[Git][security-tracker-team/security-tracker][master] add product-based rule for Nvidia

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Jun 25 15:11:26 BST 2025



Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d88122b4 by Moritz Muehlenhoff at 2025-06-25T16:09:36+02:00
add product-based rule for Nvidia

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -234,11 +234,11 @@ CVE-2025-27828 (A vulnerability in the legacy chat component of Mitel MiContact
 CVE-2025-27827 (A vulnerability in the legacy chat component of Mitel MiContact Center ...)
 	NOT-FOR-US: Mitel
 CVE-2025-23265 (NVIDIA Megatron-LM for all platforms contains a vulnerability in a pyt ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-23264 (NVIDIA Megatron-LM for all platforms contains a vulnerability in a pyt ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-23260 (NVIDIA AIStore contains a vulnerability in the AIS Operator where a us ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2025-1718 (An authenticated user with file access privilege via FTP access can ca ...)
 	NOT-FOR-US: Hitachi Energy
 CVE-2024-56918 (In Netbox Community 4.1.7, the login page is vulnerable to cross-site  ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -278,6 +278,12 @@
     - cna: hp
     - not:
         product: HP Linux Imaging and Printing Software
+- reason: NVIDIA
+  allOf:
+    - cna: nvidia
+    - anyOf:
+      - product: Megatron LM
+      - product: AIStore
 - reason: Oracle
   allOf:
     - cna: oracle



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d88122b4a67a7c35d83a8b3bcbfe7d44fcd84d00

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d88122b4a67a7c35d83a8b3bcbfe7d44fcd84d00
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250625/31689a6e/attachment-0001.htm>


More information about the debian-security-tracker-commits mailing list