[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Thu Nov 14 12:39:54 GMT 2024
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
b2622e3d by Moritz Muehlenhoff at 2024-11-14T13:39:35+01:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -73,15 +73,15 @@ CVE-2024-36282 (Improper input validation in the Intel(R) Server Board S2600ST F
CVE-2024-36276 (Insecure inherited permissions for some Intel(R) CIP software before v ...)
NOT-FOR-US: Intel
CVE-2024-36275 (NULL pointer dereference in some Intel(R) Optane(TM) PMem Management s ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-36253 (Uncontrolled search path in the Intel(R) SDP Tool for Windows software ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-36245 (Uncontrolled search path element in some Intel(R) VTune(TM) Profiler s ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-36242 (Protection mechanism failure in the SPP for some Intel(R) Processors m ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-35245 (Uncontrolled search path element in some Intel(R) PROSet/Wireless WiFi ...)
- TODO: check
+ NOT-FOR-US: Intel Wifi drivers for Windows
CVE-2024-35201 (Incorrect default permissions in the Intel(R) SDP Tool for Windows sof ...)
NOT-FOR-US: Intel
CVE-2024-34776 (Out-of-bounds write in some Intel(R) SGX SDK software may allow an aut ...)
@@ -91,7 +91,7 @@ CVE-2024-34170 (Improper buffer restrictions in some Intel(R) Graphics Drivers m
CVE-2024-34167 (Uncontrolled search path for the Intel(R) Server Board S2600ST Family ...)
NOT-FOR-US: Intel
CVE-2024-34165 (Uncontrolled search path in some Intel(R) oneAPI DPC++/C++ Compiler be ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-34164 (Uncontrolled search path element in some Intel(R) MAS software before ...)
NOT-FOR-US: Intel
CVE-2024-34028 (Uncontrolled search path in some Intel(R) Graphics Offline Compiler fo ...)
@@ -101,69 +101,69 @@ CVE-2024-34023 (Untrusted pointer dereference in some Intel(R) Graphics Drivers
CVE-2024-34022 (Improper Access Control in some Thunderbolt(TM) Share software before ...)
NOT-FOR-US: Intel
CVE-2024-33624 (Improper input validation for some Intel(R) PROSet/Wireless WiFi softw ...)
- TODO: check
+ NOT-FOR-US: Intel Wifi drivers for Windows
CVE-2024-33617 (Insufficient control flow management in some Intel(R) QAT Engine for O ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-33611 (Improper input validation for some Intel(R) PROSet/Wireless WiFi softw ...)
- TODO: check
+ NOT-FOR-US: Intel Wifi drivers for Windows
CVE-2024-32667 (Out-of-bounds read for some OpenCL(TM) software may allow an authentic ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32485 (Improper Input Validation in some Intel(R) VROC software before versio ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32483 (Improper access control for some Intel(R) EMA software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32048 (Improper input validation in the Intel(R) Distribution of OpenVINO(TM) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-32044 (Improper access control for some Intel(R) Arc(TM) Pro Graphics for Win ...)
NOT-FOR-US: Intel graphics drivers for Windows
CVE-2024-31407 (Uncontrolled search path in some Intel(R) High Level Synthesis Compile ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-31158 (Improper input validation in UEFI firmware in some Intel(R) Server Boa ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-31154 (Improper input validation in UEFI firmware for some Intel(R) Server S2 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-31074 (Observable timing discrepancy in some Intel(R) QAT Engine for OpenSSL ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29085 (Improper access control for some BigDL software maintained by Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29083 (Incorrect default permissions in some Intel(R) Distribution for Python ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29079 (Insufficient control flow management in some Intel(R) VROC software be ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29077 (Improper access control in some JAM STAPL Player software before versi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-29076 (Uncaught exception for some Intel(R) CST software before version 8.7.1 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28952 (Uncontrolled search path for some Intel(R) IPP software for Windows be ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28950 (Uncontrolled search path for some Intel(R) oneAPI Math Kernel Library ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28885 (Observable discrepancy in some Intel(R) QAT Engine for OpenSSL softwar ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28881 (Uncontrolled search path for some Intel(R) Fortran Compiler Classic so ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28169 (Cleartext transmission of sensitive information for some BigDL softwar ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28051 (Out-of-bounds read in some Intel(R) VPL software before version 24.1.4 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28049 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
TODO: check
CVE-2024-28030 (NULL pointer dereference in some Intel(R) VPL software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-28028 (Improper input validation in some Intel(R) Neural Compressor software ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-27200 (Improper access control in some Intel(R) Granulate(TM) software before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-26017 (Uncontrolled search path in some Intel(R) Rendering Toolkit software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-25647 (Incorrect default permissions for some Intel(R) Binary Configuration T ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-25565 (Insufficient control flow management in UEFI firmware for some Intel(R ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-25563 (Improper initialization in firmware for some Intel(R) PROSet/Wireless ...)
TODO: check
CVE-2024-24985 (Exposure of resource to wrong sphere in some Intel(R) processors with ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-24984 (Improper input validation for some Intel(R) Wireless Bluetooth(R) prod ...)
TODO: check
CVE-2024-23919 (Improper buffer restrictions in some Intel(R) Graphics software may al ...)
@@ -173,29 +173,29 @@ CVE-2024-23918 (Improper conditions check in some Intel(R) Xeon(R) processor mem
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
CVE-2024-23312 (Uncontrolled search path for some Intel(R) Binary Configuration Tool s ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-23198 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
TODO: check
CVE-2024-22185 (Time-of-check Time-of-use Race Condition in some Intel(R) processors w ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21853 (Improper finite state machines (FSMs) in the hardware logic in some 4t ...)
- intel-microcode <unfixed>
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01101.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
CVE-2024-21850 (Sensitive information in resource not removed before reuse in some Int ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21820 (Incorrect default permissions in some Intel(R) Xeon(R) processor memor ...)
- intel-microcode <unfixed>
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01079.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20241112
CVE-2024-21808 (Improper buffer restrictions in some Intel(R) VPL software before vers ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21799 (Path traversal for some Intel(R) Extension for Transformers software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-21783 (Integer overflow for some Intel(R) VPL software before version 24.1.4 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2024-11206 (Unauthorized access vulnerability in the mobile application (com.trans ...)
- TODO: check
+ NOT-FOR-US: com.transsion.phoenix
CVE-2024-11193 (An information disclosure vulnerability exists in Yugabyte Anywhere, w ...)
NOT-FOR-US: Yugabyte
CVE-2024-10146 (The Simple File List WordPress plugin before 6.1.13 does not sanitise ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2622e3d28821c107e8a1f2cd3794b420a40996f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b2622e3d28821c107e8a1f2cd3794b420a40996f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241114/38ed37d6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list