[Git][security-tracker-team/security-tracker][master] two arm-trusted-firmware issues

Sun, 02 Mar 2025 23:34:30 -0800 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
c80b89c8 by Moritz Muehlenhoff at 2025-03-03T08:33:44+01:00
two arm-trusted-firmware issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10977,7 +10977,8 @@ CVE-2025-0065 (Improper Neutralization of Argument 
Delimiters in the TeamViewer_
 CVE-2024-8401 (CWE-79: Improper Neutralization of Input During Web Page 
Generation (\ ...)
        NOT-FOR-US: Schneider Electric
 CVE-2024-7881 (An unprivileged context can trigger a data memory-dependent 
prefetch e ...)
-       NOT-FOR-US: Arm
+       - arm-trusted-firmware 2.12.1+dfsg-1
+       NOTE: 
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
 CVE-2024-6351 (A malformed packet can cause a buffer overflow in the NWK/APS 
layer of ...)
        NOT-FOR-US: Ember ZNet
 CVE-2024-40677 (In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, 
there is  ...)
@@ -25845,7 +25846,8 @@ CVE-2024-8256 (In Teltonika Networks RUTOS devices, 
running on versions 7.0 to 7
 CVE-2024-7572 (Insufficient permissions in Ivanti DSM before version 
2024.3.5740 allo ...)
        NOT-FOR-US: Ivanti
 CVE-2024-5660 (Use of Hardware Page Aggregation (HPA) and Stage-1 and/or 
Stage-2 tran ...)
-       NOT-FOR-US: Arm
+       - arm-trusted-firmware 2.12.1+dfsg-1
+       NOTE: 
https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
 CVE-2024-55602 (PwnDoc is a penetration test report generator. Prior to commit 
1d4219c ...)
        NOT-FOR-US: PwnDoc
 CVE-2024-55586 (Nette Database through 3.2.4 allows SQL injection in certain 
situation ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c80b89c828b2da9b733a18349d77593d69d29917

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c80b89c828b2da9b733a18349d77593d69d29917
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to