[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Sep 18 21:13:04 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
f4802d94 by security tracker role at 2025-09-18T20:12:56+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,514 +1,598 @@
-CVE-2023-53447 [f2fs: don't reset unchangable mount option in f2fs_remount()]
+CVE-2025-9992 (The Ghost Kit \u2013 Page Builder Blocks, Motion Effects & Extensions ...)
+ TODO: check
+CVE-2025-8565 (The Privacy Policy Generator, Terms & Conditions Generator WordPress P ...)
+ TODO: check
+CVE-2025-6237 (A vulnerability in invokeai version v6.0.0a1 and below allows attacker ...)
+ TODO: check
+CVE-2025-59424 (LinkAce is a self-hosted archive to collect website links. Prior to 2. ...)
+ TODO: check
+CVE-2025-59421 (Press, a Frappe custom app that runs Frappe Cloud, manages infrastruct ...)
+ TODO: check
+CVE-2025-59417 (Lobe Chat is an open-source artificial intelligence chat framework. Pr ...)
+ TODO: check
+CVE-2025-59040 (Tuleap is an Open Source Suite to improve management of software devel ...)
+ TODO: check
+CVE-2025-57452 (In realme BackupRestore app v15.1.12_2810c08_250314, improper URI sche ...)
+ TODO: check
+CVE-2025-55912 (An issue in ClipBucket 5.5.0 and prior versions allows an unauthentica ...)
+ TODO: check
+CVE-2025-55911 (An issue Clip Bucket v.5.5.2 Build#90 allows a remote attacker to exec ...)
+ TODO: check
+CVE-2025-50255 (Cross Site Request Forgery (CSRF) vulnerability in Smartvista BackOffi ...)
+ TODO: check
+CVE-2025-4444 (A security flaw has been discovered in Tor up to 0.4.7.16/0.4.8.17. Im ...)
+ TODO: check
+CVE-2025-40678 (Unrestricted upload vulnerability for dangerous file types on Summar S ...)
+ TODO: check
+CVE-2025-40677 (SQL injection vulnerability in Summar Software\xb4s Portal del Emplead ...)
+ TODO: check
+CVE-2025-36146 (IBM Lakehouse (watsonx.data 2.2) could allow an authenticated user to ...)
+ TODO: check
+CVE-2025-36143 (IBM Lakehouse (watsonx.data 2.2) could allow an authenticated privileg ...)
+ TODO: check
+CVE-2025-36139 (IBM Lakehouse (watsonx.data 2.2) is vulnerable to stored cross-site sc ...)
+ TODO: check
+CVE-2025-26503 (A crafted system call argument can cause memory corruption.)
+ TODO: check
+CVE-2025-10688 (A vulnerability was determined in SourceCodester Pet Grooming Manageme ...)
+ TODO: check
+CVE-2025-10687 (A vulnerability was found in SourceCodester Responsive E-Learning Syst ...)
+ TODO: check
+CVE-2025-10676 (A weakness has been identified in fuyang_lipengjun platform 1.0. Affec ...)
+ TODO: check
+CVE-2025-10675 (A security flaw has been discovered in fuyang_lipengjun platform 1.0. ...)
+ TODO: check
+CVE-2025-10674 (A vulnerability was identified in fuyang_lipengjun platform 1.0. This ...)
+ TODO: check
+CVE-2025-10673 (A vulnerability was determined in itsourcecode Student Information Man ...)
+ TODO: check
+CVE-2025-10672 (A vulnerability was found in whuan132 AIBattery up to 1.0.9. The affec ...)
+ TODO: check
+CVE-2025-10671 (A vulnerability has been found in youth-is-as-pale-as-poetry e-learnin ...)
+ TODO: check
+CVE-2025-10670 (A flaw has been found in itsourcecode E-Logbook with Health Monitoring ...)
+ TODO: check
+CVE-2025-10669 (A vulnerability was detected in Airsonic-Advanced up to 10.6.0. This v ...)
+ TODO: check
+CVE-2025-10668 (A security vulnerability has been detected in itsourcecode Online Disc ...)
+ TODO: check
+CVE-2025-10667 (A weakness has been identified in itsourcecode Online Discussion Forum ...)
+ TODO: check
+CVE-2025-10666 (A security flaw has been discovered in D-Link DIR-825 up to 2.10. Affe ...)
+ TODO: check
+CVE-2025-10665 (A vulnerability was identified in kidaze CourseSelectionSystem up to 4 ...)
+ TODO: check
+CVE-2025-10664 (A vulnerability was determined in PHPGurukul Small CRM 4.0. This impac ...)
+ TODO: check
+CVE-2025-10663 (A vulnerability was found in PHPGurukul Online Course Registration 3.1 ...)
+ TODO: check
+CVE-2025-10662 (A vulnerability has been found in SeaCMS up to 13.3. The impacted elem ...)
+ TODO: check
+CVE-2025-10650 (SoftIron HyperCloud 2.5.0 through 2.6.3 may incorrectly add user SSH k ...)
+ TODO: check
+CVE-2025-10207 (Improper Validation of Specified Type of Input vulnerability in ABB FL ...)
+ TODO: check
+CVE-2025-0547 (Improper Neutralization of Input During Web Page Generation (XSS or 'C ...)
+ TODO: check
+CVE-2024-48851 (Improper Validation of Specified Type of Input vulnerability in ABB FL ...)
+ TODO: check
+CVE-2024-25011 (Ericsson Catalog Manager and Ericsson Order Care APIs do not have auth ...)
+ TODO: check
+CVE-2024-13151 (Authorization Bypass Through User-Controlled SQL Primary Key, CWE - 89 ...)
+ TODO: check
+CVE-2023-49367 (An issue in user interface in Kyocera Command Center RX EXOSYS M5521cd ...)
+ TODO: check
+CVE-2023-53447 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.4.11-1
NOTE: https://git.kernel.org/linus/458c15dfbce62c35fefd9ca637b20a051309c9f1 (6.5-rc1)
-CVE-2023-53446 [PCI/ASPM: Disable ASPM on MFD function removal to avoid use-after-free]
+CVE-2023-53446 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/456d8aa37d0f56fc9e985e812496e861dcd6f2f2 (6.5-rc1)
-CVE-2023-53445 [net: qrtr: Fix a refcount bug in qrtr_recvmsg()]
+CVE-2023-53445 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/44d807320000db0d0013372ad39b53e12d52f758 (6.3-rc6)
-CVE-2023-53444 [drm/ttm: fix bulk_move corruption when adding a entry]
+CVE-2023-53444 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4481913607e58196c48a4fef5e6f45350684ec3c (6.5-rc2)
-CVE-2023-53443 [mfd: arizona: Use pm_runtime_resume_and_get() to prevent refcnt leak]
+CVE-2023-53443 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/4414a7ab80cebf715045e3c4d465feefbad21139 (6.3-rc1)
-CVE-2023-53442 [ice: Block switchdev mode when ADQ is active and vice versa]
+CVE-2023-53442 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/43d00e102d9ecbe2635d7e3f2e14d2e90183d6af (6.5-rc7)
-CVE-2023-53441 [bpf: cpumap: Fix memory leak in cpu_map_update_elem]
+CVE-2023-53441 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/4369016497319a9635702da010d02af1ebb1849d (6.5-rc2)
-CVE-2023-53440 [nilfs2: fix sysfs interface lifetime]
+CVE-2023-53440 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/42560f9c92cc43dce75dbf06cc0d840dced39b12 (6.3-rc6)
-CVE-2023-53439 [net: skb_partial_csum_set() fix against transport header magic value]
+CVE-2023-53439 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/424f8416bb39936df6365442d651ee729b283460 (6.4-rc2)
-CVE-2023-53438 [x86/MCE: Always save CS register on AMD Zen IF Poison errors]
+CVE-2023-53438 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/4240e2ebe67941ce2c4f5c866c3af4b5ac7a0c67 (6.6-rc1)
-CVE-2023-53437 [media: uvcvideo: Handle cameras with invalid descriptors]
+CVE-2023-53437 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/41ddb251c68ac75c101d3a50a68c4629c9055e4c (6.3-rc1)
-CVE-2023-53436 [scsi: snic: Fix possible memory leak if device_add() fails]
+CVE-2023-53436 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/41320b18a0e0dfb236dba4edb9be12dba1878156 (6.5-rc6)
-CVE-2023-53435 [cassini: Fix a memory leak in the error handling path of cas_init_one()]
+CVE-2023-53435 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/412cd77a2c24b191c65ea53025222418db09817c (6.4-rc3)
-CVE-2023-53434 [remoteproc: imx_dsp_rproc: Add custom memory copy implementation for i.MX DSP Cores]
+CVE-2023-53434 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/408ec1ff0caa340c57eecf4cbd14ef0132036a50 (6.4-rc1)
-CVE-2023-53433 [net: add vlan_get_protocol_and_depth() helper]
+CVE-2023-53433 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/4063384ef762cc5946fc7a3f89879e76c6ec51e2 (6.4-rc2)
-CVE-2023-53432 [firewire: net: fix use after free in fwnet_finish_incoming_packet()]
+CVE-2023-53432 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/3ff256751a2853e1ffaa36958ff933ccc98c6cb5 (6.5-rc1)
-CVE-2023-53431 [scsi: ses: Don't attach if enclosure has no components]
+CVE-2023-53431 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3fe97ff3d94934649abb0652028dd7296170c8d0 (6.3-rc1)
-CVE-2023-53430 [wifi: mt76: dma: fix memory leak running mt76_dma_tx_cleanup]
+CVE-2023-53430 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.3.7-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3f7dda36e0b6dfa2cd26191f754ba061ab8191f2 (6.3-rc1)
-CVE-2023-53429 [btrfs: don't check PageError in __extent_writepage]
+CVE-2023-53429 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.11-1
NOTE: https://git.kernel.org/linus/3e92499e3b004baffb479d61e191b41b604ece9a (6.5-rc1)
-CVE-2023-53428 [powercap: arm_scmi: Remove recursion while parsing zones]
+CVE-2023-53428 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.5.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3e767d6850f867cc33ac16ca097350a1d2417982 (6.6-rc1)
-CVE-2023-53427 [cifs: Fix warning and UAF when destroy the MR list]
+CVE-2023-53427 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3e161c2791f8e661eed24a2c624087084d910215 (6.3-rc1)
-CVE-2023-53426 [xsk: Fix xsk_diag use-after-free error during socket cleanup]
+CVE-2023-53426 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3e019d8a05a38abb5c85d4f1e85fda964610aa14 (6.6-rc1)
-CVE-2023-53425 [media: platform: mediatek: vpu: fix NULL ptr dereference]
+CVE-2023-53425 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/3df55cd773e8603b623425cc97b05e542854ad27 (6.5-rc1)
-CVE-2023-53424 [clk: mediatek: fix of_iomap memory leak]
+CVE-2023-53424 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3db7285e044144fd88a356f5b641b9cd4b231a77 (6.5-rc1)
-CVE-2023-53423 [objtool: Fix memory leak in create_static_call_sections()]
+CVE-2023-53423 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3da73f102309fe29150e5c35acd20dd82063ff67 (6.3-rc1)
-CVE-2023-53422 [wifi: iwlwifi: fw: fix memory leak in debugfs]
+CVE-2023-53422 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/3d90d2f4a018fe8cfd65068bc6350b6222be4852 (6.4-rc1)
-CVE-2023-53421 [blk-cgroup: Reinit blkg_iostat_set after clearing in blkcg_reset_stats()]
+CVE-2023-53421 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.4.4-1
NOTE: https://git.kernel.org/linus/3d2af77e31ade05ff7ccc3658c3635ec1bea0979 (6.5-rc1)
-CVE-2023-53420 [ntfs: Fix panic about slab-out-of-bounds caused by ntfs_listxattr()]
+CVE-2023-53420 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3c675ddffb17a8b1e32efad5c983254af18b12c2 (6.5-rc1)
-CVE-2023-53419 [rcu: Protect rcu_print_task_exp_stall() ->exp_tasks access]
+CVE-2023-53419 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/3c1566bca3f8349f12b75d0a2d5e4a20ad6262ec (6.4-rc1)
-CVE-2022-50419 [Bluetooth: hci_sysfs: Fix attempting to call device_add multiple times]
+CVE-2022-50419 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/448a496f760664d3e2e79466aa1787e6abc922b5 (6.1-rc1)
-CVE-2022-50418 [wifi: ath11k: mhi: fix potential memory leak in ath11k_mhi_register()]
+CVE-2022-50418 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/43e7c3505ec70db3d3c6458824d5fa40f62e3e7b (6.1-rc1)
-CVE-2022-50417 [drm/panfrost: Fix GEM handle creation ref-counting]
+CVE-2022-50417 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/4217c6ac817451d5116687f3cc6286220dc43d49 (6.2-rc3)
-CVE-2022-50416 [irqchip/wpcm450: Fix memory leak in wpcm450_aic_of_init()]
+CVE-2022-50416 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4208d4faf36573a507b5e5de17abe342e9276759 (6.2-rc1)
-CVE-2022-50415 [parisc: led: Fix potential null-ptr-deref in start_task()]
+CVE-2022-50415 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/41f563ab3c33698bdfc3403c7c2e6c94e73681e4 (6.2-rc1)
-CVE-2022-50414 [scsi: fcoe: Fix transport not deattached when fcoe_if_init() fails]
+CVE-2022-50414 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/4155658cee394b22b24c6d64e49247bf26d95b92 (6.2-rc1)
-CVE-2022-50413 [wifi: mac80211: fix use-after-free]
+CVE-2022-50413 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/40fb87129049ec5876dabf4a4d4aed6642b31f1a (6.1-rc1)
-CVE-2022-50412 [drm: bridge: adv7511: unregister cec i2c device after cec adapter]
+CVE-2022-50412 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.234-1
NOTE: https://git.kernel.org/linus/40cdb02cb9f965732eb543d47f15bef8d10f0f5f (6.1-rc1)
-CVE-2022-50411 [ACPICA: Fix error code path in acpi_ds_call_control_method()]
+CVE-2022-50411 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/404ec60438add1afadaffaed34bb5fe4ddcadd40 (6.2-rc1)
-CVE-2022-50410 [NFSD: Protect against send buffer overflow in NFSv2 READ]
+CVE-2022-50410 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.221-1
NOTE: https://git.kernel.org/linus/401bc1f90874280a80b93f23be33a0e7e2d1f912 (6.1-rc1)
-CVE-2022-50409 [net: If sock is dead don't access sock's sk_wq in sk_stream_wait_memory]
+CVE-2022-50409 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3f8ef65af927db247418d4e1db49164d7a158fc5 (6.1-rc1)
-CVE-2022-50408 [wifi: brcmfmac: fix use-after-free bug in brcmf_netdev_start_xmit()]
+CVE-2022-50408 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3f42faf6db431e04bf942d2ebe3ae88975723478 (6.1-rc1)
-CVE-2022-50407 [crypto: hisilicon/qm - increase the memory of local variables]
+CVE-2022-50407 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/3efe90af4c0c46c58dba1b306de142827153d9c0 (6.2-rc1)
-CVE-2022-50406 [iomap: iomap: fix memory corruption when recording errors during writeback]
+CVE-2022-50406 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/3d5f3ba1ac28059bdf7000cae2403e4e984308d2 (6.1-rc1)
-CVE-2022-50405 [net/tunnel: wait until all sk_user_data reader finish before releasing the sock]
+CVE-2022-50405 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3cf7203ca620682165706f70a1b12b5194607dce (6.2-rc1)
-CVE-2022-50404 [fbdev: fbcon: release buffer when fbcon_do_set_font() failed]
+CVE-2022-50404 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3c3bfb8586f848317ceba5d777e11204ba3e5758 (6.2-rc1)
-CVE-2022-50403 [ext4: fix undefined behavior in bit shift for ext4_check_flag_values]
+CVE-2022-50403 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3bf678a0f9c017c9ba7c581541dbc8453452a7ae (6.2-rc1)
-CVE-2022-50402 [drivers/md/md-bitmap: check the return value of md_bitmap_get_counter()]
+CVE-2022-50402 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3bd548e5b819b8c0f2c9085de775c5c7bff9052f (6.2-rc1)
-CVE-2022-50401 [nfsd: under NFSv4.1, fix double svc_xprt_put on rpc_create failure]
+CVE-2022-50401 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3bc8edc98bd43540dbe648e4ef91f443d6d20a24 (6.2-rc1)
-CVE-2023-53418 [USB: gadget: lpc32xx_udc: fix memory leak with using debugfs_lookup()]
+CVE-2023-53418 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/e3965acaf3739fde9d74ad82979b46d37c6c208f (6.3-rc1)
-CVE-2023-53417 [USB: sl811: fix memory leak with using debugfs_lookup()]
+CVE-2023-53417 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/e1523c4dbc54e164638ff8729d511cf91e27be04 (6.3-rc1)
-CVE-2023-53416 [USB: isp1362: fix memory leak with using debugfs_lookup()]
+CVE-2023-53416 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/c26e682afc14caa87d44beed271eec8991e93c65 (6.3-rc1)
-CVE-2023-53415 [USB: dwc3: fix memory leak with using debugfs_lookup()]
+CVE-2023-53415 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/be308d68785b205e483b3a0c61ba3a82da468f2c (6.3-rc1)
-CVE-2023-53414 [scsi: snic: Fix memory leak with using debugfs_lookup()]
+CVE-2023-53414 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/ad0e4e2fab928477f74d742e6e77d79245d3d3e7 (6.3-rc1)
-CVE-2023-53413 [USB: isp116x: fix memory leak with using debugfs_lookup()]
+CVE-2023-53413 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/a95f62d5813facbec20ec087472eb313ee5fa8af (6.3-rc1)
-CVE-2023-53412 [USB: gadget: bcm63xx_udc: fix memory leak with using debugfs_lookup()]
+CVE-2023-53412 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/a91c99b1fe5c6f7e52fb932ad9e57ec7cfe913ec (6.3-rc1)
-CVE-2023-53411 [PM: EM: fix memory leak with using debugfs_lookup()]
+CVE-2023-53411 (In the Linux kernel, the following vulnerability has been resolved: P ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/a0e8c13ccd6a9a636d27353da62c2410c4eca337 (6.3-rc1)
-CVE-2023-53410 [USB: ULPI: fix memory leak with using debugfs_lookup()]
+CVE-2023-53410 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/8f4d25eba599c4bd4b5ea8ae8752cda480a9d563 (6.3-rc1)
-CVE-2023-53409 [drivers: base: component: fix memory leak with using debugfs_lookup()]
+CVE-2023-53409 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/8deb87b1e810dd558371e88ffd44339fbef27870 (6.3-rc1)
-CVE-2023-53408 [trace/blktrace: fix memory leak with using debugfs_lookup()]
+CVE-2023-53408 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/83e8864fee26f63a7435e941b7c36a20fd6fe93e (6.3-rc1)
-CVE-2023-53407 [USB: gadget: pxa27x_udc: fix memory leak with using debugfs_lookup()]
+CVE-2023-53407 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/7a6952fa0366d4408eb8695af1a0578c39ec718a (6.3-rc1)
-CVE-2023-53406 [USB: gadget: pxa25x_udc: fix memory leak with using debugfs_lookup()]
+CVE-2023-53406 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/7a038a681b7df78362d9fc7013e5395a694a9d3a (6.3-rc1)
-CVE-2023-53405 [USB: gadget: gr_udc: fix memory leak with using debugfs_lookup()]
+CVE-2023-53405 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/73f4451368663ad28daa67980c6dd11d83b303eb (6.3-rc1)
-CVE-2023-53404 [USB: fotg210: fix memory leak with using debugfs_lookup()]
+CVE-2023-53404 (In the Linux kernel, the following vulnerability has been resolved: U ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/6b4040f452037a7e95472577891d57c6b18c89c5 (6.3-rc1)
-CVE-2023-53403 [time/debug: Fix memory leak with using debugfs_lookup()]
+CVE-2023-53403 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/5b268d8abaec6cbd4bd70d062e769098d96670aa (6.3-rc1)
-CVE-2023-53402 [kernel/printk/index.c: fix memory leak with using debugfs_lookup()]
+CVE-2023-53402 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/55bf243c514553e907efcf2bda92ba090eca8c64 (6.3-rc1)
-CVE-2022-50400 [staging: greybus: audio_helper: remove unused and wrong debugfs usage]
+CVE-2022-50400 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/d517cdeb904ddc0cbebcc959d43596426cac40b0 (6.1-rc1)
-CVE-2023-53401 [mm: kmem: fix a NULL pointer dereference in obj_stock_flush_required()]
+CVE-2023-53401 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/3b8abb3239530c423c0b97e42af7f7e856e1ee96 (6.5-rc1)
-CVE-2023-53400 [ALSA: hda: Fix Oops by 9.1 surround channel names]
+CVE-2023-53400 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/3b44ec8c5c44790a82f07e90db45643c762878c6 (6.4-rc3)
-CVE-2023-53399 [ksmbd: fix NULL pointer dereference in smb2_get_info_filesystem()]
+CVE-2023-53399 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/3ac00a2ab69b34189942afa9e862d5170cdcb018 (6.4-rc1)
-CVE-2023-53398 [mlx5: fix possible ptp queue fifo use-after-free]
+CVE-2023-53398 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3a50cf1e8e5157b82268eee7e330dbe5736a0948 (6.3-rc1)
-CVE-2023-53397 [modpost: fix off by one in is_executable_section()]
+CVE-2023-53397 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/3a3f1e573a105328a2cca45a7cfbebabbf5e3192 (6.5-rc1)
-CVE-2023-53396 [ubifs: Fix memory leak in do_rename]
+CVE-2023-53396 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3a36d20e012903f45714df2731261fdefac900cb (6.4-rc1)
-CVE-2023-53395 [ACPICA: Add AML_NO_OPERAND_RESOLVE flag to Timer]
+CVE-2023-53395 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/3a21ffdbc825e0919db9da0e27ee5ff2cc8a863e (6.6-rc1)
-CVE-2023-53394 [net/mlx5e: xsk: Fix crash on regular rq reactivation]
+CVE-2023-53394 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/39646d9bcd1a65d2396328026626859a1dab59d7 (6.5-rc5)
-CVE-2023-53393 [RDMA/mlx5: Fix mlx5_ib_get_hw_stats when used for device]
+CVE-2023-53393 (In the Linux kernel, the following vulnerability has been resolved: R ...)
- linux 6.1.7-1
NOTE: https://git.kernel.org/linus/38b50aa44495d5eb4218f0b82fc2da76505cec53 (6.2-rc3)
-CVE-2023-53392 [HID: intel-ish-hid: Fix kernel panic during warm reset]
+CVE-2023-53392 (In the Linux kernel, the following vulnerability has been resolved: H ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/38518593ec55e897abda4b4be77b2ec8ec4447d1 (6.3-rc7)
-CVE-2023-53391 [shmem: use ramfs_kill_sb() for kill_sb method of ramfs-based tmpfs]
+CVE-2023-53391 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/36ce9d76b0a93bae799e27e4f5ac35478c676592 (6.5-rc1)
-CVE-2023-53390 [drivers: base: dd: fix memory leak with using debugfs_lookup()]
+CVE-2023-53390 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/36c893d3a759ae7c91ee7d4871ebfc7504f08c40 (6.3-rc1)
-CVE-2023-53389 [drm/mediatek: dp: Only trigger DRM HPD events if bridge is attached]
+CVE-2023-53389 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/36b617f7e4ae663fcadd202ea061ca695ca75539 (6.4-rc1)
-CVE-2023-53388 [drm/mediatek: Clean dangling pointer on bind error path]
+CVE-2023-53388 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/36aa8c61af55675ed967900fbe5deb32d776f051 (6.3-rc1)
-CVE-2023-53387 [scsi: ufs: core: Fix device management cmd timeout flow]
+CVE-2023-53387 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
NOTE: https://git.kernel.org/linus/36822124f9de200cedc2f42516301b50d386a6cd (6.3-rc1)
-CVE-2023-53386 [Bluetooth: Fix potential use-after-free when clear keys]
+CVE-2023-53386 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/3673952cf0c6cf81b06c66a0b788abeeb02ff3ae (6.6-rc1)
-CVE-2023-53385 [media: mdp3: Fix resource leaks in of_find_device_by_node]
+CVE-2023-53385 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.5.6-1
[bookworm] - linux 6.1.55-1
NOTE: https://git.kernel.org/linus/35ca8ce495366909b4c2e701d1356570dd40c4e2 (6.6-rc1)
-CVE-2023-53384 [wifi: mwifiex: avoid possible NULL skb pointer dereference]
+CVE-2023-53384 (In the Linux kernel, the following vulnerability has been resolved: w ...)
- linux 6.5.3-1
[bookworm] - linux 6.1.55-1
[bullseye] - linux 5.10.197-1
NOTE: https://git.kernel.org/linus/35a7a1ce7c7d61664ee54f5239a1f120ab95a87e (6.6-rc1)
-CVE-2023-53383 [irqchip/gicv3: Workaround for NVIDIA erratum T241-FABRIC-4]
+CVE-2023-53383 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
NOTE: https://git.kernel.org/linus/35727af2b15d98a2dd2811d631d3a3886111312e (6.4-rc1)
-CVE-2023-53382 [net/smc: Reset connection when trying to use SMCRv2 fails.]
+CVE-2023-53382 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.3.7-1
[bookworm] - linux 6.1.37-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/35112271672ae98f45df7875244a4e33aa215e31 (6.4-rc4)
-CVE-2023-53381 [NFSD: fix leaked reference count of nfsd4_ssc_umount_item]
+CVE-2023-53381 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.221-1
NOTE: https://git.kernel.org/linus/34e8f9ec4c9ac235f917747b23a200a5e0ec857b (6.3-rc1)
-CVE-2023-53380 [md/raid10: fix null-ptr-deref of mreplace in raid10_sync_request]
+CVE-2023-53380 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/34817a2441747b48e444cb0e05d84e14bc9443da (6.5-rc1)
-CVE-2023-53379 [usb: phy: phy-tahvo: fix memory leak in tahvo_usb_probe()]
+CVE-2023-53379 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/342161c11403ea00e9febc16baab1d883d589d04 (6.5-rc1)
-CVE-2023-53378 [drm/i915/dpt: Treat the DPT BO as a framebuffer]
+CVE-2023-53378 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.25-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3413881e1ecc3cba722a2e87ec099692eed5be28 (6.3-rc5)
-CVE-2023-53377 [cifs: prevent use-after-free by freeing the cfile later]
+CVE-2023-53377 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.4.4-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/33f736187d08f6bc822117629f263b97d3df4165 (6.5-rc1)
-CVE-2023-53376 [scsi: mpi3mr: Use number of bits to manage bitmap sizes]
+CVE-2023-53376 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.20-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/339e61565f81a6534afdc18fd854b2e2628bf5db (6.3-rc1)
-CVE-2023-53375 [tracing: Free error logs of tracing instances]
+CVE-2023-53375 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3357c6e429643231e60447b52ffbb7ac895aca22 (6.3-rc6)
-CVE-2023-53374 [Bluetooth: hci_conn: fail SCO/ISO via hci_conn_failed if ACL gone early]
+CVE-2023-53374 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.5.3-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3344d318337d9dca928fd448e966557ec5063f85 (6.6-rc1)
-CVE-2023-53373 [crypto: seqiv - Handle EBUSY correctly]
+CVE-2023-53373 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.1.20-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/32e62025e5e52fbe4812ef044759de7010b15dbc (6.3-rc1)
-CVE-2023-53372 [sctp: fix a potential overflow in sctp_ifwdtsn_skip]
+CVE-2023-53372 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.25-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/32832a2caf82663870126c5186cf8f86c8b2a649 (6.3-rc7)
-CVE-2023-53371 [net/mlx5e: fix memory leak in mlx5e_fs_tt_redirect_any_create]
+CVE-2023-53371 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3250affdc658557a41df9c5fb567723e421f8bf2 (6.5-rc2)
-CVE-2023-53370 [drm/amdgpu: fix memory leak in mes self test]
+CVE-2023-53370 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.4.13-1
[bookworm] - linux 6.1.52-1
NOTE: https://git.kernel.org/linus/31d7c3a4fc3d312a0646990767647925d5bde540 (6.5-rc1)
-CVE-2023-53369 [net: dcb: choose correct policy to parse DCB_ATTR_BCN]
+CVE-2023-53369 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.4.11-1
[bookworm] - linux 6.1.52-1
[bullseye] - linux 5.10.191-1
NOTE: https://git.kernel.org/linus/31d49ba033095f6e8158c60f69714a500922e0c3 (6.5-rc5)
-CVE-2022-50399 [media: atomisp: prevent integer overflow in sh_css_set_black_frame()]
+CVE-2022-50399 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.0.7-1
NOTE: https://git.kernel.org/linus/3ad290194bb06979367622e47357462836c1d3b4 (6.1-rc2)
-CVE-2022-50398 [drm/msm/dp: add atomic_check to bridge ops]
+CVE-2022-50398 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.7-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3a661247967a6f3c99a95a8ba4c8073c5846ea4b (6.1-rc3)
-CVE-2022-50397 [net/ieee802154: reject zero-sized raw_sendmsg()]
+CVE-2022-50397 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/3a4d061c699bd3eedc80dc97a4b2a2e1af83c6f5 (6.1-rc1)
-CVE-2022-50396 [net: sched: fix memory leak in tcindex_set_parms]
+CVE-2022-50396 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/399ab7fe0fa0d846881685fd4e57e9a8ef7559f7 (6.2-rc3)
-CVE-2022-50395 [integrity: Fix memory leakage in keyring allocation error path]
+CVE-2022-50395 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/39419ef7af0916cc3620ecf1ed42d29659109bf3 (6.2-rc1)
-CVE-2022-50394 [i2c: ismt: Fix an out-of-bounds bug in ismt_access()]
+CVE-2022-50394 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/39244cc754829bf707dccd12e2ce37510f5b1f8d (6.2-rc1)
-CVE-2022-50393 [drm/amdgpu: SDMA update use unlocked iterator]
+CVE-2022-50393 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/3913f0179ba366f7d7d160c506ce00de1602bbc4 (6.1-rc1)
-CVE-2022-50392 [ASoC: mediatek: mt8183: fix refcount leak in mt8183_mt6358_ts3a227_max98357_dev_probe()]
+CVE-2022-50392 (In the Linux kernel, the following vulnerability has been resolved: A ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/38eef3be38ab895959c442702864212cc3beb96c (6.2-rc1)
-CVE-2022-50391 [mm/mempolicy: fix memory leak in set_mempolicy_home_node system call]
+CVE-2022-50391 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/38ce7c9bdfc228c14d7621ba36d3eebedd9d4f76 (6.2-rc1)
-CVE-2022-50390 [drm/ttm: fix undefined behavior in bit shift for TTM_TT_FLAG_PRIV_POPULATED]
+CVE-2022-50390 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/387659939c00156f8d6bab0fbc55b4eaf2b6bc5b (6.2-rc1)
-CVE-2022-50389 [tpm: tpm_crb: Add the missed acpi_put_table() to fix memory leak]
+CVE-2022-50389 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/37e90c374dd11cf4919c51e847c6d6ced0abc555 (6.2-rc1)
-CVE-2022-50388 [nvme: fix multipath crash caused by flush request when blktrace is enabled]
+CVE-2022-50388 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.1.7-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/3659fb5ac29a5e6102bebe494ac789fd47fb78f4 (6.2-rc2)
-CVE-2022-50387 [net: hinic: fix the issue of CMDQ memory leaks]
+CVE-2022-50387 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.0.7-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/363cc87767f6ddcfb9158ad2e2afa2f8d5c4b94e (6.1-rc3)
-CVE-2022-50386 [Bluetooth: L2CAP: Fix user-after-free]
+CVE-2022-50386 (In the Linux kernel, the following vulnerability has been resolved: B ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/35fcbc4243aad7e7d020b7c1dfb14bb888b20a4f (6.1-rc1)
-CVE-2022-50385 [NFS: Fix an Oops in nfs_d_automount()]
+CVE-2022-50385 (In the Linux kernel, the following vulnerability has been resolved: N ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/35e3b6ae84935d0d7ff76cbdaa83411b0ad5e471 (6.2-rc1)
-CVE-2022-50384 [staging: vme_user: Fix possible UAF in tsi148_dma_list_add]
+CVE-2022-50384 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/357057ee55d3c99a5de5abe8150f7bca04f8e53b (6.2-rc1)
-CVE-2022-50383 [media: mediatek: vcodec: Can't set dst buffer to done when lat decode error]
+CVE-2022-50383 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
NOTE: https://git.kernel.org/linus/3568ecd3f3a6d133ab7feffbba34955c8c79bbc4 (6.2-rc1)
-CVE-2022-50382 [padata: Always leave BHs disabled when running ->parallel()]
+CVE-2022-50382 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/34c3a47d20ae55b3600fed733bf96eafe9c500d5 (6.2-rc1)
-CVE-2022-50381 [md: fix a crash in mempool_free]
+CVE-2022-50381 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/341097ee53573e06ab9fc675d96a052385b851fa (6.2-rc1)
-CVE-2022-50380 [mm: /proc/pid/smaps_rollup: fix no vma's null-deref]
+CVE-2022-50380 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 5.16.7-1
NOTE: https://git.kernel.org/linus/33fc9e26b7cb39f0d4219c875a2451802249c225 (5.15.76)
-CVE-2022-50379 [btrfs: fix race between quota enable and quota rescan ioctl]
+CVE-2022-50379 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/331cd9461412e103d07595a10289de90004ac890 (6.1-rc1)
-CVE-2022-50378 [drm/meson: reorder driver deinit sequence to fix use-after-free bug]
+CVE-2022-50378 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.0.3-1
NOTE: https://git.kernel.org/linus/31c519981eb141c7ec39bfd5be25d35f02edb868 (6.1-rc1)
-CVE-2022-50377 [ext4: check and assert if marking an no_delete evicting inode dirty]
+CVE-2022-50377 (In the Linux kernel, the following vulnerability has been resolved: e ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/318cdc822c63b6e2befcfdc2088378ae6fa18def (6.2-rc1)
-CVE-2022-50376 [orangefs: Fix kmemleak in orangefs_{kernel,client}_debug_init()]
+CVE-2022-50376 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.1.4-1
[bullseye] - linux 5.10.178-1
NOTE: https://git.kernel.org/linus/31720a2b109b3080eb77e97b8f6f50a27b4ae599 (6.2-rc1)
-CVE-2022-50375 [tty: serial: fsl_lpuart: disable dma rx/tx use flags in lpuart_dma_shutdown]
+CVE-2022-50375 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.0.3-1
[bullseye] - linux 5.10.158-1
NOTE: https://git.kernel.org/linus/316ae95c175a7d770d1bfe4c011192712f57aa4a (6.1-rc1)
-CVE-2025-30187
+CVE-2025-30187 (In some circumstances, when DNSdist is configured to use the nghttp2 l ...)
- dnsdist <unfixed>
[bookworm] - dnsdist <not-affected> (Vulnerable code not present)
[bullseye] - dnsdist <not-affected> (Vulnerable code not present)
NOTE: https://www.openwall.com/lists/oss-security/2025/09/18/1
NOTE: https://www.dnsdist.org/security-advisories/powerdns-advisory-for-dnsdist-2025-05.html
CVE-2025-10500
- - chromium 140.0.7339.185-1
- [bullseye] - chromium <end-of-life> (see #1061268)
+ - chromium 140.0.7339.185-1
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-10501
- - chromium 140.0.7339.185-1
- [bullseye] - chromium <end-of-life> (see #1061268)
+ - chromium 140.0.7339.185-1
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-10502
- - chromium 140.0.7339.185-1
- [bullseye] - chromium <end-of-life> (see #1061268)
+ - chromium 140.0.7339.185-1
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-10585
- - chromium 140.0.7339.185-1
- [bullseye] - chromium <end-of-life> (see #1061268)
+ - chromium 140.0.7339.185-1
+ [bullseye] - chromium <end-of-life> (see #1061268)
CVE-2025-9083 (The Ninja Forms WordPress plugin before 3.11.1 unserializes user inpu ...)
NOT-FOR-US: WordPress plugin
CVE-2025-8942 (The WP Hotel Booking WordPress plugin before 2.2.3 lacks proper server ...)
@@ -1835,6 +1919,7 @@ CVE-2022-50339 (In the Linux kernel, the following vulnerability has been resolv
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/f74ca25d6d6629ffd4fd80a1a73037253b57d06b (6.1-rc1)
CVE-2025-10537 (Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR 140.2 ...)
+ {DSA-6003-1}
- firefox 143.0-1
- firefox-esr 140.3.0esr-1
- thunderbird <unfixed>
@@ -1842,6 +1927,7 @@ CVE-2025-10537 (Memory safety bugs present in Firefox ESR 140.2, Thunderbird ESR
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10537
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10537
CVE-2025-10536 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
+ {DSA-6003-1}
- firefox 143.0-1
- firefox-esr 140.3.0esr-1
- thunderbird <unfixed>
@@ -1855,6 +1941,7 @@ CVE-2025-10534 (This vulnerability affects Firefox < 143 and Thunderbird < 143.)
- firefox 143.0-1
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10534
CVE-2025-10533 (This vulnerability affects Firefox < 143, Firefox ESR < 115.28, Firefo ...)
+ {DSA-6003-1}
- firefox 143.0-1
- firefox-esr 140.3.0esr-1
- thunderbird <unfixed>
@@ -1862,6 +1949,7 @@ CVE-2025-10533 (This vulnerability affects Firefox < 143, Firefox ESR < 115.28,
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10533
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10533
CVE-2025-10532 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
+ {DSA-6003-1}
- firefox 143.0-1
- firefox-esr 140.3.0esr-1
- thunderbird <unfixed>
@@ -1875,6 +1963,7 @@ CVE-2025-10530 (This vulnerability affects Firefox < 143 and Thunderbird < 143.)
- firefox <not-affected> (Only affects Firefox on Android)
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-73/#CVE-2025-10530
CVE-2025-10529 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
+ {DSA-6003-1}
- firefox 143.0-1
- firefox-esr 140.3.0esr-1
- thunderbird <unfixed>
@@ -1882,6 +1971,7 @@ CVE-2025-10529 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, T
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10529
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10529
CVE-2025-10528 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
+ {DSA-6003-1}
- firefox 143.0-1
- firefox-esr 140.3.0esr-1
- thunderbird <unfixed>
@@ -1889,6 +1979,7 @@ CVE-2025-10528 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, T
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-75/#CVE-2025-10528
NOTE: https://www.mozilla.org/en-US/security/advisories/mfsa2025-78/#CVE-2025-10528
CVE-2025-10527 (This vulnerability affects Firefox < 143, Firefox ESR < 140.3, Thunder ...)
+ {DSA-6003-1}
- firefox 143.0-1
- firefox-esr 140.3.0esr-1
- thunderbird <unfixed>
@@ -3850,7 +3941,7 @@ CVE-2025-10250 (A weakness has been identified in DJI Mavic Spark, Mavic Air and
NOT-FOR-US: Mavic
CVE-2025-10193 (DNS rebinding vulnerability in Neo4j Cypher MCP server allows maliciou ...)
NOT-FOR-US: Neo4j Cypher MCP server
-CVE-2025-10127 (Daikin Security Gateway is vulnerable to an authorization bypass throu ...)
+CVE-2025-10127 (Daikin Europe N.V Security Gateway is vulnerable to an authorization ...)
NOT-FOR-US: Daikin Security Gateway
CVE-2025-39791 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.16.5-1
@@ -5103,7 +5194,8 @@ CVE-2025-43778 (A Stored cross-site scripting vulnerability in the Liferay Porta
NOT-FOR-US: Liferay
CVE-2025-43777 (Liferay Portal 7.4.0 through 7.4.3.132, and Liferay DXP 2025.Q2.0 thr ...)
NOT-FOR-US: Liferay
-CVE-2025-43774 (A reflected cross-site scripting (XSS) vulnerability in the Liferay Po ...)
+CVE-2025-43774
+ REJECTED
NOT-FOR-US: Liferay
CVE-2025-43763 (A server-side request forgery (SSRF) vulnerability exist in the Lifera ...)
NOT-FOR-US: Liferay
@@ -6998,7 +7090,7 @@ CVE-2025-57147 (A SQL Injection vulnerability was found in phpgurukul Complaint
CVE-2025-57146 (phpgurukul Complaint Management System in PHP 2.0 is vulnerable to SQL ...)
NOT-FOR-US: PHPGurukul
CVE-2025-57052 (cJSON 1.5.0 through 1.7.18 allows out-of-bounds access via the decode_ ...)
- {DSA-6001-1}
+ {DSA-6001-1 DLA-4304-1}
- cjson <unfixed> (bug #1114757)
NOTE: https://x-0r.com/posts/cJSON-Array-Index-Parsing-Vulnerability
NOTE: https://github.com/DaveGamble/cJSON/commit/74e1ff4994aa4139126967f6d289b675b4b36fef (v1.7.19)
@@ -11358,7 +11450,7 @@ CVE-2025-50926 (Easy Hosting Control Panel EHCP v20.04.1.b was discovered to con
NOT-FOR-US: Easy Hosting Control Panel EHCP
CVE-2025-50897 (A vulnerability exists in riscv-boom SonicBOOM 1.2 (BOOMv1.2) processo ...)
NOT-FOR-US: riscv-boom SonicBOOM
-CVE-2025-50891 (Adform Site Tracking 1.1 allows attackers to inject HTML or execute ar ...)
+CVE-2025-50891 (The server-side backend for Adform Site Tracking before 2025-08-28 all ...)
NOT-FOR-US: Adform Site Tracking
CVE-2025-50579 (A CORS misconfiguration in Nginx Proxy Manager v2.12.3 allows unauthor ...)
NOT-FOR-US: Nginx Proxy Manager
@@ -15060,7 +15152,7 @@ CVE-2025-47907 (Cancelling a query (e.g. by cancelling the context passed to one
NOTE: https://github.com/golang/go/issues/74831
NOTE: https://github.com/golang/go/commit/83b4a5db240960720e51b7d5a6da1f399bd868ee (go1.24.6)
NOTE: https://github.com/golang/go/commit/8a924caaf348fdc366bab906424616b2974ad4e9 (go1.23.12)
-CVE-2025-47906
+CVE-2025-47906 (If the PATH environment variable contains paths which are executables ...)
- golang-1.24 <unfixed> (bug #1110947)
[trixie] - golang-1.24 <no-dsa> (Minor issue)
- golang-1.23 <unfixed> (bug #1110948)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4802d9499eda84ff8f83e160e395da4c8f1a788
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f4802d9499eda84ff8f83e160e395da4c8f1a788
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250918/0ff058f1/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list