[Git][security-tracker-team/security-tracker][master] Process NFUs

Salvatore Bonaccorso (@carnil) Sun, 07 Sep 2025 06:50:36 -0700


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
1ef304ac by Salvatore Bonaccorso at 2025-09-07T15:49:07+02:00
Process NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,7 +1,7 @@
 CVE-2025-36100 (IBM MQ LTS 9.1.0.0 through 9.1.0.29, 9.2.0.0 through 9.2.0.36, 
9.3.0.0 ...)
        NOT-FOR-US: IBM
 CVE-2025-10068 (A flaw has been found in itsourcecode Online Discussion Forum 
1.0. Thi ...)
-       TODO: check
+       NOT-FOR-US: itsourcecode Online Discussion Forum
 CVE-2025-10067 (A vulnerability was detected in itsourcecode POS Point of Sale 
System  ...)
        NOT-FOR-US: itsourcecode System
 CVE-2025-10066 (A security vulnerability has been detected in itsourcecode POS 
Point o ...)
@@ -37,41 +37,41 @@ CVE-2025-10030 (A weakness has been identified in Campcodes 
Grocery Sales and In
 CVE-2025-10029 (A security flaw has been discovered in itsourcecode POS Point 
of Sale  ...)
        NOT-FOR-US: itsourcecode System
 CVE-2025-0034 (Insufficient parameter sanitization in TEE SOC Driver could 
allow an a ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2025-0032 (Improper cleanup in AMD CPU microcode patch loading could allow 
an att ...)
        TODO: check
 CVE-2025-0011 (Improper removal of sensitive information before storage or 
transfer i ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2025-0010 (An out of bounds write in the Linux graphics driver could allow 
an att ...)
        TODO: check
 CVE-2025-0009 (A NULL pointer dereference in AMD Crash Defender could allow an 
attack ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2024-36354 (Improper input validation for DIMM serial presence detect 
(SPD) metada ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2024-36352 (Improper input validation in the AMD Graphics Driver could 
allow an at ...)
        TODO: check
 CVE-2024-36346 (Improper input validation in AMD Power Management Firmware 
(PMFW) coul ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2024-36342 (Improper input validation in the GPU driver could allow an 
attacker to ...)
        TODO: check
 CVE-2024-36326 (Missing authorization in AMD RomArmor could allow an attacker 
to bypas ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2024-21970 (Improper validation of an array index in the AND power 
Management Firm ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2024-21947 (Improper input validation in the system management mode (SMM) 
could al ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-31365 (An integer overflow in the SMU could allow a privileged 
attacker to po ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-31351 (Improper restriction of operations in the IOMMU could allow a 
maliciou ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-31330 (An out-of-bounds read in the ASP could allow a privileged 
attacker wit ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-31326 (Use of an uninitialized variable in the ASP could allow an 
attacker to ...)
        TODO: check
 CVE-2023-31325 (Improper isolation of shared resources on System-on-a-chip 
(SOC) could ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-31322 (Type confusion in the ASP could allow an attacker to pass a 
malformed  ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-31306 (Improper validation of an array index in the AMD graphics 
driver softw ...)
        TODO: check
 CVE-2025-XXXX [SQL injection vulnerability in Service Provider ODBC plugin]
@@ -260832,7 +260832,7 @@ CVE-2023-20518 (Incomplete cleanup in the ASP may 
expose the Master Encryption K
 CVE-2023-20517
        RESERVED
 CVE-2023-20516 (Improper handling of insufficiency privileges in the ASP could 
allow a ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2023-20515 (Improper access control in the fTPM driver in the trusted OS 
could all ...)
        NOT-FOR-US: AMD
 CVE-2023-20514
@@ -382247,7 +382247,7 @@ CVE-2021-26379 (Insufficient input validation of 
mailbox data in the SMU may all
 CVE-2021-26378 (Insufficient bound checks in the System Management Unit (SMU) 
may resu ...)
        NOT-FOR-US: AMD
 CVE-2021-26377 (Insufficient parameter validation while allocating process 
space in th ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2021-26376 (Insufficient checks in System Management Unit (SMU) 
FeatureConfig may  ...)
        NOT-FOR-US: AMD
 CVE-2021-26375 (Insufficient General Purpose IO (GPIO) bounds check in System 
Manageme ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ef304ac870b2fbde3f5acf53322f320d4da016c

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1ef304ac870b2fbde3f5acf53322f320d4da016c
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process NFUs

Reply via email to