[Git][security-tracker-team/security-tracker][master] 2 commits: auto-nfu: Add rule for Samsung Mobile

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Mar 6 08:18:46 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
6f422329 by Moritz Muehlenhoff at 2025-03-06T09:18:07+01:00
auto-nfu: Add rule for Samsung Mobile

- - - - -
54f22fe0 by Moritz Muehlenhoff at 2025-03-06T09:18:32+01:00
NFUs

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -23,59 +23,59 @@ CVE-2025-22623 (Ad Inserter - Ad Manager and AdSense Ads 2.8.0 was found to be v
 CVE-2025-22447 (Incorrect access permission of a specific service issue exists in Remo ...)
 	TODO: check
 CVE-2025-20933 (Out-of-bounds read in parsing bmp image in Samsung Notes prior to vers ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20932 (Out-of-bounds read in parsing rle of bmp image in Samsung Notes prior  ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20931 (Out-of-bounds write in parsing bmp image in Samsung Notes prior to ver ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20930 (Out-of-bounds read in parsing jpeg image in Samsung Notes prior to ver ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20929 (Out-of-bounds write in parsing jpeg image in Samsung Notes prior to ve ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20928 (Out-of-bounds read in parsing wbmp image in Samsung Notes prior to vae ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20927 (Out-of-bounds read in parsing image data in Samsung Notes prior to vae ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20926 (Improper export of Android application components in My Files prior to ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20925 (Out-of-bounds read in applying binary of text data in Samsung Notes pr ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20924 (Improper access control in Samsung Notes prior to version 4.4.26.71 al ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20923 (Improper access control in Galaxy Wearable prior to version 2.2.61.241 ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20922 (Out-of-bounds read in appending text paragraph in Samsung Notes prior  ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20921 (Out-of-bounds read in applying binary of text content in Samsung Notes ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20920 (Out-of-bounds read in action link data in Samsung Notes prior to versi ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20919 (Out-of-bounds read in applying binary of video content in Samsung Note ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20918 (Out-of-bounds read in applying extra data of base content in Samsung N ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20917 (Out-of-bounds read in applying binary of pdf content in Samsung Notes  ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20916 (Out-of-bounds read in reading string of SPen in Samsung Notes prior to ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20915 (Out-of-bounds read in applying binary of voice content in Samsung Note ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20914 (Out-of-bounds read in applying binary of hand writing content in Samsu ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20913 (Out-of-bounds read in applying binary of drawing content in Samsung No ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20912 (Incorrect default permission in DiagMonAgent prior to SMR Mar-2025 Rel ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20911 (Improper access control in sem_wifi service prior to SMR Mar-2025 Rele ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20910 (Incorrect default permission in Galaxy Watch Gallery prior to SMR Mar- ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20909 (Use of implicit intent for sensitive communication in Settings prior t ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20908 (Use of insufficiently random values in Auracast prior to SMR Mar-2025  ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-20903 (Improper access control in SecSettingsIntelligence prior to SMR Mar-20 ...)
-	TODO: check
+	NOT-FOR-US: Samsung Mobile
 CVE-2025-1979 (Versions of the package ray before 2.43.0 are vulnerable to Insertion  ...)
 	TODO: check
 CVE-2024-57174 (A misconfiguration in Alphion ASEE-1443 Firmware v0.4.H.00.02.15 defin ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -13,6 +13,8 @@
   cna: juniper
 - reason: OpenHarmony
   cna: OpenHarmony
+- reason: Samsung Mobile
+  cna: SamsungMobile
 - reason: SAP
   cna: sap
 - reason: WordPress plugin



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2fa10edb4facb8886cec2ff71a11d897a1f4266a...54f22fe0f0d653480bcfb1384d819c4b09286740

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/compare/2fa10edb4facb8886cec2ff71a11d897a1f4266a...54f22fe0f0d653480bcfb1384d819c4b09286740
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250306/47ced6ff/attachment.htm>

More information about the debian-security-tracker-commits mailing list