[Git][security-tracker-team/security-tracker][master] Process some NFUs from Intel advisories
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Nov 11 20:42:13 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
a93e5af4 by Salvatore Bonaccorso at 2025-11-11T21:41:43+01:00
Process some NFUs from Intel advisories
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -225,7 +225,7 @@ CVE-2025-33029 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Softw
CVE-2025-33000 (Improper input validation for some Intel QuickAssist Technology before ...)
TODO: check
CVE-2025-32732 (Buffer overflow for some Intel(R) QAT Windows software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32449 (Unquoted search path for some PRI Driver software before version 03.03 ...)
TODO: check
CVE-2025-32446 (Untrusted pointer dereference for some Intel QuickAssist Technology so ...)
@@ -233,21 +233,21 @@ CVE-2025-32446 (Untrusted pointer dereference for some Intel QuickAssist Technol
CVE-2025-32091 (Incorrect default permissions in some firmware for the Intel(R) Arc(TM ...)
TODO: check
CVE-2025-32088 (Improper conditions check for some Intel(R) QAT Windows software befor ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32038 (Uncontrolled search path for some FPGA Support Package for the Intel o ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32037 (Improper access control for some Intel(R) PresentMon before version 2. ...)
TODO: check
CVE-2025-32001 (Uncontrolled search path for the Intel(R) Processor Identification Uti ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31948 (Improper input validation for some Intel(R) oneAPI Math Kernel Library ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31940 (Incorrect default permissions for some Intel(R) Thread Director Visual ...)
TODO: check
CVE-2025-31937 (Out-of-bounds read for some Intel(R) QAT Windows software before versi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31931 (Uncontrolled search path for the Instrumentation and Tracing Technolog ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31647 (Uncontrolled search path for some Intel(R) Graphics Software before ve ...)
TODO: check
CVE-2025-31645 (Uncontrolled search path for some System Event Log Viewer Utility soft ...)
@@ -259,7 +259,7 @@ CVE-2025-30518 (Incorrect default permissions for some Intel(R) PresentMon befor
CVE-2025-30509 (Improper input validation for some Intel QuickAssist Technology softwa ...)
TODO: check
CVE-2025-30506 (Uncontrolled search path for some Intel Driver and Support Assistant b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-30398 (Missing authorization in Nuance PowerScribe allows an unauthorized att ...)
TODO: check
CVE-2025-30255 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software fo ...)
@@ -271,19 +271,19 @@ CVE-2025-30182 (Uncontrolled search path for some Intel(R) Distribution for Pyth
CVE-2025-27725 (Time-of-check time-of-use race condition for some ACAT before version ...)
TODO: check
CVE-2025-27713 (Out-of-bounds write for some Intel(R) QAT Windows software before vers ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27712 (Improper neutralization for some Intel(R) Neural Compressor software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27711 (Incorrect default permissions for some Intel(R) One Boot Flash Update ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27710 (Untrusted pointer dereference for some Intel(R) QAT Windows software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27249 (Uncontrolled resource consumption for some Gaudi software before versi ...)
TODO: check
CVE-2025-27246 (Incorrect default permissions for the Intel(R) Processor Identificatio ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-26694 (Null pointer dereference for some Intel(R) QAT Windows software before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-26405 (Improper control of dynamically-managed code resources for some Intel( ...)
TODO: check
CVE-2025-26402 (Protection mechanism failure for some Intel(R) NPU Drivers within Ring ...)
@@ -291,57 +291,57 @@ CVE-2025-26402 (Protection mechanism failure for some Intel(R) NPU Drivers withi
CVE-2025-25216 (Improper input validation in some firmware for some Intel(R) Graphics ...)
TODO: check
CVE-2025-25059 (Uncontrolled search path for some Intel(R) One Boot Flash Update (Inte ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24918 (Improper link resolution before file access ('link following') for som ...)
TODO: check
CVE-2025-24863 (Improper privilege management for some Intel(R) CIP software before ve ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24862 (Unrestricted upload of file with dangerous type for some Intel(R) CIP ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24848 (Protection mechanism failure for some Intel(R) CIP software before ver ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24847 (Improper input validation for some Intel(R) CIP software before versio ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24842 (Uncontrolled search path for the Intel(R) System Support Utility befor ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24838 (Improper privilege management for some Intel(R) CIP software before ve ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24834 (Protection mechanism failure for some Intel(R) CIP software before ver ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24519 (Buffer overflow for some Intel(R) QAT Windows software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24516 (Improper access control for some Intel(R) CIP software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24512 (Improper input validation for some Intel(R) PROSet/Wireless WiFi Softw ...)
TODO: check
CVE-2025-24491 (Uncontrolled search path for some Intel(R) Killer(TM) Performance Suit ...)
TODO: check
CVE-2025-24327 (Insecure inherited permissions for some Intel(R) Rapid Storage Technol ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24314 (Improper access control for some Intel(R) CIP software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24307 (Improper privilege management for some Intel(R) CIP software before ve ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-24299 (Improper input validation for some Intel(R) CIP software before versio ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-23361 (NVIDIA NeMo Framework for all platforms contains a vulnerability in a ...)
NOT-FOR-US: NVIDIA
CVE-2025-23357 (NVIDIA Megatron-LM for all platforms contains a vulnerability in a scr ...)
NOT-FOR-US: NVIDIA
CVE-2025-22391 (Improper access control for some SigTest before version 6.1.10 within ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20622 (Sensitive information uncleared in resource before release for reuse f ...)
TODO: check
CVE-2025-20614 (External control of file name or path for some Intel(R) CIP software b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20065 (Uncontrolled search path for some Display Virtualization for Windows O ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20056 (Improper input validation for some Intel VTune Profiler before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20050 (Uncontrolled search path for some Intel(R) CIP software before version ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20010 (Use of unmaintained third party components for some Intel(R) Processor ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-13032 (Double fetch in sandbox kernel driver in Avast/AVG Antivirus <25.3 on ...)
TODO: check
CVE-2025-13027 (Memory safety bugs present in Firefox 144 and Thunderbird 144. Some of ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a93e5af4f52742db4cc96e87cbd40973765aaec6
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a93e5af4f52742db4cc96e87cbd40973765aaec6
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251111/dd6b53dc/attachment.htm>
More information about the debian-security-tracker-commits
mailing list