[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend nvidia rule

[Moritz Muehlenhoff (@jmm)]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
bcbcd71c by Moritz Muehlenhoff at 2026-05-20T09:56:31+02:00
auto-nfu: Extend nvidia rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -368,11 +368,11 @@ CVE-2026-24207 (NVIDIA Triton Inference Server contains a 
vulnerability where an
 CVE-2026-24206 (NVIDIA Triton Inference Server contains a vulnerability where 
an attac ...)
        NOT-FOR-US: NVIDIA
 CVE-2026-24163 (NVIDIA TRT-LLM for any platform contains a vulnerability in 
RPC testin ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24160 (NVIDIA TRT-LLM for any platform contains a vulnerability where 
an atta ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2026-24142 (NVIDIA TRT-LLM for any platform contains a deserialization 
vulnerabili ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-70950 (An issue in gohttp commit 34ea51 allows attackers to execute a 
directo ...)
        TODO: check
 CVE-2025-61081 (In BYD Atto3, an attacker can obtain an authentication key 
through Bru ...)
@@ -392,7 +392,7 @@ CVE-2025-40901 (A Stored HTML Injection vulnerability was 
discovered in the Cred
 CVE-2025-40900 (An Angular template injection vulnerability was discovered in 
the Repo ...)
        TODO: check
 CVE-2025-33255 (NVIDIA TRT-LLM for any platform contains a vulnerability in 
MPI server ...)
-       TODO: check
+       NOT-FOR-US: NVIDIA
 CVE-2025-15645 (Ledger Nano X, Flex, and Stax devices contain a denial of 
service vuln ...)
        TODO: check
 CVE-2025-15369 (The Xpro Addons \u2014 140+ Widgets for Elementor plugin for 
WordPress ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -559,6 +559,7 @@
       - product: Resiliency Extension
       - product: RunAI
       - product: TAO
+      - product: TensorRT-LLM
       - product: Triton Inference Server
 - reason: Oracle
   allOf:



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcbcd71ca4aa4dfeb5d77e0d1328df0bffd2b2b4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/bcbcd71ca4aa4dfeb5d77e0d1328df0bffd2b2b4
You're receiving this email because of your account on salsa.debian.org. Manage 
all notifications: https://salsa.debian.org/-/profile/notifications | Help: 
https://salsa.debian.org/help



_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits