[Git][security-tracker-team/security-tracker][master] Remove tracking of src:linux from CVE-2025-54505 (which has own CVE as CVE-2026-31628)

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Apr 29 12:50:57 BST 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
57d8e057 by Salvatore Bonaccorso at 2026-04-29T13:50:17+02:00
Remove tracking of src:linux from CVE-2025-54505 (which has own CVE as CVE-2026-31628)

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1717,6 +1717,8 @@ CVE-2026-31629 (In the Linux kernel, the following vulnerability has been resolv
 CVE-2026-31628 (In the Linux kernel, the following vulnerability has been resolved:  x ...)
 	- linux 6.19.13-1
 	NOTE: https://git.kernel.org/linus/e55d98e7756135f32150b9b8f75d580d0d4b2dd3 (7.1-rc1)
+	NOTE: https://www.amd.com/en/resources/product-security/bulletin/amd-sb-7053.html
+	NOTE: https://roots.ec/blog/fpdss/
 CVE-2026-31627 (In the Linux kernel, the following vulnerability has been resolved:  i ...)
 	- linux 6.19.14-1
 	NOTE: https://git.kernel.org/linus/c0128c7157d639a931353ea344fb44aad6d6e17a (7.1-rc1)
@@ -5807,7 +5809,6 @@ CVE-2026-1838 (The Hostel plugin for WordPress is vulnerable to Reflected Cross-
 CVE-2026-1559 (The Youzify plugin for WordPress is vulnerable to Stored Cross-Site Sc ...)
 	NOT-FOR-US: WordPress plugin
 CVE-2025-54505 (A transient execution vulnerability within AMD CPUs may allow a local  ...)
-	- linux 6.19.13-1
 	- xen <unfixed>
 	[trixie] - xen <no-dsa> (Minor issue)
 	[bookworm] - xen <no-dsa> (Minor issue)
@@ -5818,6 +5819,8 @@ CVE-2025-54505 (A transient execution vulnerability within AMD CPUs may allow a
 	NOTE: Mitigation in src:xen and src:linux:
 	NOTE: https://xenbits.xen.org/xsa/advisory-488.html
 	NOTE: https://git.kernel.org/linus/e55d98e7756135f32150b9b8f75d580d0d4b2dd3
+	NOTE: The Linux kernel has its own CVE CVE-2026-31628 for the lack of mitigation, and
+	NOTE: thus only tracked under CVE-2026-31628.
 CVE-2026-6507 (A flaw was found in dnsmasq. A remote attacker could exploit an out-of ...)
 	- dnsmasq 2.92-4 (bug #1134264)
 	[trixie] - dnsmasq <not-affected> (Vulnerable code introduced later)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57d8e0575a35b2529fe3d15498947b0865ece82a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/57d8e0575a35b2529fe3d15498947b0865ece82a
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260429/f61f9d41/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list