[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Wed Sep 17 21:38:48 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
53ae8eb9 by security tracker role at 2025-09-17T20:38:41+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,240 +1,402 @@
-CVE-2023-53368 [tracing: Fix race issue between cpu buffer write and swap]
+CVE-2025-9862 (Server-Side Request Forgery (SSRF) vulnerability in Ghost allows an at ...)
+ TODO: check
+CVE-2025-8999 (The Sydney theme for WordPress is vulnerable to unauthorized modificat ...)
+ TODO: check
+CVE-2025-8463 (Authorization Bypass Through User-Controlled Key vulnerability in Nebu ...)
+ TODO: check
+CVE-2025-8411 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-8077 (A vulnerability exists in NeuVector versions up to and including 5.4.5 ...)
+ TODO: check
+CVE-2025-59476 (Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not restrict o ...)
+ TODO: check
+CVE-2025-59475 (Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a ...)
+ TODO: check
+CVE-2025-59474 (Jenkins 2.527 and earlier, LTS 2.516.2 and earlier does not perform a ...)
+ TODO: check
+CVE-2025-59458 (In JetBrains Junie before 252.284.66, 251.284.66, 243.284.66, 252.284. ...)
+ TODO: check
+CVE-2025-59457 (In JetBrains TeamCity before 2025.07.2 missing Git URL validation allo ...)
+ TODO: check
+CVE-2025-59456 (In JetBrains TeamCity before 2025.07.2 path traversal was possible dur ...)
+ TODO: check
+CVE-2025-59455 (In JetBrains TeamCity before 2025.07.2 project isolation bypass was po ...)
+ TODO: check
+CVE-2025-59416 (The Scratch Channel is a news website. If the user makes a fork, they ...)
+ TODO: check
+CVE-2025-59414 (Nuxt is an open-source web development framework for Vue.js. Prior to ...)
+ TODO: check
+CVE-2025-59410 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59354 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59353 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59352 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59351 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59350 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59349 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59348 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59347 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59346 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59345 (Dragonfly is an open source P2P-based file distribution and image acce ...)
+ TODO: check
+CVE-2025-59342 (esm.sh is a nobuild content delivery network(CDN) for modern web devel ...)
+ TODO: check
+CVE-2025-59341 (esm.sh is a nobuild content delivery network(CDN) for modern web devel ...)
+ TODO: check
+CVE-2025-59340 (jinjava is a Java-based template engine based on django template synta ...)
+ TODO: check
+CVE-2025-59339 (The Bastion provides authentication, authorization, traceability and a ...)
+ TODO: check
+CVE-2025-59304 (A directory traversal issue in Swetrix Web Analytics API 3.1.1 before ...)
+ TODO: check
+CVE-2025-58767 (REXML is an XML toolkit for Ruby. The REXML gems from 3.3.3 to 3.4.1 h ...)
+ TODO: check
+CVE-2025-58766 (Dyad is a local AI app builder. A critical security vulnerability has ...)
+ TODO: check
+CVE-2025-58432 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
+ TODO: check
+CVE-2025-58431 (ZimaOS is a fork of CasaOS, an operating system for Zima devices and x ...)
+ TODO: check
+CVE-2025-57055 (WonderCMS 3.5.0 is vulnerable to Server-Side Request Forgery (SSRF) in ...)
+ TODO: check
+CVE-2025-56648 (npm parcel 2.0.0-alpha and before has an Origin Validation Error vulne ...)
+ TODO: check
+CVE-2025-55904 (Open5GS v2.7.5, prior to commit 67ba7f92bbd7a378954895d96d9d7b05d5b646 ...)
+ TODO: check
+CVE-2025-54467 (When a Java command with password parameters is executed and terminate ...)
+ TODO: check
+CVE-2025-54390 (A Cross-Site Request Forgery (CSRF) vulnerability exists in the ResetP ...)
+ TODO: check
+CVE-2025-53884 (NeuVector stores user passwords and API keys using a simple, unsalted ...)
+ TODO: check
+CVE-2025-50709 (An issue in Perplexity AI GPT-4 allows a remote attacker to obtain sen ...)
+ TODO: check
+CVE-2025-37122 (A vulnerability in the web-based management interface of network acces ...)
+ TODO: check
+CVE-2025-35436 (CISA Thorium uses '.unwrap()' to handle errors related to account veri ...)
+ TODO: check
+CVE-2025-35435 (CISA Thorium accepts a stream split size of zero then divides by this ...)
+ TODO: check
+CVE-2025-35434 (CISA Thorium does not validate TLS certificates when connecting to Ela ...)
+ TODO: check
+CVE-2025-35433 (CISA Thorium does not properly invalidate previously used tokens when ...)
+ TODO: check
+CVE-2025-35432 (CISA Thorium does not rate limit requests to send account verification ...)
+ TODO: check
+CVE-2025-35431 (CISA Thorium does not escape user controlled strings used in LDAP quer ...)
+ TODO: check
+CVE-2025-35430 (CISA Thorium does not adequately validate the paths of downloaded file ...)
+ TODO: check
+CVE-2025-10615 (A vulnerability was identified in itsourcecode E-Commerce Website 1.0. ...)
+ TODO: check
+CVE-2025-10614 (A vulnerability was determined in itsourcecode E-Logbook with Health M ...)
+ TODO: check
+CVE-2025-10613 (A vulnerability has been found in itsourcecode Student Information Sys ...)
+ TODO: check
+CVE-2025-10608 (A vulnerability was detected in Portabilis i-Educar up to 2.10. The af ...)
+ TODO: check
+CVE-2025-10607 (A security vulnerability has been detected in Portabilis i-Educar up t ...)
+ TODO: check
+CVE-2025-10606 (A weakness has been identified in Portabilis i-Educar up to 2.10. This ...)
+ TODO: check
+CVE-2025-10605 (A security flaw has been discovered in Portabilis i-Educar up to 2.10. ...)
+ TODO: check
+CVE-2025-10604 (A vulnerability was identified in PHPGurukul Online Discussion Forum 1 ...)
+ TODO: check
+CVE-2025-10603 (A vulnerability was determined in PHPGurukul Online Discussion Forum 1 ...)
+ TODO: check
+CVE-2025-10602 (A vulnerability was found in SourceCodester Online Exam Form Submissio ...)
+ TODO: check
+CVE-2025-10601 (A vulnerability has been found in SourceCodester Online Exam Form Subm ...)
+ TODO: check
+CVE-2025-10600 (A flaw has been found in SourceCodester Online Exam Form Submission 1. ...)
+ TODO: check
+CVE-2025-10599 (A security flaw has been discovered in itsourcecode Web-Based Internet ...)
+ TODO: check
+CVE-2025-10598 (A vulnerability was identified in SourceCodester Pet Grooming Manageme ...)
+ TODO: check
+CVE-2025-10597 (A vulnerability was determined in kidaze CourseSelectionSystem up to 4 ...)
+ TODO: check
+CVE-2025-10596 (A vulnerability was found in SourceCodester Online Exam Form Submissio ...)
+ TODO: check
+CVE-2025-10595 (A vulnerability has been found in SourceCodester Online Student File M ...)
+ TODO: check
+CVE-2025-10594 (A flaw has been found in SourceCodester Online Student File Management ...)
+ TODO: check
+CVE-2025-10593 (A vulnerability was detected in SourceCodester Online Student File Man ...)
+ TODO: check
+CVE-2025-10592 (A security vulnerability has been detected in itsourcecode Online Publ ...)
+ TODO: check
+CVE-2025-10591 (A weakness has been identified in Portabilis i-Educar up to 2.10. This ...)
+ TODO: check
+CVE-2025-10590 (A security flaw has been discovered in Portabilis i-Educar up to 2.10. ...)
+ TODO: check
+CVE-2025-10439 (Improper Neutralization of Special Elements used in an SQL Command ('S ...)
+ TODO: check
+CVE-2025-10205 (Use of a One-Way Hash with a Predictable Salt vulnerability in ABB FLX ...)
+ TODO: check
+CVE-2025-10157 (A Protection Mechanism Failure vulnerability in mmaitre314 picklescan ...)
+ TODO: check
+CVE-2025-10156 (An Improper Handling of Exceptional Conditions vulnerability in the ZI ...)
+ TODO: check
+CVE-2025-10155 (An Improper Input Validation vulnerability in the scanning logic of mm ...)
+ TODO: check
+CVE-2025-0879 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-0546 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-0420 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2025-0419 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48842 (Use of Hard-coded Credentials vulnerability in ABB FLXEON.This issue a ...)
+ TODO: check
+CVE-2023-53368 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/3163f635b20e9e1fb4659e74f47918c9dddfe64e (6.6-rc1)
-CVE-2023-53367 [accel/habanalabs: fix mem leak in capture user mappings]
+CVE-2023-53367 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.4.13-1
NOTE: https://git.kernel.org/linus/314a7ffd7c196b27eedd50cb7553029e17789b55 (6.5-rc1)
-CVE-2023-53366 [block: be a bit more careful in checking for NULL bdev while polling]
+CVE-2023-53366 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/310726c33ad76cebdee312dbfafc12c1b44bf977 (6.3-rc1)
-CVE-2023-53365 [ip6mr: Fix skb_under_panic in ip6mr_cache_report()]
+CVE-2023-53365 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/30e0191b16e8a58e4620fa3e2839ddc7b9d4281c (6.5-rc5)
-CVE-2023-53364 [regulator: da9063: better fix null deref with partial DT]
+CVE-2023-53364 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.4.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/30c694fd4a99fbbc4115d180156ca01b60953371 (6.5-rc7)
-CVE-2023-53363 [PCI: Fix use-after-free in pci_bus_release_domain_nr()]
+CVE-2023-53363 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.137-1
[bullseye] - linux 5.10.237-1
NOTE: https://git.kernel.org/linus/30ba2d09edb5ea857a1473ae3d820911347ada62 (6.3-rc7)
-CVE-2023-53362 [bus: fsl-mc: don't assume child devices are all fsl-mc devices]
+CVE-2023-53362 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/303c9c63abb9390e906052863f82bb4e9824e5c0 (6.5-rc1)
-CVE-2023-53361 [LoongArch: mm: Add p?d_leaf() definitions]
+CVE-2023-53361 (In the Linux kernel, the following vulnerability has been resolved: L ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/303be4b33562a5b689261ced1616bf16ad49efa7 (6.6-rc1)
-CVE-2023-53360 [NFSv4.2: Rework scratch handling for READ_PLUS (again)]
+CVE-2023-53360 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/303a78052091c81e9003915c521fdca1c7e117af (6.6-rc1)
-CVE-2023-53359 [USB: fix memory leak with using debugfs_lookup()]
+CVE-2023-53359 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/30374434edab20e25776f8ecb4bc9d1e54309487 (6.3-rc1)
-CVE-2023-53358 [ksmbd: fix racy issue under cocurrent smb2 tree disconnect]
+CVE-2023-53358 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/30210947a343b6b3ca13adc9bfc88e1543e16dd5 (6.4-rc1)
-CVE-2023-53357 [md/raid10: check slab-out-of-bounds in md_bitmap_get_counter]
+CVE-2023-53357 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/301867b1c16805aebbc306aafa6ecdc68b73c7e5 (6.5-rc1)
-CVE-2023-53356 [usb: gadget: u_serial: Add null pointer check in gserial_suspend]
+CVE-2023-53356 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/2f6ecb89fe8feb2b60a53325b0eeb9866d88909a (6.5-rc1)
-CVE-2023-53355 [staging: pi433: fix memory leak with using debugfs_lookup()]
+CVE-2023-53355 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/2f36e789e540df6a9fbf471b3a2ba62a8b361586 (6.3-rc1)
-CVE-2023-53354 [skbuff: skb_segment, Call zero copy functions before using skbuff frags]
+CVE-2023-53354 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/2ea35288c83b3d501a88bc17f2df8f176b5cc96f (6.6-rc1)
-CVE-2023-53353 [accel/habanalabs: postpone mem_mgr IDR destruction to hpriv_release()]
+CVE-2023-53353 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.3.7-1
NOTE: https://git.kernel.org/linus/2e8e9a895c4589f124a37fc84d123b5114406e94 (6.4-rc1)
-CVE-2023-53352 [drm/ttm: check null pointer before accessing when swapping]
+CVE-2023-53352 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/2dedcf414bb01b8d966eb445db1d181d92304fb2 (6.5-rc5)
-CVE-2023-53351 [drm/sched: Check scheduler work queue before calling timeout handling]
+CVE-2023-53351 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2da5bffe9eaa5819a868e8eaaa11b3fd0f16a691 (6.4-rc2)
-CVE-2023-53350 [accel/qaic: Fix slicing memory leak]
+CVE-2023-53350 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.4.13-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2d956177b7c96e62fac762a3b7da4318cde27a73 (6.5-rc7)
-CVE-2023-53349 [media: ov2740: Fix memleak in ov2740_init_controls()]
+CVE-2023-53349 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2d899592ed7829d0d5140853bac4d58742a6b8af (6.3-rc1)
-CVE-2023-53348 [btrfs: fix deadlock when aborting transaction during relocation with scrub]
+CVE-2023-53348 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.25-1
NOTE: https://git.kernel.org/linus/2d82a40aa7d6fcae0250ec68b8566cdee7bfd44c (6.3-rc5)
-CVE-2023-53347 [net/mlx5: Handle pairing of E-switch via uplink un/load APIs]
+CVE-2023-53347 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/2be5bd42a5bba1a05daedc86cf0e248210009669 (6.4-rc4)
-CVE-2023-53346 [kernel/fail_function: fix memory leak with using debugfs_lookup()]
+CVE-2023-53346 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2bb3669f576559db273efe49e0e69f82450efbca (6.3-rc1)
-CVE-2023-53345 [rxrpc: Fix potential data race in rxrpc_wait_to_be_connected()]
+CVE-2023-53345 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2b5fdc0f5caa505afe34d608e2eefadadf2ee67a (6.4-rc1)
-CVE-2023-53344 [can: bcm: bcm_tx_setup(): fix KMSAN uninit-value in vfs_write]
+CVE-2023-53344 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2b4c99f7d9a57ecd644eda9b1fb0a1072414959f (6.3-rc5)
-CVE-2023-53343 [icmp6: Fix null-ptr-deref of ip6_null_entry->rt6i_idev in icmp6_dev().]
+CVE-2023-53343 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/2aaa8a15de73874847d62eb595c6683bface80fd (6.5-rc2)
-CVE-2023-53342 [net: marvell: prestera: fix handling IPv4 routes with nhid]
+CVE-2023-53342 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2aa71b4b294ee2c3041d085404cea914be9b3225 (6.5-rc6)
-CVE-2023-53341 [of/fdt: run soc memory setup when early_init_dt_scan_memory fails]
+CVE-2023-53341 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2a12187d5853d9fd5102278cecef7dac7c8ce7ea (6.2-rc3)
-CVE-2023-53340 [net/mlx5: Collect command failures data only for known commands]
+CVE-2023-53340 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2a0a935fb64ee8af253b9c6133bb6702fb152ac2 (6.4-rc4)
-CVE-2023-53339 [btrfs: fix BUG_ON condition in btrfs_cancel_balance]
+CVE-2023-53339 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/29eefa6d0d07e185f7bfe9576f91e6dba98189c2 (6.5-rc7)
-CVE-2023-53338 [lwt: Fix return values of BPF xmit ops]
+CVE-2023-53338 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/29b22badb7a84b783e3a4fffca16f7768fb31205 (6.6-rc1)
-CVE-2023-53337 [nilfs2: do not write dirty data after degenerating to read-only]
+CVE-2023-53337 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/28a65b49eb53e172d23567005465019658bfdb4d (6.4-rc1)
-CVE-2023-53336 [media: ipu-bridge: Fix null pointer deref on SSDB/PLD parsing warnings]
+CVE-2023-53336 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/284be5693163343e1cf17c03917eecd1d6681bcf (6.6-rc1)
-CVE-2023-53335 [RDMA/cxgb4: Fix potential null-ptr-deref in pass_establish()]
+CVE-2023-53335 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/283861a4c52c1ea4df3dd1b6fc75a50796ce3524 (6.3-rc1)
-CVE-2022-50374 [Bluetooth: hci_{ldisc,serdev}: check percpu_init_rwsem() failure]
+CVE-2022-50374 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3124d320c22f3f4388d9ac5c8f37eaad0cefd6b1 (6.1-rc1)
-CVE-2022-50373 [fs: dlm: fix race in lowcomms]
+CVE-2022-50373 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/30ea3257e8766027c4d8d609dcbd256ff9a76073 (6.1-rc1)
-CVE-2022-50372 [cifs: Fix memory leak when build ntlmssp negotiate blob failed]
+CVE-2022-50372 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/30b2d7f8f13664655480d6af45f60270b3eb6736 (6.1-rc2)
-CVE-2022-50371 [led: qcom-lpg: Fix sleeping in atomic]
+CVE-2022-50371 (In the Linux kernel, the following vulnerability has been resolved: l ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3031993b3474794ecb71b6f969a3e60e4bda9d8a (6.2-rc1)
-CVE-2022-50370 [i2c: designware: Fix handling of real but unexpected device interrupts]
+CVE-2022-50370 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/301c8f5c32c8fb79c67539bc23972dc3ef48024c (6.1-rc1)
-CVE-2022-50369 [drm/vkms: Fix null-ptr-deref in vkms_release()]
+CVE-2022-50369 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2fe2a8f40c21161ffe7653cc234e7934db5b7cc5 (6.3-rc1)
-CVE-2022-50368 [drm/msm/dsi: fix memory corruption with too many bridges]
+CVE-2022-50368 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.7-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2e786eb2f9cebb07e317226b60054df510b60c65 (6.1-rc3)
-CVE-2022-50367 [fs: fix UAF/GPF bug in nilfs_mdt_destroy]
+CVE-2022-50367 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.0.2-1
[bullseye] - linux 5.10.148-1
NOTE: https://git.kernel.org/linus/2e488f13755ffbb60f307e991b27024716a33b29 (6.1-rc1)
-CVE-2022-50366 [powercap: intel_rapl: fix UBSAN shift-out-of-bounds issue]
+CVE-2022-50366 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2d93540014387d1c73b9ccc4d7895320df66d01b (6.1-rc1)
-CVE-2022-50365 [skbuff: Account for tail adjustment during pull operations]
+CVE-2022-50365 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2d7afdcbc9d32423f177ee12b7c93783aea338fb (6.2-rc1)
-CVE-2022-50364 [i2c: mux: reg: check return value after calling platform_get_resource()]
+CVE-2022-50364 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2d47b79d2bd39cc6369eccf94a06568d84c906ae (6.2-rc1)
-CVE-2022-50363 [skmsg: pass gfp argument to alloc_sk_msg()]
+CVE-2022-50363 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.6-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2d1f274b95c6e4ba6a813b3b8e7a1a38d54a0a08 (6.1-rc2)
-CVE-2022-50362 [dmaengine: hisilicon: Add multi-thread support for a DMA channel]
+CVE-2022-50362 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2cbb95883c990d0002a77e13d3278913ab26ad79 (6.1-rc1)
-CVE-2022-50361 [wifi: wilc1000: add missing unregister_netdev() in wilc_netdev_ifc_init()]
+CVE-2022-50361 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2b88974ecb358990e1c33fabcd0b9e142bab7f21 (6.3-rc1)
-CVE-2022-50360 [drm/msm/dp: fix aux-bus EP lifetime]
+CVE-2022-50360 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2b57f726611e294dc4297dd48eb8c98ef1938e82 (6.1-rc3)
-CVE-2022-50359 [media: cx88: Fix a null-ptr-deref bug in buffer_prepare()]
+CVE-2022-50359 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2b064d91440b33fba5b452f2d1b31f13ae911d71 (6.1-rc1)
-CVE-2022-50358 [brcmfmac: return error when getting invalid max_flowrings from dongle]
+CVE-2022-50358 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/2aca4f3734bd717e04943ddf340d49ab62299a00 (6.2-rc1)
-CVE-2022-50357 [usb: dwc3: core: fix some leaks in probe]
+CVE-2022-50357 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/2a735e4b5580a2a6bbd6572109b4c4f163c57462 (6.1-rc1)
-CVE-2022-50356 [net: sched: sfb: fix null pointer access issue when sfb_init() fails]
+CVE-2022-50356 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.6-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2a3fc78210b9f0e85372a2435368962009f480fc (6.1-rc2)
-CVE-2022-50355 [staging: vt6655: fix some erroneous memory clean-up loops]
+CVE-2022-50355 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/2a2db520e3ca5aafba7c211abfd397666c9b5f9d (6.1-rc1)
-CVE-2022-50354 [drm/amdkfd: Fix kfd_process_device_init_vm error handling]
+CVE-2022-50354 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.7-1
NOTE: https://git.kernel.org/linus/29d48b87db64b6697ddad007548e51d032081c59 (6.2-rc1)
-CVE-2022-50353 [mmc: wmt-sdmmc: fix return value check of mmc_add_host()]
+CVE-2022-50353 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/29276d56f6ed138db0f38cd31aedc0b725c8c76c (6.2-rc1)
-CVE-2025-40933
+CVE-2025-40933 (Apache::AuthAny::Cookie v0.201 or earlier for Perl generates session i ...)
NOTE: Apache::AuthAny::Cookie Perl module
CVE-2025-9972 (The N-Reporter, N-Cloud, and N-Probe developed by N-Partner has an OS ...)
NOT-FOR-US: N-Partner
@@ -2693,7 +2855,7 @@ CVE-2025-10366 (A flaw has been found in MiczFlor RPi-Jukebox-RFID up to 2.8.0.
NOT-FOR-US: MiczFlor RPi-Jukebox-RFID
CVE-2025-10359 (A vulnerability was detected in Wavlink WL-WN578W2 221110. This impact ...)
NOT-FOR-US: Wavlink
-CVE-2025-59518 [Shell injection in Safe Jail]
+CVE-2025-59518 (In LemonLDAP::NG before 2.16.7 and 2.17 through 2.21 before 2.21.3, OS ...)
- lemonldap-ng 2.21.3+ds-1
[trixie] - lemonldap-ng <no-dsa> (Minor issue)
[bookworm] - lemonldap-ng <no-dsa> (Minor issue)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53ae8eb954a2871a41446389acb028c8989ee4ac
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/53ae8eb954a2871a41446389acb028c8989ee4ac
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250917/572e2d68/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list