Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
b2622e3d by Moritz Muehlenhoff at 2024-11-14T13:39:35+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -73,15 +73,15 @@ CVE-2024-36282 (Improper input validation in the Intel(R)
Server Board S2600ST F
CVE-2024-36276 (Insecure inherited permissions for some Intel(R) CIP software
before v ...)
NOT-FOR-US: Intel
CVE-2024-36275 (NULL pointer dereference in some Intel(R) Optane(TM) PMem
Management s ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-36253 (Uncontrolled search path in the Intel(R) SDP Tool for Windows
software ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-36245 (Uncontrolled search path element in some Intel(R) VTune(TM)
Profiler s ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-36242 (Protection mechanism failure in the SPP for some Intel(R)
Processors m ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-35245 (Uncontrolled search path element in some Intel(R)
PROSet/Wireless WiFi ...)
- TODO: check
+ NOT-FOR-US: Intel Wifi drivers for Windows
CVE-2024-35201 (Incorrect default permissions in the Intel(R) SDP Tool for
Windows sof ...)
NOT-FOR-US: Intel
CVE-2024-34776 (Out-of-bounds write in some Intel(R) SGX SDK software may
allow an aut ...)
@@ -91,7 +91,7 @@ CVE-2024-34170 (Improper buffer restrictions in some Intel(R)
Graphics Drivers m
CVE-2024-34167 (Uncontrolled search path for the Intel(R) Server Board S2600ST
Family ...)
NOT-FOR-US: Intel
CVE-2024-34165 (Uncontrolled search path in some Intel(R) oneAPI DPC++/C++
Compiler be ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-34164 (Uncontrolled search path element in some Intel(R) MAS software
before ...)
NOT-FOR-US: Intel
CVE-2024-34028 (Uncontrolled search path in some Intel(R) Graphics Offline
Compiler fo ...)
@@ -101,69 +101,69 @@ CVE-2024-34023 (Untrusted pointer dereference in some
Intel(R) Graphics Drivers
CVE-2024-34022 (Improper Access Control in some Thunderbolt(TM) Share software
before ...)
NOT-FOR-US: Intel
CVE-2024-33624 (Improper input validation for some Intel(R) PROSet/Wireless
WiFi softw ...)
- TODO: check
+ NOT-FOR-US: Intel Wifi drivers for Windows
CVE-2024-33617 (Insufficient control flow management in some Intel(R) QAT
Engine for O ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-33611 (Improper input validation for some Intel(R) PROSet/Wireless
WiFi softw ...)
- TODO: check
+ NOT-FOR-US: Intel Wifi drivers for Windows
CVE-2024-32667 (Out-of-bounds read for some OpenCL(TM) software may allow an
authentic ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32485 (Improper Input Validation in some Intel(R) VROC software
before versio ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32483 (Improper access control for some Intel(R) EMA software before
version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32048 (Improper input validation in the Intel(R) Distribution of
OpenVINO(TM) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32044 (Improper access control for some Intel(R) Arc(TM) Pro Graphics
for Win ...)
NOT-FOR-US: Intel graphics drivers for Windows
CVE-2024-31407 (Uncontrolled search path in some Intel(R) High Level Synthesis
Compile ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-31158 (Improper input validation in UEFI firmware in some Intel(R)
Server Boa ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-31154 (Improper input validation in UEFI firmware for some Intel(R)
Server S2 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-31074 (Observable timing discrepancy in some Intel(R) QAT Engine for
OpenSSL ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29085 (Improper access control for some BigDL software maintained by
Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29083 (Incorrect default permissions in some Intel(R) Distribution
for Python ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29079 (Insufficient control flow management in some Intel(R) VROC
software be ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29077 (Improper access control in some JAM STAPL Player software
before versi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29076 (Uncaught exception for some Intel(R) CST software before
version 8.7.1 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28952 (Uncontrolled search path for some Intel(R) IPP software for
Windows be ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28950 (Uncontrolled search path for some Intel(R) oneAPI Math Kernel
Library ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28885 (Observable discrepancy in some Intel(R) QAT Engine for OpenSSL
softwar ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28881 (Uncontrolled search path for some Intel(R) Fortran Compiler
Classic so ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28169 (Cleartext transmission of sensitive information for some BigDL
softwar ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28051 (Out-of-bounds read in some Intel(R) VPL software before
version 24.1.4 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28049 (Improper input validation in firmware for some Intel(R)
PROSet/Wireles ...)
TODO: check
CVE-2024-28030 (NULL pointer dereference in some Intel(R) VPL software before
version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28028 (Improper input validation in some Intel(R) Neural Compressor
software ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-27200 (Improper access control in some Intel(R) Granulate(TM)
software before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-26017 (Uncontrolled search path in some Intel(R) Rendering Toolkit
software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-25647 (Incorrect default permissions for some Intel(R) Binary
Configuration T ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-25565 (Insufficient control flow management in UEFI firmware for some
Intel(R ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-25563 (Improper initialization in firmware for some Intel(R)
PROSet/Wireless ...)
TODO: check
CVE-2024-24985 (Exposure of resource to wrong sphere in some Intel(R)
processors with ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-24984 (Improper input validation for some Intel(R) Wireless
Bluetooth(R) prod ...)
TODO: check
CVE-2024-23919 (Improper buffer restrictions in some Intel(R) Graphics
software may al ...)
@@ -173,29 +173,29 @@ CVE-2024-23918 (Improper conditions check in some
Intel(R) Xeon(R) processor mem
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
CVE-2024-23312 (Uncontrolled search path for some Intel(R) Binary
Configuration Tool s ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-23198 (Improper input validation in firmware for some Intel(R)
PROSet/Wireles ...)
TODO: check
CVE-2024-22185 (Time-of-check Time-of-use Race Condition in some Intel(R)
processors w ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21853 (Improper finite state machines (FSMs) in the hardware logic in
some 4t ...)
- intel-microcode <unfixed>
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01101.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
CVE-2024-21850 (Sensitive information in resource not removed before reuse in
some Int ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21820 (Incorrect default permissions in some Intel(R) Xeon(R)
processor memor ...)
- intel-microcode <unfixed>
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
CVE-2024-21808 (Improper buffer restrictions in some Intel(R) VPL software
before vers ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21799 (Path traversal for some Intel(R) Extension for Transformers
software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21783 (Integer overflow for some Intel(R) VPL software before version
24.1.4 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-11206 (Unauthorized access vulnerability in the mobile application
(com.trans ...)
- TODO: check
+ NOT-FOR-US: com.transsion.phoenix
CVE-2024-11193 (An information disclosure vulnerability exists in Yugabyte
Anywhere, w ...)
NOT-FOR-US: Yugabyte
CVE-2024-10146 (The Simple File List WordPress plugin before 6.1.13 does not
sanitise ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2622e3d28821c107e8a1f2cd3794b420a40996f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2622e3d28821c107e8a1f2cd3794b420a40996f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
