[Git][security-tracker-team/security-tracker][master] Merge Linux CVE changes from kernel-sec
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Sep 23 08:12:55 BST 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
dd21d056 by Salvatore Bonaccorso at 2025-09-23T09:12:41+02:00
Merge Linux CVE changes from kernel-sec
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,3 +1,128 @@
+CVE-2025-39888 [fuse: Block access to folio overlimit]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/9d81ba6d49a7457784f0b6a71046818b86ec7e44 (6.17-rc6)
+CVE-2025-39887 [tracing/osnoise: Fix null-ptr-deref in bitmap_parselist()]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/c1628c00c4351dd0727ef7f670694f68d9e663d8 (6.17-rc6)
+CVE-2025-39886 [bpf: Tell memcg to use allow_spinning=false path in bpf_timer_init()]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/6d78b4473cdb08b74662355a9e8510bde09c511e (6.17-rc6)
+CVE-2025-39885 [ocfs2: fix recursive semaphore deadlock in fiemap call]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ NOTE: https://git.kernel.org/linus/04100f775c2ea501927f508f17ad824ad1f23c8d (6.17-rc6)
+CVE-2025-39884 [btrfs: fix subvolume deletion lockup caused by inodes xarray race]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f6a6c280059c4ddc23e12e3de1b01098e240036f (6.17-rc6)
+CVE-2025-39883 [mm/memory-failure: fix VM_BUG_ON_PAGE(PagePoisoned(page)) when unpoison memory]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ NOTE: https://git.kernel.org/linus/d613f53c83ec47089c4e25859d5e8e0359f6f8da (6.17-rc6)
+CVE-2025-39882 [drm/mediatek: fix potential OF node use-after-free]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/4de37a48b6b58faaded9eb765047cf0d8785ea18 (6.17-rc6)
+CVE-2025-39881 [kernfs: Fix UAF in polling when open file is released]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3c9ba2777d6c86025e1ba4186dc5cd930e40ec5f (6.17-rc6)
+CVE-2025-39880 [libceph: fix invalid accesses to ceph_connection_v1_info]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cdbc9836c7afadad68f374791738f118263c5371 (6.17-rc6)
+CVE-2025-39879 [ceph: always call ceph_shift_unused_folios_left()]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/cce7c15faaac79b532a07ed6ab8332280ad83762 (6.17-rc6)
+CVE-2025-39878 [ceph: fix crash after fscrypt_encrypt_pagecache_blocks() error]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/249e0a47cdb46bb9eae65511c569044bd8698d7d (6.17-rc6)
+CVE-2025-39877 [mm/damon/sysfs: fix use-after-free in state_show()]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/3260a3f0828e06f5f13fac69fb1999a6d60d9cff (6.17-rc6)
+CVE-2025-39876 [net: fec: Fix possible NPD in fec_enet_phy_reset_after_clk_enable()]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ NOTE: https://git.kernel.org/linus/03e79de4608bdd48ad6eec272e196124cefaf798 (6.17-rc6)
+CVE-2025-39875 [igb: Fix NULL pointer dereference in ethtool loopback test]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/75871a525a596ff4d16c4aebc0018f8d0923c9b1 (6.17-rc6)
+CVE-2025-39874 [macsec: sync features on RTM_NEWLINK]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/0f82c3ba66c6b2e3cde0f255156a753b108ee9dc (6.17-rc6)
+CVE-2025-39873 [can: xilinx_can: xcan_write_frame(): fix use-after-free of transmitted SKB]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ NOTE: https://git.kernel.org/linus/ef79f00be72bd81d2e1e6f060d83cf7e425deee4 (6.17-rc6)
+CVE-2025-39872 [hsr: hold rcu and dev lock for hsr_get_port_ndev]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/847748fc66d08a89135a74e29362a66ba4e3ab15 (6.17-rc6)
+CVE-2025-39871 [dmaengine: idxd: Remove improper idxd_free]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/f41c538881eec4dcf5961a242097d447f848cda6 (6.17-rc6)
+CVE-2025-39870 [dmaengine: idxd: Fix double free in idxd_setup_wqs()]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/39aaa337449e71a41d4813be0226a722827ba606 (6.17-rc6)
+CVE-2025-39869 [dmaengine: ti: edma: Fix memory allocation size for queue_priority_map]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux 6.1.153-1
+ NOTE: https://git.kernel.org/linus/e63419dbf2ceb083c1651852209c7f048089ac0f (6.17-rc6)
+CVE-2025-39868 [erofs: fix runtime warning on truncate_folio_batch_exceptionals()]
+ - linux 6.16.8-1
+ [trixie] - linux <not-affected> (Vulnerable code not present)
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/181993bb0d626cf88cc803f4356ce5c5abe86278 (6.17-rc6)
+CVE-2025-39867 [netfilter: nft_set_pipapo: fix null deref for empty set]
+ - linux 6.16.8-1
+ [trixie] - linux 6.12.48-1
+ [bookworm] - linux <not-affected> (Vulnerable code not present)
+ [bullseye] - linux <not-affected> (Vulnerable code not present)
+ NOTE: https://git.kernel.org/linus/30c1d25b9870d551be42535067d5481668b5e6f3 (6.17-rc2)
CVE-2025-XXXX [auth: Use AUTH_CACHE_KEY_USER instead of per-database constants]
- dovecot 1:2.4.1+dfsg1-7 (bug #1115474)
[bookworm] - dovecot <not-affected> (Vulnerable code introduced later)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd21d056ad89f8e851a916b3e8feb741d4a71a7c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/dd21d056ad89f8e851a916b3e8feb741d4a71a7c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250923/9a3bf212/attachment.htm>
More information about the debian-security-tracker-commits
mailing list