[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sun Sep 7 14:50:09 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
1ef304ac by Salvatore Bonaccorso at 2025-09-07T15:49:07+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-36100 (IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 9.3.0.0 ...)
 	NOT-FOR-US: IBM
 CVE-2025-10068 (A flaw has been found in itsourcecode Online Discussion Forum 1.0. Thi ...)
-	TODO: check
+	NOT-FOR-US: itsourcecode Online Discussion Forum
 CVE-2025-10067 (A vulnerability was detected in itsourcecode POS Point of Sale System  ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2025-10066 (A security vulnerability has been detected in itsourcecode POS Point o ...)
@@ -37,41 +37,41 @@ CVE-2025-10030 (A weakness has been identified in Campcodes Grocery Sales and In
 CVE-2025-10029 (A security flaw has been discovered in itsourcecode POS Point of Sale  ...)
 	NOT-FOR-US: itsourcecode System
 CVE-2025-0034 (Insufficient parameter sanitization in TEE SOC Driver could allow an a ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2025-0032 (Improper cleanup in AMD CPU microcode patch loading could allow an att ...)
 	TODO: check
 CVE-2025-0011 (Improper removal of sensitive information before storage or transfer i ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2025-0010 (An out of bounds write in the Linux graphics driver could allow an att ...)
 	TODO: check
 CVE-2025-0009 (A NULL pointer dereference in AMD Crash Defender could allow an attack ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2024-36354 (Improper input validation for DIMM serial presence detect (SPD) metada ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2024-36352 (Improper input validation in the AMD Graphics Driver could allow an at ...)
 	TODO: check
 CVE-2024-36346 (Improper input validation in AMD Power Management Firmware (PMFW) coul ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2024-36342 (Improper input validation in the GPU driver could allow an attacker to ...)
 	TODO: check
 CVE-2024-36326 (Missing authorization in AMD RomArmor could allow an attacker to bypas ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2024-21970 (Improper validation of an array index in the AND power Management Firm ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2024-21947 (Improper input validation in the system management mode (SMM) could al ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-31365 (An integer overflow in the SMU could allow a privileged attacker to po ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-31351 (Improper restriction of operations in the IOMMU could allow a maliciou ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-31330 (An out-of-bounds read in the ASP could allow a privileged attacker wit ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-31326 (Use of an uninitialized variable in the ASP could allow an attacker to ...)
 	TODO: check
 CVE-2023-31325 (Improper isolation of shared resources on System-on-a-chip (SOC) could ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-31322 (Type confusion in the ASP could allow an attacker to pass a malformed  ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-31306 (Improper validation of an array index in the AMD graphics driver softw ...)
 	TODO: check
 CVE-2025-XXXX [SQL injection vulnerability in Service Provider ODBC plugin]
@@ -260832,7 +260832,7 @@ CVE-2023-20518 (Incomplete cleanup in the ASP may expose the Master Encryption K
 CVE-2023-20517
 	RESERVED
 CVE-2023-20516 (Improper handling of insufficiency privileges in the ASP could allow a ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2023-20515 (Improper access control in the fTPM driver in the trusted OS could all ...)
 	NOT-FOR-US: AMD
 CVE-2023-20514
@@ -382247,7 +382247,7 @@ CVE-2021-26379 (Insufficient input validation of mailbox data in the SMU may all
 CVE-2021-26378 (Insufficient bound checks in the System Management Unit (SMU) may resu ...)
 	NOT-FOR-US: AMD
 CVE-2021-26377 (Insufficient parameter validation while allocating process space in th ...)
-	TODO: check
+	NOT-FOR-US: AMD
 CVE-2021-26376 (Insufficient checks in System Management Unit (SMU) FeatureConfig may  ...)
 	NOT-FOR-US: AMD
 CVE-2021-26375 (Insufficient General Purpose IO (GPIO) bounds check in System Manageme ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ef304ac870b2fbde3f5acf53322f320d4da016c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ef304ac870b2fbde3f5acf53322f320d4da016c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250907/04aebbdf/attachment.htm>

More information about the debian-security-tracker-commits mailing list