[Git][security-tracker-team/security-tracker][master] Add two CVEs for ipmctl from INTEL-SA-00948

Salvatore Bonaccorso (@carnil) Thu, 15 Feb 2024 21:25:10 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
5ed172f7 by Salvatore Bonaccorso at 2024-02-16T06:22:57+01:00
Add two CVEs for ipmctl from INTEL-SA-00948

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51287,7 +51287,9 @@ CVE-2023-28721
 CVE-2023-28658 (Insecure inherited permissions in some Intel(R) oneMKL 
software before ...)
        NOT-FOR-US: Intel
 CVE-2023-27517 (Improper access control in some Intel(R) Optane(TM) PMem 
software befo ...)
-       TODO: check
+       - ipmctl 03.00.00.0485-1
+       NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html
+       TODO: full details not clear but affects the "Intel Optane Pmem 
{1,2,3}00Series management software (ipmctl)
 CVE-2023-26589 (Use after free in some Intel(R) Aptio* V UEFI Firmware 
Integrator Tool ...)
        NOT-FOR-US: Intel
 CVE-2023-25949 (Uncontrolled resource consumption in some Intel(R) Aptio* V 
UEFI Firmw ...)
@@ -64913,7 +64915,9 @@ CVE-2023-22655
 CVE-2023-22431
        RESERVED
 CVE-2023-22311 (Improper access control in some Intel(R) Optane(TM) PMem 100 
Series Ma ...)
-       TODO: check
+       - ipmctl <not-affected> (Only affects the Intel Optane PMem 100 Series 
Managment Software)
+       NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00948.html
+       TODO: full details not clear but affects the "Intel Optane Pmem 
{1,2,3}00Series management software (ipmctl)
 CVE-2023-0525 (Weak Encoding for Password vulnerability in Mitsubishi Electric 
Corpor ...)
        NOT-FOR-US: PyroCMS
 CVE-2023-0524 (As part of our Security Development Lifecycle, a potential 
privilege e ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ed172f74b50bdbb4b6d8e3c1555ef94bbae7ab7

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5ed172f74b50bdbb4b6d8e3c1555ef94bbae7ab7
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Add two CVEs for ipmctl from INTEL-SA-00948

Reply via email to