
NOTE: https://git.kernel.org/linus/054b5580a36e435692c203c19abdcb9f7734320e (6.5-rc1)
-CVE-2023-53179 [netfilter: ipset: add the missing IP_SET_HASH_WITH_NET0 macro for ip_set_hash_netportnet.c]
+CVE-2023-53179 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/050d91c03b28ca479df13dfb02bcd2c60dd6a878 (6.6-rc1)
-CVE-2023-53178 [mm: fix zswap writeback race condition]
+CVE-2023-53178 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/04fc7816089c5a32c29a04ec94b998e219dfb946 (6.4-rc3)
-CVE-2023-53177 [media: hi846: fix usage of pm_runtime_get_if_in_use()]
+CVE-2023-53177 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/04fc06f6dc1592ed5d675311ac50d8fba5db62ab (6.5-rc1)
-CVE-2023-53176 [serial: 8250: Reinit port->pm on port specific driver unbind]
+CVE-2023-53176 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/04e82793f068d2f0ffe62fcea03d007a8cdc16a7 (6.4-rc1)
-CVE-2023-53175 [PCI: hv: Fix a crash in hv_pci_restore_msi_msg() during hibernation]
+CVE-2023-53175 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/04bbe863241a9be7d57fb4cf217ee4a72f480e70 (6.6-rc1)
-CVE-2023-53174 [scsi: core: Fix possible memory leak if device_add() fails]
+CVE-2023-53174 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/04b5b5cb0136ce970333a9c6cec7e46adba1ea3a (6.5-rc6)
-CVE-2023-53173 [tty: pcn_uart: fix memory leak with using debugfs_lookup()]
+CVE-2023-53173 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/04a189c720aa2b6091442113ce9b9bc93552dff8 (6.3-rc1)
-CVE-2023-53172 [fsverity: reject FS_IOC_ENABLE_VERITY on mode 3 fds]
+CVE-2023-53172 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/04839139213cf60d4c5fc792214a08830e294ff8 (6.4-rc1)
-CVE-2023-53171 [vfio/type1: prevent underflow of locked_vm via exec()]
+CVE-2023-53171 (In the Linux kernel, the following vulnerability has been resolved: v ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/046eca5018f8a5dd1dc2cedf87fb5843b9ea3026 (6.3-rc1)
-CVE-2023-53170 [net: dsa: Removed unneeded of_node_put in felix_parse_ports_node]
+CVE-2023-53170 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/04499f28b40bfc24f20b0e2331008bb90a54a6cf (6.5-rc2)
-CVE-2023-53169 [x86/resctrl: Clear staged_config[] before and after it is used]
+CVE-2023-53169 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0424a7dfe9129b93f29b277511a60e87f052ac6b (6.3-rc3)
-CVE-2023-53168 [usb: ucsi_acpi: Increase the command completion timeout]
+CVE-2023-53168 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/02d210f434249a7edbc160969b75df030dc6934d (6.3-rc4)
-CVE-2023-53167 [tracing: Fix null pointer dereference in tracing_err_log_open()]
+CVE-2023-53167 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/02b0095e2fbbc060560c1065f86a211d91e27b26 (6.5-rc1)
-CVE-2023-53166 [power: supply: bq25890: Fix external_power_changed race]
+CVE-2023-53166 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/029a443b9b6424170f00f6dd5b7682e682cce92e (6.4-rc4)
-CVE-2023-53165 [udf: Fix uninitialized array access for some pathnames]
+CVE-2023-53165 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/028f6055c912588e6f72722d89c30b401bbcf013 (6.5-rc1)
-CVE-2023-53164 [irqchip/ti-sci: Fix refcount leak in ti_sci_intr_irq_domain_probe]
+CVE-2023-53164 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/02298b7bae12936ca313975b02e7f98b06670d37 (6.3-rc1)
-CVE-2023-53163 [fs/ntfs3: don't hold ni_lock when calling truncate_setsize()]
+CVE-2023-53163 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0226635c304cfd5c9db9b78c259cb713819b057e (6.2-rc3)
-CVE-2023-53153 [wifi: cfg80211: Fix use after free for wext]
+CVE-2023-53153 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/015b8cc5e7c4d7bb671f1984d7b7338c310b185b (6.3-rc1)
-CVE-2023-53152 [drm/amdgpu: fix calltrace warning in amddrm_buddy_fini]
+CVE-2023-53152 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/01382501509871d0799bab6bd412c228486af5bf (6.5-rc1)
-CVE-2023-53151 [md/raid10: prevent soft lockup while flush writes]
+CVE-2023-53151 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.85-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/010444623e7f4da6b4a4dd603a7da7469981e293 (6.5-rc1)
-CVE-2023-53150 [scsi: qla2xxx: Pointer may be dereferenced]
+CVE-2023-53150 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/00eca15319d9ce8c31cdf22f32a3467775423df4 (6.5-rc1)
-CVE-2023-53149 [ext4: avoid deadlock in fs reclaim with page writeback]
+CVE-2023-53149 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.3.7-1
NOTE: https://git.kernel.org/linus/00d873c17e29cc32d90ca852b82685f1673acaa5 (6.4-rc2)
-CVE-2023-53148 [igb: Fix igb_down hung on surprise removal]
+CVE-2023-53148 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/004d25060c78fc31f66da0fa439c544dda1ac9d5 (6.5-rc1)
-CVE-2023-53147 [xfrm: add NULL check in xfrm_update_ae_params]
+CVE-2023-53147 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/00374d9b6d9f932802b55181be9831aa948e5b7c (6.5-rc7)
-CVE-2022-50261 [drm/sti: Fix return type of sti_{dvo,hda,hdmi}_connector_mode_valid()]
+CVE-2022-50261 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0ad811cc08a937d875cbad0149c1bab17f84ba05 (6.2-rc1)
-CVE-2022-50260 [drm/msm: Make .remove and .shutdown HW shutdown consistent]
+CVE-2022-50260 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/0a58d2ae572adaec8d046f8d35b40c2c32ac7468 (6.1-rc1)
-CVE-2022-50259 [bpf, sockmap: fix race in sock_map_free()]
+CVE-2022-50259 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0a182f8d607464911756b4dbef5d6cad8de22469 (6.2-rc1)
-CVE-2022-50258 [wifi: brcmfmac: Fix potential stack-out-of-bounds in brcmf_c_preinit_dcmds()]
+CVE-2022-50258 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0a06cadcc2a0044e4a117cc0e61436fc3a0dad69 (6.3-rc1)
-CVE-2022-50257 [xen/gntdev: Prevent leaking grants]
+CVE-2022-50257 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0991028cd49567d7016d1b224fe0117c35059f86 (6.1-rc1)
-CVE-2022-50256 [drm/meson: remove drm bridges at aggregate driver unbind time]
+CVE-2022-50256 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/09847723c12fc2753749cec3939a02ee92dac468 (6.1-rc1)
-CVE-2022-50255 [tracing: Fix reading strings from synthetic events]
+CVE-2022-50255 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/0934ae9977c27133449b6dd8c6213970e7eece38 (6.1-rc1)
-CVE-2022-50254 [media: ov8865: Fix an error handling path in ov8865_probe()]
+CVE-2022-50254 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/080e0b7404850406628674b07286f16cc389a892 (6.1-rc2)
-CVE-2022-50253 [bpf: make sure skb->len != 0 when redirecting to a tunneling device]
+CVE-2022-50253 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/07ec7b502800ba9f7b8b15cb01dd6556bb41aaca (6.2-rc1)
-CVE-2022-50252 [igb: Do not free q_vector unless new one was allocated]
+CVE-2022-50252 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0668716506ca66f90d395f36ccdaebc3e0e84801 (6.2-rc1)
-CVE-2022-50251 [mmc: vub300: fix return value check of mmc_add_host()]
+CVE-2022-50251 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0613ad2401f88bdeae5594c30afe318e93b14676 (6.2-rc1)
-CVE-2022-50250 [regulator: core: fix use_count leakage when handling boot-on]
+CVE-2022-50250 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0591b14ce0398125439c759f889647369aa616a0 (6.2-rc1)
-CVE-2022-50249 [memory: of: Fix refcount leak bug in of_get_ddr_timings()]
+CVE-2022-50249 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/05215fb32010d4afb68fbdbb4d237df6e2d4567b (6.1-rc1)
-CVE-2022-50248 [wifi: iwlwifi: mvm: fix double free on tx path.]
+CVE-2022-50248 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0473cbae2137b963bd0eaa74336131cb1d3bc6c3 (6.2-rc1)
-CVE-2022-50247 [usb: xhci-mtk: fix leakage of shared hcd when fail to set wakeup irq]
+CVE-2022-50247 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/03a88b0bafbe3f548729d970d8366f48718c9b19 (6.2-rc1)
-CVE-2022-50246 [usb: typec: tcpci: fix of node refcount leak in tcpci_register_port()]
+CVE-2022-50246 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/0384e87e3fec735e47f1c133c796f32ef7a72a9b (6.2-rc1)
-CVE-2022-50245 [rapidio: fix possible UAF when kfifo_alloc() fails]
+CVE-2022-50245 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/02d7d89f816951e0862147d751b1150d67aaebdd (6.2-rc1)
-CVE-2022-50244 [Description:]
+CVE-2022-50244 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/02cd3032b154fa02fdf90e7467abaeed889330b2 (6.2-rc1)
-CVE-2022-50243 [sctp: handle the error returned from sctp_auth_asoc_init_active_key]
+CVE-2022-50243 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/022152aaebe116a25c39818a07e175a8cd3c1e11 (6.1-rc1)
-CVE-2022-50242 [drivers: net: qlcnic: Fix potential memory leak in qlcnic_sriov_init()]
+CVE-2022-50242 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/01de1123322e4fe1bbd0fcdf0982511b55519c03 (6.2-rc1)
-CVE-2022-50241 [NFSD: fix use-after-free on source server when doing inter-server copy]
+CVE-2022-50241 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/019805fea91599b22dfa62ffb29c022f35abeb06 (6.1-rc1)
-CVE-2022-50240 [binder: fix UAF of alloc->vma in race with munmap()]
+CVE-2022-50240 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 5.14.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/015ac18be7de25d17d6e5f1643cb3b60bfbe859e (5.10.154)
NOTE: Workaround the stable-only commit for 5.10.y: Mark the first version in
NOTE: unstable following the 5.10.y series as the fixed version. The issue was
NOTE: not affecting mainline.
-CVE-2022-50239 [cpufreq: qcom: fix writes in read-only memory region]
+CVE-2022-50239 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/01039fb8e90c9cb684430414bff70cea9eb168c5 (6.1-rc2)
-CVE-2022-50236 [iommu/mediatek: Fix crash on isr after kexec()]
+CVE-2022-50236 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/00ef8885a945c37551547d8ac8361cacd20c4e42 (6.2-rc1)
-CVE-2022-50235 [NFSD: Protect against send buffer overflow in NFSv2 READDIR]
+CVE-2022-50235 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.221-1
NOTE: https://git.kernel.org/linus/00b4492686e0497fdb924a9d4c8f6f99377e176c (6.1-rc1)
-CVE-2022-50234 [io_uring/af_unix: defer registered files gc to io_uring release]
+CVE-2022-50234 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/0091bfc81741b8d3aeb3b7ab8636f911b2de6e80 (6.1-rc1)
-CVE-2025-39804 [lib/crypto: arm64/poly1305: Fix register corruption in no-SIMD contexts]
+CVE-2025-39804 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.16.5-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/eec76ea5a7213c48529a46eed1b343e5cee3aaab (6.17-rc1)
-CVE-2025-39803 [scsi: ufs: core: Remove WARN_ON_ONCE() call from ufshcd_uic_cmd_compl()]
+CVE-2025-39803 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.16.5-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/e5203d89d59bfcbe1f348aa0d2dc4449a8ba644c (6.17-rc3)
-CVE-2025-39802 [lib/crypto: arm/poly1305: Fix register corruption in no-SIMD contexts]
+CVE-2025-39802 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.16.5-1
[trixie] - linux <not-affected> (Vulnerable code not present)
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/52c3e242f4d0043186b70d65460ba1767f27494a (6.17-rc1)
-CVE-2025-39801 [usb: dwc3: Remove WARN_ON for device endpoint command timeouts]
+CVE-2025-39801 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.16.5-1
NOTE: https://git.kernel.org/linus/45eae113dccaf8e502090ecf5b3d9e9b805add6f (6.17-rc3)
-CVE-2025-39800 [btrfs: abort transaction on unexpected eb generation at btrfs_copy_root()]
+CVE-2025-39800 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.16.5-1
NOTE: https://git.kernel.org/linus/33e8f24b52d2796b8cfb28c19a1a7dd6476323a8 (6.17-rc1)
CVE-2025-59378 (In guix-daemon in GNU Guix before 1618ca7, a content-addressed-mirrors ...)
@@ -1091,7 +1237,7 @@ CVE-2025-57578 (An issue in H3C Magic M Device M2V100R006 allows a remote attack
NOT-FOR-US: H3C
CVE-2025-57577 (An issue in H3C Device R365V300R004 allows a remote attacker to execut ...)
NOT-FOR-US: H3C
-CVE-2025-56467 (An issue was discovered in AXIS BANK LIMITED Axis Mobile App 9.9 allow ...)
+CVE-2025-56467 (An issue was discovered in AXIS BANK LIMITED Axis Mobile App 9.9 that ...)
NOT-FOR-US: AXIS BANK LIMITED Axis Mobile App
CVE-2025-55996 (Viber Desktop 25.6.0 is vulnerable to HTML Injection via the text para ...)
NOT-FOR-US: Viber Desktop
@@ -3282,7 +3428,7 @@ CVE-2025-58797 (Exposure of Sensitive System Information to an Unauthorized Cont
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58796 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin or theme
-CVE-2025-58795 (Missing Authorization vulnerability in Payoneer Checkout Payoneer Chec ...)
+CVE-2025-58795 (Missing Authorization vulnerability in Payoneer Inc. Payoneer Checkout ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-58794 (Cross-Site Request Forgery (CSRF) vulnerability in rainafarai Notifica ...)
NOT-FOR-US: WordPress plugin or theme
@@ -36706,7 +36852,7 @@ CVE-2025-48116 (Missing Authorization vulnerability in Ashan Perera EventON allo
NOT-FOR-US: WordPress plugin
CVE-2025-48115 (Cross-Site Request Forgery (CSRF) vulnerability in Javier Revilla Vali ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-48114 (Cross-Site Request Forgery (CSRF) vulnerability in Shayan Farhang Pazh ...)
+CVE-2025-48114 (Cross-Site Request Forgery (CSRF) vulnerability in ShayanWeb Admin Fon ...)
NOT-FOR-US: WordPress plugin or theme
CVE-2025-48113 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
@@ -40059,7 +40205,7 @@ CVE-2025-47639 (Cross-Site Request Forgery (CSRF) vulnerability in Supertext Sup
NOT-FOR-US: WordPress plugin or theme
CVE-2025-47638 (Improper Neutralization of Input During Web Page Generation ('Cross-si ...)
NOT-FOR-US: WordPress plugin
-CVE-2025-47636 (Path Traversal vulnerability in Fernando Briano List category posts al ...)
+CVE-2025-47636 (Path Traversal vulnerability in Fernando Briano List category posts li ...)
NOT-FOR-US: WordPress plugin
CVE-2025-47635 (Server-Side Request Forgery (SSRF) vulnerability in WPWebinarSystem We ...)
NOT-FOR-US: WordPress plugin
@@ -177333,7 +177479,7 @@ CVE-2024-24397 (Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft
NOT-FOR-US: Stimulsoft GmbH Stimulsoft Dashboard.JS
CVE-2024-24396 (Cross Site Scripting vulnerability in Stimulsoft GmbH Stimulsoft Dashb ...)
NOT-FOR-US: Stimulsoft GmbH Stimulsoft Dashboard.JS
-CVE-2024-24267 (gpac v2.2.1 was discovered to contain a memory leak via the gfio_blob ...)
+CVE-2024-24267 (gpac v2.2.1 (fixed in v2.4.0) was discovered to contain a memory leak ...)
- gpac <removed> (bug #1068462)
[bullseye] - gpac <ignored> (Minor issue)
[buster] - gpac <end-of-life> (EOL in buster LTS)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7fa58600d34fe0c9cc7bced6040366f18daebc7
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a7fa58600d34fe0c9cc7bced6040366f18daebc7
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250915/ad736443/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list