[Git][security-tracker-team/security-tracker][master] Add Debian bug reference for intel-microcode issues

Salvatore Bonaccorso (@carnil) carnil at debian.org
Wed Aug 13 09:53:27 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
f30eca57 by Salvatore Bonaccorso at 2025-08-13T10:53:16+02:00
Add Debian bug reference for intel-microcode issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -497,7 +497,7 @@ CVE-2025-32932 (An Improper neutralization of input during web page generation (
 CVE-2025-32766 (A stack-based buffer overflow vulnerability [CWE-121] in Fortinet Fort ...)
 	NOT-FOR-US: Fortinet
 CVE-2025-32086 (Improperly implemented security check for standard in the DDRIO config ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-32004 (Improper input validation in the Intel Edger8r Tool for some Intel(R)  ...)
@@ -531,7 +531,7 @@ CVE-2025-26470 (Incorrect default permissions for some Intel(R) Distribution for
 CVE-2025-26404 (Uncontrolled search path for some Intel(R) DSA software before version ...)
 	NOT-FOR-US: Intel
 CVE-2025-26403 (Out-of-bounds write in the memory subsystem for some Intel(R) Xeon(R)  ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-26398 (SolarWinds Database Performance Analyzer was found to contain a hard-c ...)
@@ -579,7 +579,7 @@ CVE-2025-24323 (Improper access control in some firmware package and LED mode to
 CVE-2025-24313 (Improper access control for some Device Plugins for Kubernetes softwar ...)
 	NOT-FOR-US: Intel
 CVE-2025-24305 (Insufficient control flow management in the Alias Checking Trusted Mod ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-24303 (Improper check for unusual or exceptional conditions in the Linux kern ...)
@@ -593,17 +593,17 @@ CVE-2025-23241 (Integer overflow or wraparound in the Linux kernel-mode driver f
 CVE-2025-22893 (Insufficient control flow management in the Linux kernel-mode driver f ...)
 	NOT-FOR-US: Intel
 CVE-2025-22889 (Improper handling of overlap between protected memory ranges for some  ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-22853 (Improper synchronization in the firmware for some Intel(R) TDX may all ...)
 	NOT-FOR-US: Intel
 CVE-2025-22840 (Sequence of processor instructions leads to unexpected behavior for so ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-22839 (Insufficient granularity of access control in the OOB-MSM for some Int ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-22838 (Uncontrolled search path for some Intel(R) RealSense(TM) Dynamic Calib ...)
@@ -621,7 +621,7 @@ CVE-2025-21096 (Improper buffer restrictions in the firmware for some Intel(R) T
 CVE-2025-21093 (Uncontrolled search path element for some Intel(R) Driver & Suppor ...)
 	NOT-FOR-US: Intel
 CVE-2025-21090 (Missing reference to active allocated resource for some Intel(R) Xeon( ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-21086 (Improper input validation in the Linux kernel-mode driver for some Int ...)
@@ -633,7 +633,7 @@ CVE-2025-20625 (Improper conditions check for some Intel(R) PROSet/Wireless WiFi
 CVE-2025-20613 (Predictable Seed in Pseudo-Random Number Generator (PRNG) in the firmw ...)
 	NOT-FOR-US: Intel
 CVE-2025-20109 (Improper Isolation or Compartmentalization in the stream cache mechani ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-20099 (Improper access control for some Intel(R) Rapid Storage Technology ins ...)
@@ -653,7 +653,7 @@ CVE-2025-20074 (Time-of-check Time-of-use race condition for some Intel(R) Conne
 CVE-2025-20067 (Observable timing discrepancy in firmware for some Intel(R) CSME and I ...)
 	NOT-FOR-US: Intel
 CVE-2025-20053 (Improper buffer restrictions for some Intel(R) Xeon(R) Processor firmw ...)
-	- intel-microcode <unfixed>
+	- intel-microcode <unfixed> (bug #1110983)
 	NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
 	NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
 CVE-2025-20048 (Uncontrolled search path for the Intel(R) Trace Analyzer and Collector ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f30eca5795523a4e97863f56e1c1d42352171464

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f30eca5795523a4e97863f56e1c1d42352171464
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250813/afca4e04/attachment.htm>

More information about the debian-security-tracker-commits mailing list