Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
f30eca57 by Salvatore Bonaccorso at 2025-08-13T10:53:16+02:00
Add Debian bug reference for intel-microcode issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -497,7 +497,7 @@ CVE-2025-32932 (An Improper neutralization of input during
web page generation (
CVE-2025-32766 (A stack-based buffer overflow vulnerability [CWE-121] in
Fortinet Fort ...)
NOT-FOR-US: Fortinet
CVE-2025-32086 (Improperly implemented security check for standard in the
DDRIO config ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-32004 (Improper input validation in the Intel Edger8r Tool for some
Intel(R) ...)
@@ -531,7 +531,7 @@ CVE-2025-26470 (Incorrect default permissions for some
Intel(R) Distribution for
CVE-2025-26404 (Uncontrolled search path for some Intel(R) DSA software before
version ...)
NOT-FOR-US: Intel
CVE-2025-26403 (Out-of-bounds write in the memory subsystem for some Intel(R)
Xeon(R) ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01367.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-26398 (SolarWinds Database Performance Analyzer was found to contain
a hard-c ...)
@@ -579,7 +579,7 @@ CVE-2025-24323 (Improper access control in some firmware
package and LED mode to
CVE-2025-24313 (Improper access control for some Device Plugins for Kubernetes
softwar ...)
NOT-FOR-US: Intel
CVE-2025-24305 (Insufficient control flow management in the Alias Checking
Trusted Mod ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-24303 (Improper check for unusual or exceptional conditions in the
Linux kern ...)
@@ -593,17 +593,17 @@ CVE-2025-23241 (Integer overflow or wraparound in the
Linux kernel-mode driver f
CVE-2025-22893 (Insufficient control flow management in the Linux kernel-mode
driver f ...)
NOT-FOR-US: Intel
CVE-2025-22889 (Improper handling of overlap between protected memory ranges
for some ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01311.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-22853 (Improper synchronization in the firmware for some Intel(R) TDX
may all ...)
NOT-FOR-US: Intel
CVE-2025-22840 (Sequence of processor instructions leads to unexpected
behavior for so ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01308.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-22839 (Insufficient granularity of access control in the OOB-MSM for
some Int ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01310.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-22838 (Uncontrolled search path for some Intel(R) RealSense(TM)
Dynamic Calib ...)
@@ -621,7 +621,7 @@ CVE-2025-21096 (Improper buffer restrictions in the
firmware for some Intel(R) T
CVE-2025-21093 (Uncontrolled search path element for some Intel(R) Driver
& Suppor ...)
NOT-FOR-US: Intel
CVE-2025-21090 (Missing reference to active allocated resource for some
Intel(R) Xeon( ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-21086 (Improper input validation in the Linux kernel-mode driver for
some Int ...)
@@ -633,7 +633,7 @@ CVE-2025-20625 (Improper conditions check for some Intel(R)
PROSet/Wireless WiFi
CVE-2025-20613 (Predictable Seed in Pseudo-Random Number Generator (PRNG) in
the firmw ...)
NOT-FOR-US: Intel
CVE-2025-20109 (Improper Isolation or Compartmentalization in the stream cache
mechani ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01249.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-20099 (Improper access control for some Intel(R) Rapid Storage
Technology ins ...)
@@ -653,7 +653,7 @@ CVE-2025-20074 (Time-of-check Time-of-use race condition
for some Intel(R) Conne
CVE-2025-20067 (Observable timing discrepancy in firmware for some Intel(R)
CSME and I ...)
NOT-FOR-US: Intel
CVE-2025-20053 (Improper buffer restrictions for some Intel(R) Xeon(R)
Processor firmw ...)
- - intel-microcode <unfixed>
+ - intel-microcode <unfixed> (bug #1110983)
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-01313.html
NOTE:
https://github.com/intel/Intel-Linux-Processor-Microcode-Data-Files/releases/tag/microcode-20250812
CVE-2025-20048 (Uncontrolled search path for the Intel(R) Trace Analyzer and
Collector ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f30eca5795523a4e97863f56e1c1d42352171464
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/f30eca5795523a4e97863f56e1c1d42352171464
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
