[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 7 09:18:09 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
23e10259 by Salvatore Bonaccorso at 2025-04-07T10:17:40+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -29,7 +29,7 @@ CVE-2025-3330 (A vulnerability classified as critical was found in codeprojects
 CVE-2025-3329 (A vulnerability classified as problematic has been found in Consumer C ...)
 	TODO: check
 CVE-2025-3328 (A vulnerability was found in Tenda AC1206 15.03.06.23. It has been cla ...)
-	TODO: check
+	NOT-FOR-US: Tenda
 CVE-2025-3327 (A vulnerability was found in iteaj iboot \u7269\u8054\u7f51\u7f51\u517 ...)
 	TODO: check
 CVE-2025-3326 (A vulnerability has been found in iteaj iboot \u7269\u8054\u7f51\u7f51 ...)
@@ -41,81 +41,81 @@ CVE-2025-3324 (A vulnerability, which was classified as critical, has been found
 CVE-2025-3323 (A vulnerability classified as critical was found in godcheese/code-pro ...)
 	TODO: check
 CVE-2025-31175 (Deserialization mismatch vulnerability in the DSoftBus module Impact:  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-31174 (Path traversal vulnerability in the DFS module Impact: Successful expl ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-31173 (Memory write permission bypass vulnerability in the kernel futex modul ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-31172 (Memory write permission bypass vulnerability in the kernel futex modul ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-31171 (File read permission bypass vulnerability in the kernel file system mo ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-31170 (Access control vulnerability in the security verification module Impac ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2025-27534 (in OpenHarmony v5.0.2 and prior versions allow a local attacker case D ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2025-25057 (in OpenHarmony v5.0.2 and prior versions allow a local attacker case D ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2025-24304 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2025-22851 (in OpenHarmony v5.0.2 and prior versions allow a local attacker arbitr ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2025-22842 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2025-22452 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2025-20664 (In wlan AP driver, there is a possible information disclosure due to a ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20663 (In wlan AP driver, there is a possible information disclosure due to a ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20662 (In PlayReady TA, there is a possible out of bounds read due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20661 (In PlayReady TA, there is a possible out of bounds read due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20660 (In PlayReady TA, there is a possible out of bounds read due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20659 (In Modem, there is a possible system crash due to improper input valid ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20658 (In DA, there is a possible permission bypass due to a logic error. Thi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20657 (In vdec, there is a possible permission bypass due to improper input v ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20656 (In DA, there is a possible out of bounds write due to a missing bounds ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20655 (In keymaster, there is a possible out of bounds read due to a missing  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20654 (In wlan service, there is a possible out of bounds write due to an inc ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2025-20102 (in OpenHarmony v5.0.2 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2024-58127 (Access control vulnerability in the security verification module Impac ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58126 (Access control vulnerability in the security verification module Impac ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58125 (Access control vulnerability in the security verification module Impac ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58124 (Access control vulnerability in the security verification module Impac ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58116 (Buffer overflow vulnerability in the SVG parsing module of the ArkUI f ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58115 (Buffer overflow vulnerability in the SVG parsing module of the ArkUI f ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58113 (Vulnerability of improper resource management in the memory management ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58112 (Exception capture failure vulnerability in the SVG parsing module of t ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58111 (Exception capture failure vulnerability in the SVG parsing module of t ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58110 (Buffer overflow vulnerability in the codec module Impact: Successful e ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58109 (Buffer overflow vulnerability in the codec module Impact: Successful e ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58108 (Buffer overflow vulnerability in the codec module Impact: Successful e ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58107 (Buffer overflow vulnerability in the codec module Impact: Successful e ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-58106 (Buffer overflow vulnerability in the codec module Impact: Successful e ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2024-11071 (Permissive Cross-domain Policy with Untrusted Domains vulnerability in ...)
 	TODO: check
 CVE-2025-3318 (A vulnerability classified as critical was found in Kenj_Frog \u80af\u ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23e102591a7b46189d66df94752f741eae841b5d

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/23e102591a7b46189d66df94752f741eae841b5d
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250407/4b7ac8e3/attachment.htm>

More information about the debian-security-tracker-commits mailing list