[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Intel rule

Moritz Muehlenhoff (@jmm) jmm at debian.org
Thu Nov 13 22:06:36 GMT 2025 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1ad49fe7 by Moritz Muehlenhoff at 2025-11-13T23:00:52+01:00
auto-nfu: Extend Intel rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -1296,11 +1296,11 @@ CVE-2025-41102 (HTML injection vulnerability found in Fairsketch's RISE CRM Fram
 CVE-2025-41101 (HTML injection vulnerability found in Fairsketch's RISE CRM Framework  ...)
 	NOT-FOR-US: Fairsketch's RISE CRM Framework
 CVE-2025-35972 (Uncontrolled search path for the Intel MPI Library before version 2021 ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-35971 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi Software fo ...)
 	NOT-FOR-US: Intel
 CVE-2025-35968 (Protection mechanism failure in the UEFI firmware for the Slim Bootloa ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-35967 (Out-of-bounds read for some Intel(R) PROSet/Wireless WiFi Software for ...)
 	NOT-FOR-US: Intel
 CVE-2025-35963 (Insufficient control flow management for some Intel(R) PROSet/Wireless ...)
@@ -1320,7 +1320,7 @@ CVE-2025-33000 (Improper input validation for some Intel QuickAssist Technology
 CVE-2025-32732 (Buffer overflow for some Intel(R) QAT Windows software before version  ...)
 	NOT-FOR-US: Intel
 CVE-2025-32449 (Unquoted search path for some PRI Driver software before version 03.03 ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-32446 (Untrusted pointer dereference for some Intel QuickAssist Technology so ...)
 	NOT-FOR-US: Intel
 CVE-2025-32091 (Incorrect default permissions in some firmware for the Intel(R) Arc(TM ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -401,6 +401,7 @@
       - product: Instrumentation and Tracing Technology API (ITT API) software
       - product: Intel Driver and Support Assistant
       - product: Intel Ethernet Adapter Complete Driver Pack software
+      - product: Intel MPI Library
       - product: Intel VTune Profiler
       - product: Intel oneAPI DPC++C++ Compiler software
       - product: Intel(R) CIP software
@@ -417,6 +418,7 @@
       - product: Intel(R) System Support Utility
       - product: Intel(R) Thread Director Visualizer software
       - product: Intel(R) oneAPI Math Kernel Library
+      - product: PRI Driver software
       - product: SigTest
       - product: System Event Log Viewer Utility software
 - reason: NVIDIA



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ad49fe7c00e3613a2074cb5d86b1089f4b3832a

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ad49fe7c00e3613a2074cb5d86b1089f4b3832a
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20251113/dc98cbfb/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list