[Git][security-tracker-team/security-tracker][master] Merge Linux CVEs from kernel-sec

Wed May 6 13:45:54 BST 2026


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8e4d4410 by Salvatore Bonaccorso at 2026-05-06T14:45:29+02:00
Merge Linux CVEs from kernel-sec

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,52 @@
+CVE-2025-71288 [memory: mtk-smi: fix device leaks on common probe]
+	- linux 6.19.6-1
+	[trixie] - linux 6.12.85-1
+	[bookworm] - linux 6.1.170-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/6cfa038bddd710f544076ea2ef7792fc82fbedd6 (7.0-rc1)
+CVE-2025-71286 [ASoC: SOF: ipc4-topology: Correct the allocation size for bytes controls]
+	- linux 6.19.6-1
+	[trixie] - linux 6.12.85-1
+	[bookworm] - linux <not-affected> (Vulnerable code not present)
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/a653820700b81c9e6f05ac23b7969ecec1a18e85 (7.0-rc1)
+CVE-2025-71295 [fs/buffer: add alert in try_to_free_buffers() for folios without buffers]
+	- linux 6.19.6-1
+	[trixie] - linux 6.12.85-1
+	[bookworm] - linux 6.1.170-1
+	NOTE: https://git.kernel.org/linus/b68f91ef3b3fe82ad78c417de71b675699a8467c (7.0-rc1)
+CVE-2025-71294 [drm/amdgpu: fix NULL pointer issue buffer funcs]
+	- linux 6.19.6-1
+	[trixie] - linux 6.12.85-1
+	NOTE: https://git.kernel.org/linus/9877a865d62c9c3e0f4cc369dc9ca9f7f24f5ee9 (7.0-rc1)
+CVE-2025-71293 [drm/amdgpu/ras: Move ras data alloc before bad page check]
+	- linux 6.19.6-1
+	NOTE: https://git.kernel.org/linus/bd68a1404b6fa2e7e9957b38ba22616faba43e75 (7.0-rc1)
+CVE-2025-71292 [jfs: nlink overflow in jfs_rename]
+	- linux 6.19.6-1
+	[trixie] - linux 6.12.85-1
+	[bookworm] - linux 6.1.170-1
+	NOTE: https://git.kernel.org/linus/9218dc26fd922b09858ecd3666ed57dfd8098da8 (7.0-rc1)
+CVE-2025-71291 [misc: bcm_vk: Fix possible null-pointer dereferences in bcm_vk_read()]
+	- linux 6.19.6-1
+	[trixie] - linux 6.12.85-1
+	[bookworm] - linux 6.1.170-1
+	NOTE: https://git.kernel.org/linus/ba75ecb97d3f4e95d59002c13afb6519205be6cb (7.0-rc1)
+CVE-2025-71290 [misc: ti_fpc202: fix a potential memory leak in probe function]
+	- linux 6.19.6-1
+	NOTE: https://git.kernel.org/linus/dad9f13d967b4e53e8eaf5f9c690f8e778ad9802 (7.0-rc1)
+CVE-2025-71289 [fs/ntfs3: handle attr_set_size() errors when truncating files]
+	- linux 6.19.6-1
+	NOTE: https://git.kernel.org/linus/576248a34b927e93b2fd3fff7df735ba73ad7d01 (7.0-rc1)
+CVE-2025-71287 [memory: mtk-smi: fix device leak on larb probe]
+	- linux 6.19.6-1
+	[trixie] - linux 6.12.85-1
+	[bookworm] - linux 6.1.170-1
+	NOTE: https://git.kernel.org/linus/9dae65913b32d05dbc8ff4b8a6bf04a0e49a8eb6 (7.0-rc1)
+CVE-2025-71285 [net: qrtr: Drop the MHI auto_queue feature for IPCR DL channels]
+	- linux 6.19.6-1
+	[bullseye] - linux <not-affected> (Vulnerable code not present)
+	NOTE: https://git.kernel.org/linus/51731792a25cb312ca94cdccfa139eb46de1b2ef (7.0-rc1)
 CVE-2026-43282 [RDMA/ionic: Fix potential NULL pointer dereference in ionic_query_port]
 	- linux 6.19.6-1
 	[trixie] - linux <not-affected> (Vulnerable code not present)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e4d44103b0a61ea365a0a01bf9d446035ca55f3

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8e4d44103b0a61ea365a0a01bf9d446035ca55f3
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260506/90f53a04/attachment.htm>
