[Git][security-tracker-team/security-tracker][master] Process some more Intel NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sat Feb 14 10:54:29 GMT 2026
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
ab327672 by Salvatore Bonaccorso at 2026-02-14T11:53:51+01:00
Process some more Intel NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1854,30 +1854,30 @@ CVE-2025-35992 (Improper conditions check in some firmware for some Intel(R) NPU
CVE-2025-33030 (Improper conditions check in some firmware for some Intel(R) NPU Drive ...)
NOT-FOR-US: Intel
CVE-2025-32739 (Improper conditions check in some firmware for some Intel(R) Graphics ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32735 (Improper conditions check in some firmware for some Intel(R) NPU Drive ...)
- firmware-nonfree 20251011-1
[bookworm] - firmware-nonfree <not-affected> (VPU firmware not yet present)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01403.html
NOTE: https://gitlab.com/kernel-firmware/linux-firmware/-/commit/d2404284b6ce4ee34ca56351d8741cdc61d81910 (20251011)
CVE-2025-32467 (Use of uninitialized variable for some TDX Module before version tdx1. ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32453 (Incorrect default permissions for some Intel(R) Graphics Driver softwa ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32452 (Uncontrolled search path for some AI Playground before version 2.6.1 b ...)
NOT-FOR-US: Intel
CVE-2025-32092 (Insecure inherited permissions for some Intel(R) Graphics Software bef ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32008 (Out-of-bounds write in the firmware for the Intel(R) AMT and Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32007 (Out-of-bounds read for some TDX before version tdx module 1.5.24 withi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-32003 (Out-of-bounds read in the firmware for some 100GbE Intel(R) Ethernet N ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31944 (Race condition for some TDX Module before version tdx1.5 within Ring 0 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31655 (Incorrect default permissions for some Intel(R) Battery Life Diagnosti ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-31648 (Improper handling of values in the microcode flow for some Intel(R) Pr ...)
- intel-microcode <unfixed> (bug #1127837)
[trixie] - intel-microcode <no-dsa> (Minor issue)
@@ -1886,9 +1886,9 @@ CVE-2025-31648 (Improper handling of values in the microcode flow for some Intel
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01396.html
NOTE: https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20260210-rev1
CVE-2025-30513 (Race condition for some TDX Module within Ring 0: Hypervisor may allow ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-30508 (Improper authorization in the Intel(R) Quick Assist Technology for som ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-29952 (Improper Initialization within the AMD Secure Encrypted Virtualization ...)
TODO: check
CVE-2025-29951 (A buffer overflow in the AMD Secure Processor (ASP) bootloader could a ...)
@@ -1904,30 +1904,29 @@ CVE-2025-29946 (Insufficient or Incomplete Data Removal in Hardware Component in
CVE-2025-29939 (Improper access control in secure encrypted virtualization (SEV) could ...)
TODO: check
CVE-2025-27940 (Out-of-bounds read for some TDX Module before version tdx1.5 within Ri ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27708 (Out-of-bounds read in the firmware for some Intel(R) Converged Securit ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27572 (Exposure of sensitive information during transient execution for some ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27560 (Loop with unreachable exit condition ('infinite loop') for some Intel( ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27535 (Exposed ioctl with insufficient access control in the firmware for som ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-27243 (Out-of-bounds write in the firmware for some Intel(R) Ethernet Control ...)
TODO: check
CVE-2025-25210 (Improper input validation for some Server Firmware Update Utility(SysF ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-25058 (Improper initialization for some ESXi kernel mode driver for the Intel ...)
NOT-FOR-US: Intel
- TODO: check
CVE-2025-24851 (Uncaught exception in the firmware for some 100GbE Intel(R) Ethernet C ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-22885 (Improper buffer restrictions in the firmware for the TDX Module may al ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-22849 (Incorrect default permissions for the Intel(R) Optane(TM) PMem managem ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-22453 (Improper input validation for some Server Firmware Update Utility(SysF ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2025-20106 (Uncontrolled search path in some software installer for some VTune(TM) ...)
NOT-FOR-US: Intel
CVE-2025-20080 (Null pointer dereference in the firmware for some Intel(R) AMT and Int ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab32767205ee4b03ead750f1abe359046fdc9180
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab32767205ee4b03ead750f1abe359046fdc9180
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260214/539481a1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list