[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Salvatore Bonaccorso (@carnil) carnil at debian.org
Tue Jan 13 19:46:24 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6aab9a26 by Salvatore Bonaccorso at 2026-01-13T20:45:56+01:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,92 @@
+CVE-2025-71101 [platform/x86: hp-bioscfg: Fix out-of-bounds array access in ACPI package parsing]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/e44c42c830b7ab36e3a3a86321c619f24def5206 (6.19-rc4)
+CVE-2025-71100 [wifi: rtlwifi: 8192cu: fix tid out of range in rtl92cu_tx_fill_desc()]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dd39edb445f07400e748da967a07d5dca5c5f96e (6.19-rc4)
+CVE-2025-71099 [drm/xe/oa: Fix potential UAF in xe_oa_add_config_ioctl()]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/dcb171931954c51a1a7250d558f02b8f36570783 (6.19-rc1)
+CVE-2025-71098 [ip6_gre: make ip6gre_header() robust]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/db5b4e39c4e63700c68a7e65fc4e1f1375273476 (6.19-rc4)
+CVE-2025-71097 [ipv4: Fix reference count leak when using error routes with nexthop objects]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/ac782f4e3bfcde145b8a7f8af31d9422d94d172a (6.19-rc4)
+CVE-2025-71096 [RDMA/core: Check for the presence of LS_NLA_TYPE_DGID correctly]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/a7b8e876e0ef0232b8076972c57ce9a7286b47ca (6.19-rc4)
+CVE-2025-71095 [net: stmmac: fix the crash issue for zero copy XDP_TX action]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a48e232210009be50591fdea8ba7c07b0f566a13 (6.19-rc4)
+CVE-2025-71094 [net: usb: asix: validate PHY address before use]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a1e077a3f76eea0dc671ed6792e7d543946227e8 (6.19-rc4)
+CVE-2025-71093 [e1000: fix OOB in e1000_tbi_should_accept()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/9c72a5182ed92904d01057f208c390a303f00a0f (6.19-rc4)
+CVE-2025-71092 [RDMA/bnxt_re: Fix OOB write in bnxt_re_copy_err_stats()]
+	- linux <unfixed>
+	[trixie] - linux <not-affected> (Vulnerable code not present)
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/9b68a1cc966bc947d00e4c0df7722d118125aa37 (6.19-rc4)
+CVE-2025-71091 [team: fix check for port enabled in team_queue_override_port_prio_changed()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/932ac51d9953eaf77a1252f79b656d4ca86163c6 (6.19-rc4)
+CVE-2025-71090 [nfsd: fix nfsd_file reference leak in nfsd4_add_rdaccess_to_wrdeleg()]
+	- linux <unfixed>
+	[trixie] - linux <not-affected> (Vulnerable code not present)
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/8072e34e1387d03102b788677d491e2bcceef6f5 (6.19-rc4)
+CVE-2025-71089 [iommu: disable SVA when CONFIG_X86 is set]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/72f98ef9a4be30d2a60136dd6faee376f780d06c (6.19-rc1)
+CVE-2025-71088 [mptcp: fallback earlier on simult connection]
+	- linux <unfixed>
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/71154bbe49423128c1c8577b6576de1ed6836830 (6.19-rc4)
+CVE-2025-71087 [iavf: fix off-by-one issues in iavf_config_rss_reg()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/6daa2893f323981c7894c68440823326e93a7d61 (6.19-rc4)
+CVE-2025-71086 [net: rose: fix invalid array index in rose_kill_by_device()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/6595beb40fb0ec47223d3f6058ee40354694c8e4 (6.19-rc4)
+CVE-2025-71085 [ipv6: BUG() in pskb_expand_head() as part of calipso_skbuff_setattr()]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/58fc7342b529803d3c221101102fe913df7adb83 (6.19-rc4)
+CVE-2025-71084 [RDMA/cm: Fix leaking the multicast GID table reference]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/57f3cb6c84159d12ba343574df2115fb18dd83ca (6.19-rc4)
+CVE-2025-71083 [drm/ttm: Avoid NULL pointer deref for evicted BOs]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/491adc6a0f9903c32b05f284df1148de39e8e644 (6.19-rc1)
+CVE-2025-71082 [Bluetooth: btusb: revert use of devm_kzalloc in btusb]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/252714f1e8bdd542025b16321c790458014d6880 (6.19-rc4)
+CVE-2025-71081 [ASoC: stm32: sai: fix OF node leak on probe]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/23261f0de09427367e99f39f588e31e2856a690e (6.19-rc1)
+CVE-2025-71080 [ipv6: fix a BUG in rt6_get_pcpu_route() under PREEMPT_RT]
+	- linux <unfixed>
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/1adaea51c61b52e24e7ab38f7d3eba023b2d050d (6.19-rc4)
+CVE-2025-71079 [net: nfc: fix deadlock between nfc_unregister_device and rfkill_fop_write]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/1ab526d97a57e44d26fadcc0e9adeb9c0c0182f5 (6.19-rc4)
+CVE-2025-71078 [powerpc/64s/slb: Fix SLB multihit issue during SLB preload]
+	- linux <unfixed>
+	NOTE: https://git.kernel.org/linus/00312419f0863964625d6dcda8183f96849412c6 (6.19-rc1)
 CVE-2025-71070 [ublk: clean up user copy references on ublk server exit]
 	- linux 6.18.3-1
 	[trixie] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6aab9a269d75e3025d8f169e9012587ac4c06867

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/6aab9a269d75e3025d8f169e9012587ac4c06867
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260113/47c8330d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list