Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e0bf94aa by Salvatore Bonaccorso at 2026-02-10T22:42:33+01:00
auto-nfu: Add two more products covered by Intel CNA rule
- - - - -
9f868b64 by Salvatore Bonaccorso at 2026-02-10T22:43:03+01:00
Process some NFUs
- - - - -
2 changed files:
- data/CVE/list
- data/packages/nfu.yaml
Changes:
=====================================
data/CVE/list
=====================================
@@ -340,11 +340,11 @@ CVE-2025-48509 (Missing Checks in certain functions
related to RMP initializatio
CVE-2025-40587 (A vulnerability has been identified in Polarion V2404 (All
versions < ...)
NOT-FOR-US: Siemens
CVE-2025-36522 (Incorrect default permissions for some Intel(R) Chipset
Software befor ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-36511 (Incorrect default permissions for some Intel(R) Memory and
Storage Too ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-35999 (Incorrect permission assignment for critical resource for some
System ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-35998 (Missing protection mechanism for alternate hardware interface
in the I ...)
TODO: check
CVE-2025-35992 (Improper conditions check in some firmware for some Intel(R)
NPU Drive ...)
@@ -360,7 +360,7 @@ CVE-2025-32467 (Use of uninitialized variable for some TDX
Module before version
CVE-2025-32453 (Incorrect default permissions for some Intel(R) Graphics
Driver softwa ...)
TODO: check
CVE-2025-32452 (Uncontrolled search path for some AI Playground before version
2.6.1 b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32092 (Insecure inherited permissions for some Intel(R) Graphics
Software bef ...)
TODO: check
CVE-2025-32008 (Out-of-bounds write in the firmware for the Intel(R) AMT and
Intel(R) ...)
@@ -408,6 +408,7 @@ CVE-2025-27243 (Out-of-bounds write in the firmware for
some Intel(R) Ethernet C
CVE-2025-25210 (Improper input validation for some Server Firmware Update
Utility(SysF ...)
TODO: check
CVE-2025-25058 (Improper initialization for some ESXi kernel mode driver for
the Intel ...)
+ NOT-FOR-US: Intel
TODO: check
CVE-2025-24851 (Uncaught exception in the firmware for some 100GbE Intel(R)
Ethernet C ...)
TODO: check
=====================================
data/packages/nfu.yaml
=====================================
@@ -446,6 +446,7 @@
- cna: intel
- anyOf:
- product: ACAT
+ - product: AI Playground
- product: AI Playground software
- product: Display Virtualization for Windows OS software
- product: Edge Orchestrator software
@@ -458,6 +459,7 @@
- product: Intel(R) CIP software
- product: Intel(R) Distribution for Python software installers
- product: Intel(R) Killer(TM) Performance Suite software
+ - product: Intel(R) Memory and Storage Tool
- product: Intel(R) Neural Compressor software
- product: Intel(R) One Boot Flash Update (Intel(R) OFU) software
- product: Intel(R) PROSet/Wireless WiFi Software for Windows
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4bf14360a579c6e59d894f0be51c910134923473...9f868b64d0037ea0fa544f95c06f76ac408da5ae
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/4bf14360a579c6e59d894f0be51c910134923473...9f868b64d0037ea0fa544f95c06f76ac408da5ae
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
