Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: ed2411a9 by Salvatore Bonaccorso at 2025-10-13T18:03:35+02:00 Merge Linux CVEs from kernel-sec - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -1,3 +1,11 @@ +CVE-2025-39965 [xfrm: xfrm_alloc_spi shouldn't use 0 as SPI] + - linux 6.16.10-1 + [bookworm] - linux <not-affected> (Vulnerable code not present) + [bullseye] - linux <not-affected> (Vulnerable code not present) + NOTE: https://git.kernel.org/linus/cd8ae32e4e4652db55bce6b9c79267d8946765a9 (6.17) +CVE-2025-39964 [crypto: af_alg - Disallow concurrent writes in af_alg_sendmsg] + - linux 6.16.9-1 + NOTE: https://git.kernel.org/linus/1b34cbbf4f011a121ef7b2d7d6e6920a036d5285 (6.17-rc7) CVE-2025-9976 (An OS Command Injection vulnerability affecting Station Launcher App i ...) NOT-FOR-US: Dassault Systemes CVE-2025-9698 (The Plus Addons for Elementor WordPress plugin before 6.3.16 does not ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed2411a90fa43eb1c4b18f3184a76779f909f254 -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ed2411a90fa43eb1c4b18f3184a76779f909f254 You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
