[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed May 14 10:12:34 BST 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
b5db218d by Moritz Muehlenhoff at 2025-05-14T11:11:20+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -80,7 +80,7 @@ CVE-2025-24308 (Improper input validation in the UEFI firmware error handler for
 CVE-2025-23233 (Incorrect execution-assigned permissions for some Edge Orchestrator so ...)
 	NOT-FOR-US: Intel
 CVE-2025-22895 (Exposure of sensitive information to an unauthorized actor for some Ed ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-22892 (Uncontrolled resource consumption for some OpenVINO\u2122 model server ...)
 	NOT-FOR-US: Intel
 CVE-2025-22848 (Improper conditions check for some Edge Orchestrator software for Inte ...)
@@ -90,7 +90,7 @@ CVE-2025-22844 (Improper access control for some Edge Orchestrator software for
 CVE-2025-22843 (Incorrect execution-assigned permissions for some Edge Orchestrator so ...)
 	NOT-FOR-US: Intel
 CVE-2025-22448 (Insecure inherited permissions for some Intel(R) Simics(R) Package Man ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-22446 (Inadequate encryption strength for some Edge Orchestrator software for ...)
 	NOT-FOR-US: Intel
 CVE-2025-21100 (Improper initialization in the UEFI firmware for the Intel(R) Server D ...)
@@ -100,11 +100,11 @@ CVE-2025-21099 (Uncontrolled search path for some Intel(R) Graphics software may
 CVE-2025-21094 (Improper input validation in the UEFI firmware DXE module for the Inte ...)
 	TODO: check
 CVE-2025-21081 (Protection mechanism failure for some Edge Orchestrator software for I ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20629 (Insecure inherited permissions in the NVM Update Utility for some Inte ...)
 	TODO: check
 CVE-2025-20624 (Exposure of sensitive information to an unauthorized actor for some Ed ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20618 (Stack-based buffer overflow for some Intel(R) PROSet/Wireless WiFi Sof ...)
 	TODO: check
 CVE-2025-20616 (Uncontrolled resource consumption for some Edge Orchestrator software  ...)
@@ -122,23 +122,23 @@ CVE-2025-20101 (Out-of-bounds read for some Intel(R) Graphics Drivers may allow
 CVE-2025-20100 (Improper access control in the memory controller configurations for so ...)
 	TODO: check
 CVE-2025-20095 (Incorrect Default Permissions for some Intel(R) RealSense\u2122 SDK so ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20084 (Uncontrolled resource consumption for some Edge Orchestrator software  ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20083 (Improper authentication in the firmware for the Intel(R) Slim Bootload ...)
 	TODO: check
 CVE-2025-20082 (Time-of-check time-of-use race condition in the UEFI firmware SmiVaria ...)
 	TODO: check
 CVE-2025-20079 (Uncontrolled search path for some Intel(R) Advisor software may allow  ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20076 (Improper access control for some Edge Orchestrator software for Intel( ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20071 (NULL pointer dereference for some Intel(R) Graphics Drivers may allow  ...)
 	NOT-FOR-US: Intel graphics drivers for Windows
 CVE-2025-20062 (Use after free for some Intel(R) PROSet/Wireless WiFi Software for Win ...)
 	TODO: check
 CVE-2025-20057 (Uncontrolled resource consumption for some Edge Orchestrator software  ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20052 (Improper access control for some Intel(R) Graphics software may allow  ...)
 	NOT-FOR-US: Intel graphics drivers for Windows
 CVE-2025-20047 (Improper locking in the Intel(R) Integrated Connectivity I/O interface ...)
@@ -146,7 +146,7 @@ CVE-2025-20047 (Improper locking in the Intel(R) Integrated Connectivity I/O int
 CVE-2025-20046 (Use after free for some Intel(R) PROSet/Wireless WiFi Software for Win ...)
 	TODO: check
 CVE-2025-20043 (Uncontrolled search path for some Intel(R) RealSense\u2122 SDK softwar ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20041 (Uncontrolled search path for some Intel(R) Graphics software for Intel ...)
 	NOT-FOR-US: Intel graphics drivers for Windows
 CVE-2025-20039 (Race condition for some Intel(R) PROSet/Wireless WiFi Software for Win ...)
@@ -168,7 +168,7 @@ CVE-2025-20018 (Untrusted pointer dereference for some Intel(R) Graphics Drivers
 CVE-2025-20015 (Uncontrolled search path element for some Intel(R) Ethernet Connection ...)
 	TODO: check
 CVE-2025-20013 (Exposure of sensitive information to an unauthorized actor for some Ed ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20009 (Improper input validation in the UEFI firmware GenerationSetup module  ...)
 	TODO: check
 CVE-2025-20008 (Insecure inherited permissions for some Intel(R) Simics(R) Package Man ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5db218dde3cf3c214989d6fdd7fcc4600fc34a2

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/b5db218dde3cf3c214989d6fdd7fcc4600fc34a2
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250514/c7fcc71d/attachment.htm>

More information about the debian-security-tracker-commits mailing list