[Git][security-tracker-team/security-tracker][master] auto-nfu: Extend Nvidia rule

Moritz Muehlenhoff (@jmm) jmm at debian.org
Wed Apr 29 15:43:49 BST 2026 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
aaf91404 by Moritz Muehlenhoff at 2026-04-29T16:43:27+02:00
auto-nfu: Extend Nvidia rule

- - - - -


2 changed files:

- data/CVE/list
- data/packages/nfu.yaml


Changes:

=====================================
data/CVE/list
=====================================
@@ -209,15 +209,15 @@ CVE-2026-35155 (Dell iDRAC10, versions 1.20.70.50 and 1.30.05.10, contains an In
 CVE-2026-33467 (Improper Verification of Cryptographic Signature (CWE-347) in Elastic  ...)
 	TODO: check
 CVE-2026-24231 (NVIDIA NemoClaw contains a vulnerability in the validateEndpointUrl()  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2026-24222 (NVIDIA NeMoClaw contains a vulnerability in the sandbox environment in ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2026-24204 (NVIDIA Flare SDK contains a vulnerability where an Attacker may cause  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2026-24186 (NVIDIA FLARE SDK  contains a vulnerability in FOBS, where an attacker  ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2026-24178 (NVIDIA NVFlare Dashboard contains a vulnerability in the user manageme ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA
 CVE-2026-23773 (Dell Disk Library for Mainframe, version(s) DLm 8700/2700 contain(s) a ...)
 	NOT-FOR-US: Dell / EMC
 CVE-2026-21023 (Insufficient verification of data authenticity in PackageManagerServic ...)


=====================================
data/packages/nfu.yaml
=====================================
@@ -519,6 +519,7 @@
       - product: DALI
       - product: DGX Spark
       - product: DLS component of NVIDIA License System
+      - product: FLARE SDK
       - product: Isaac Lab
       - product: Isaac Launchable
       - product: KAI Scheduler
@@ -526,6 +527,7 @@
       - product: Megatron-Bridge
       - product: Megatron-LM
       - product: Merlin Transformers4Rec
+      - product: NemoClaw
       - product: NSIGHT Graphics
       - product: NVApp
       - product: NVDebug tool



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf914048ee8d13cfedb26d0e12fe303f7a6fc91

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/aaf914048ee8d13cfedb26d0e12fe303f7a6fc91
You're receiving this email because of your account on salsa.debian.org. Manage all notifications: https://salsa.debian.org/-/profile/notifications | Help: https://salsa.debian.org/help


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260429/809b2c4d/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list