[Git][security-tracker-team/security-tracker][master] Process some new NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Sat Mar 14 20:27:44 GMT 2026 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8ec7cc49 by Salvatore Bonaccorso at 2026-03-14T21:27:22+01:00
Process some new NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1968,25 +1968,25 @@ CVE-2025-66413 (Git for Windows is the Windows port of Git. Prior to 2.53.0(2),
 CVE-2025-36920 (In hyp_alloc of arch/arm64/kvm/hyp/nvhe/alloc.c, there is a possible o ...)
 	NOT-FOR-US: Google devices
 CVE-2025-22850 (Time-of-check time-of-use race condition in the UEFI PdaSmm module for ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-22444 (Exposure of resource to wrong sphere in the UEFI PdaSmm module for som ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20105 (Improper input validation in some UEFI firmware SMM module for the Int ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20096 (Improper input validation in the UEFI firmware for some Intel Referenc ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20073 (Improper buffer restrictions in the UEFI DXE module for some Intel(R)  ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20068 (Improper input validation in the UEFI ImcErrorHandler module for some  ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20064 (Improper input validation in the UEFI FlashUcAcmSmm module for some In ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20028 (Time-of-check time-of-use race condition in the WheaERST SMM module fo ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20027 (Improper input validation in the UEFI WheaERST module for some Intel(R ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-20005 (Improper buffer restrictions in some UEFI firmware for some Intel(R) r ...)
-	TODO: check
+	NOT-FOR-US: Intel
 CVE-2025-13219 (IBM Aspera Orchestrator 3.0.0 through 4.1.2 stores sensitive informati ...)
 	NOT-FOR-US: IBM
 CVE-2025-13213 (IBM Aspera Orchestrator 3.0.0 through 4.1.2 is vulnerable to HTTP head ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ec7cc49944bbd475997c4df313cded849ef6a84

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8ec7cc49944bbd475997c4df313cded849ef6a84
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20260314/343e1663/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list