Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
6f422329 by Moritz Muehlenhoff at 2025-03-06T09:18:07+01:00
auto-nfu: Add rule for Samsung Mobile
- - - - -
54f22fe0 by Moritz Muehlenhoff at 2025-03-06T09:18:32+01:00
NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -23,59 +23,59 @@ CVE-2025-22623 (Ad Inserter - Ad Manager and AdSense Ads
2.8.0 was found to be v
CVE-2025-22447 (Incorrect access permission of a specific service issue exists
in Remo ...)
TODO: check
CVE-2025-20933 (Out-of-bounds read in parsing bmp image in Samsung Notes prior
to vers ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20932 (Out-of-bounds read in parsing rle of bmp image in Samsung
Notes prior ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20931 (Out-of-bounds write in parsing bmp image in Samsung Notes
prior to ver ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20930 (Out-of-bounds read in parsing jpeg image in Samsung Notes
prior to ver ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20929 (Out-of-bounds write in parsing jpeg image in Samsung Notes
prior to ve ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20928 (Out-of-bounds read in parsing wbmp image in Samsung Notes
prior to vae ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20927 (Out-of-bounds read in parsing image data in Samsung Notes
prior to vae ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20926 (Improper export of Android application components in My Files
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20925 (Out-of-bounds read in applying binary of text data in Samsung
Notes pr ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20924 (Improper access control in Samsung Notes prior to version
4.4.26.71 al ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20923 (Improper access control in Galaxy Wearable prior to version
2.2.61.241 ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20922 (Out-of-bounds read in appending text paragraph in Samsung
Notes prior ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20921 (Out-of-bounds read in applying binary of text content in
Samsung Notes ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20920 (Out-of-bounds read in action link data in Samsung Notes prior
to versi ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20919 (Out-of-bounds read in applying binary of video content in
Samsung Note ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20918 (Out-of-bounds read in applying extra data of base content in
Samsung N ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20917 (Out-of-bounds read in applying binary of pdf content in
Samsung Notes ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20916 (Out-of-bounds read in reading string of SPen in Samsung Notes
prior to ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20915 (Out-of-bounds read in applying binary of voice content in
Samsung Note ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20914 (Out-of-bounds read in applying binary of hand writing content
in Samsu ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20913 (Out-of-bounds read in applying binary of drawing content in
Samsung No ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20912 (Incorrect default permission in DiagMonAgent prior to SMR
Mar-2025 Rel ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20911 (Improper access control in sem_wifi service prior to SMR
Mar-2025 Rele ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20910 (Incorrect default permission in Galaxy Watch Gallery prior to
SMR Mar- ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20909 (Use of implicit intent for sensitive communication in Settings
prior t ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20908 (Use of insufficiently random values in Auracast prior to SMR
Mar-2025 ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-20903 (Improper access control in SecSettingsIntelligence prior to
SMR Mar-20 ...)
- TODO: check
+ NOT-FOR-US: Samsung Mobile
CVE-2025-1979 (Versions of the package ray before 2.43.0 are vulnerable to
Insertion ...)
TODO: check
CVE-2024-57174 (A misconfiguration in Alphion ASEE-1443 Firmware
v0.4.H.00.02.15 defin ...)
=====================================
data/packages/nfu.yaml
=====================================
@@ -13,6 +13,8 @@
cna: juniper
- reason: OpenHarmony
cna: OpenHarmony
+- reason: Samsung Mobile
+ cna: SamsungMobile
- reason: SAP
cna: sap
- reason: WordPress plugin
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2fa10edb4facb8886cec2ff71a11d897a1f4266a...54f22fe0f0d653480bcfb1384d819c4b09286740
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2fa10edb4facb8886cec2ff71a11d897a1f4266a...54f22fe0f0d653480bcfb1384d819c4b09286740
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
