Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
a60c1112 by Salvatore Bonaccorso at 2024-11-15T22:42:07+01:00
Reference commit for CVE-2024-36275/ipmctl
Note there is no reference ince the INTEL-SA-01189 but we know it is
fixed in upstream 03.00.00.0499 and 02.00.00.4040. Looking at the
changes in the upstream repository leads to the PBR parsing crash for
3_0 or the 2_0 branch.
A peer review would be welcome in any case.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -644,6 +644,7 @@ CVE-2024-36276 (Insecure inherited permissions for some
Intel(R) CIP software be
CVE-2024-36275 (NULL pointer dereference in some Intel(R) Optane(TM) PMem
Management s ...)
- ipmctl <unfixed>
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01189.html
+ NOTE:
https://github.com/intel/ipmctl/commit/59d74ca68fcde3f1a11298a935b470fac09904aa
(v03.00.00.0499)
NOTE: Fixed in 03.00.00.0499 and later upstream.
CVE-2024-36253 (Uncontrolled search path in the Intel(R) SDP Tool for Windows
software ...)
NOT-FOR-US: Intel
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60c11122771c5427470cc296594083748c68fb7
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a60c11122771c5427470cc296594083748c68fb7
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
