[Git][security-tracker-team/security-tracker][master] two arm-trusted-firmware issues

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Mar 3 07:34:06 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c80b89c8 by Moritz Muehlenhoff at 2025-03-03T08:33:44+01:00
two arm-trusted-firmware issues

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -10977,7 +10977,8 @@ CVE-2025-0065 (Improper Neutralization of Argument Delimiters in the TeamViewer_
 CVE-2024-8401 (CWE-79: Improper Neutralization of Input During Web Page Generation (\ ...)
 	NOT-FOR-US: Schneider Electric
 CVE-2024-7881 (An unprivileged context can trigger a data memory-dependent prefetch e ...)
-	NOT-FOR-US: Arm
+	- arm-trusted-firmware 2.12.1+dfsg-1
+	NOTE: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-7881
 CVE-2024-6351 (A malformed packet can cause a buffer overflow in the NWK/APS layer of ...)
 	NOT-FOR-US: Ember ZNet
 CVE-2024-40677 (In shouldSkipForInitialSUW of AdvancedPowerUsageDetail.java, there is  ...)
@@ -25845,7 +25846,8 @@ CVE-2024-8256 (In Teltonika Networks RUTOS devices, running on versions 7.0 to 7
 CVE-2024-7572 (Insufficient permissions in Ivanti DSM before version 2024.3.5740 allo ...)
 	NOT-FOR-US: Ivanti
 CVE-2024-5660 (Use of Hardware Page Aggregation (HPA) and Stage-1 and/or Stage-2 tran ...)
-	NOT-FOR-US: Arm
+	- arm-trusted-firmware 2.12.1+dfsg-1
+	NOTE: https://developer.arm.com/Arm%20Security%20Center/Arm%20CPU%20Vulnerability%20CVE-2024-5660
 CVE-2024-55602 (PwnDoc is a penetration test report generator. Prior to commit 1d4219c ...)
 	NOT-FOR-US: PwnDoc
 CVE-2024-55586 (Nette Database through 3.2.4 allows SQL injection in certain situation ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c80b89c828b2da9b733a18349d77593d69d29917

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c80b89c828b2da9b733a18349d77593d69d29917
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250303/5afb96cf/attachment.htm>

More information about the debian-security-tracker-commits mailing list