Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
ab327672 by Salvatore Bonaccorso at 2026-02-14T11:53:51+01:00
Process some more Intel NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1854,30 +1854,30 @@ CVE-2025-35992 (Improper conditions check in some
firmware for some Intel(R) NPU
CVE-2025-33030 (Improper conditions check in some firmware for some Intel(R)
NPU Drive ...)
NOT-FOR-US: Intel
CVE-2025-32739 (Improper conditions check in some firmware for some Intel(R)
Graphics ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32735 (Improper conditions check in some firmware for some Intel(R)
NPU Drive ...)
- firmware-nonfree 20251011-1
[bookworm] - firmware-nonfree <not-affected> (VPU firmware not yet
present)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01403.html
NOTE:
https://gitlab.com/kernel-firmware/linux-firmware/-/commit/d2404284b6ce4ee34ca56351d8741cdc61d81910
(20251011)
CVE-2025-32467 (Use of uninitialized variable for some TDX Module before
version tdx1. ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32453 (Incorrect default permissions for some Intel(R) Graphics
Driver softwa ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32452 (Uncontrolled search path for some AI Playground before version
2.6.1 b ...)
NOT-FOR-US: Intel
CVE-2025-32092 (Insecure inherited permissions for some Intel(R) Graphics
Software bef ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32008 (Out-of-bounds write in the firmware for the Intel(R) AMT and
Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32007 (Out-of-bounds read for some TDX before version tdx module
1.5.24 withi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32003 (Out-of-bounds read in the firmware for some 100GbE Intel(R)
Ethernet N ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31944 (Race condition for some TDX Module before version tdx1.5
within Ring 0 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31655 (Incorrect default permissions for some Intel(R) Battery Life
Diagnosti ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31648 (Improper handling of values in the microcode flow for some
Intel(R) Pr ...)
- intel-microcode <unfixed> (bug #1127837)
[trixie] - intel-microcode <no-dsa> (Minor issue)
@@ -1886,9 +1886,9 @@ CVE-2025-31648 (Improper handling of values in the
microcode flow for some Intel
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01396.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260210-rev1
CVE-2025-30513 (Race condition for some TDX Module within Ring 0: Hypervisor
may allow ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-30508 (Improper authorization in the Intel(R) Quick Assist Technology
for som ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-29952 (Improper Initialization within the AMD Secure Encrypted
Virtualization ...)
TODO: check
CVE-2025-29951 (A buffer overflow in the AMD Secure Processor (ASP) bootloader
could a ...)
@@ -1904,30 +1904,29 @@ CVE-2025-29946 (Insufficient or Incomplete Data Removal
in Hardware Component in
CVE-2025-29939 (Improper access control in secure encrypted virtualization
(SEV) could ...)
TODO: check
CVE-2025-27940 (Out-of-bounds read for some TDX Module before version tdx1.5
within Ri ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27708 (Out-of-bounds read in the firmware for some Intel(R) Converged
Securit ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27572 (Exposure of sensitive information during transient execution
for some ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27560 (Loop with unreachable exit condition ('infinite loop') for
some Intel( ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27535 (Exposed ioctl with insufficient access control in the firmware
for som ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27243 (Out-of-bounds write in the firmware for some Intel(R) Ethernet
Control ...)
TODO: check
CVE-2025-25210 (Improper input validation for some Server Firmware Update
Utility(SysF ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-25058 (Improper initialization for some ESXi kernel mode driver for
the Intel ...)
NOT-FOR-US: Intel
- TODO: check
CVE-2025-24851 (Uncaught exception in the firmware for some 100GbE Intel(R)
Ethernet C ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-22885 (Improper buffer restrictions in the firmware for the TDX
Module may al ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-22849 (Incorrect default permissions for the Intel(R) Optane(TM) PMem
managem ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-22453 (Improper input validation for some Server Firmware Update
Utility(SysF ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20106 (Uncontrolled search path in some software installer for some
VTune(TM) ...)
NOT-FOR-US: Intel
CVE-2025-20080 (Null pointer dereference in the firmware for some Intel(R) AMT
and Int ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab32767205ee4b03ead750f1abe359046fdc9180
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab32767205ee4b03ead750f1abe359046fdc9180
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
