[Git][security-tracker-team/security-tracker][master] Process some NFUs from Intel advisories

Salvatore Bonaccorso (@carnil) Tue, 11 Nov 2025 12:42:29 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
a93e5af4 by Salvatore Bonaccorso at 2025-11-11T21:41:43+01:00
Process some NFUs from Intel advisories

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -225,7 +225,7 @@ CVE-2025-33029 (Out-of-bounds write for some Intel(R) 
PROSet/Wireless WiFi Softw
 CVE-2025-33000 (Improper input validation for some Intel QuickAssist 
Technology before ...)
        TODO: check
 CVE-2025-32732 (Buffer overflow for some Intel(R) QAT Windows software before 
version  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-32449 (Unquoted search path for some PRI Driver software before 
version 03.03 ...)
        TODO: check
 CVE-2025-32446 (Untrusted pointer dereference for some Intel QuickAssist 
Technology so ...)
@@ -233,21 +233,21 @@ CVE-2025-32446 (Untrusted pointer dereference for some 
Intel QuickAssist Technol
 CVE-2025-32091 (Incorrect default permissions in some firmware for the 
Intel(R) Arc(TM ...)
        TODO: check
 CVE-2025-32088 (Improper conditions check for some Intel(R) QAT Windows 
software befor ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-32038 (Uncontrolled search path for some FPGA Support Package for the 
Intel o ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-32037 (Improper access control for some Intel(R) PresentMon before 
version 2. ...)
        TODO: check
 CVE-2025-32001 (Uncontrolled search path for the Intel(R) Processor 
Identification Uti ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-31948 (Improper input validation for some Intel(R) oneAPI Math Kernel 
Library ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-31940 (Incorrect default permissions for some Intel(R) Thread 
Director Visual ...)
        TODO: check
 CVE-2025-31937 (Out-of-bounds read for some Intel(R) QAT Windows software 
before versi ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-31931 (Uncontrolled search path for the Instrumentation and Tracing 
Technolog ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-31647 (Uncontrolled search path for some Intel(R) Graphics Software 
before ve ...)
        TODO: check
 CVE-2025-31645 (Uncontrolled search path for some System Event Log Viewer 
Utility soft ...)
@@ -259,7 +259,7 @@ CVE-2025-30518 (Incorrect default permissions for some 
Intel(R) PresentMon befor
 CVE-2025-30509 (Improper input validation for some Intel QuickAssist 
Technology softwa ...)
        TODO: check
 CVE-2025-30506 (Uncontrolled search path for some Intel Driver and Support 
Assistant b ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-30398 (Missing authorization in Nuance PowerScribe allows an 
unauthorized att ...)
        TODO: check
 CVE-2025-30255 (Out-of-bounds write for some Intel(R) PROSet/Wireless WiFi 
Software fo ...)
@@ -271,19 +271,19 @@ CVE-2025-30182 (Uncontrolled search path for some 
Intel(R) Distribution for Pyth
 CVE-2025-27725 (Time-of-check time-of-use race condition for some ACAT before 
version  ...)
        TODO: check
 CVE-2025-27713 (Out-of-bounds write for some Intel(R) QAT Windows software 
before vers ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-27712 (Improper neutralization for some Intel(R) Neural Compressor 
software b ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-27711 (Incorrect default permissions for some Intel(R) One Boot Flash 
Update  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-27710 (Untrusted pointer dereference for some Intel(R) QAT Windows 
software b ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-27249 (Uncontrolled resource consumption for some Gaudi software 
before versi ...)
        TODO: check
 CVE-2025-27246 (Incorrect default permissions for the Intel(R) Processor 
Identificatio ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-26694 (Null pointer dereference for some Intel(R) QAT Windows 
software before ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-26405 (Improper control of dynamically-managed code resources for 
some Intel( ...)
        TODO: check
 CVE-2025-26402 (Protection mechanism failure for some Intel(R) NPU Drivers 
within Ring ...)
@@ -291,57 +291,57 @@ CVE-2025-26402 (Protection mechanism failure for some 
Intel(R) NPU Drivers withi
 CVE-2025-25216 (Improper input validation in some firmware for some Intel(R) 
Graphics  ...)
        TODO: check
 CVE-2025-25059 (Uncontrolled search path for some Intel(R) One Boot Flash 
Update (Inte ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24918 (Improper link resolution before file access ('link following') 
for som ...)
        TODO: check
 CVE-2025-24863 (Improper privilege management for some Intel(R) CIP software 
before ve ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24862 (Unrestricted upload of file with dangerous type for some 
Intel(R) CIP  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24848 (Protection mechanism failure for some Intel(R) CIP software 
before ver ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24847 (Improper input validation for some Intel(R) CIP software 
before versio ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24842 (Uncontrolled search path for the Intel(R) System Support 
Utility befor ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24838 (Improper privilege management for some Intel(R) CIP software 
before ve ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24834 (Protection mechanism failure for some Intel(R) CIP software 
before ver ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24519 (Buffer overflow for some Intel(R) QAT Windows software before 
version  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24516 (Improper access control for some Intel(R) CIP software before 
version  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24512 (Improper input validation for some Intel(R) PROSet/Wireless 
WiFi Softw ...)
        TODO: check
 CVE-2025-24491 (Uncontrolled search path for some Intel(R) Killer(TM) 
Performance Suit ...)
        TODO: check
 CVE-2025-24327 (Insecure inherited permissions for some Intel(R) Rapid Storage 
Technol ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24314 (Improper access control for some Intel(R) CIP software before 
version  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24307 (Improper privilege management for some Intel(R) CIP software 
before ve ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-24299 (Improper input validation for some Intel(R) CIP software 
before versio ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-23361 (NVIDIA NeMo Framework for all platforms contains a 
vulnerability in a  ...)
        NOT-FOR-US: NVIDIA
 CVE-2025-23357 (NVIDIA Megatron-LM for all platforms contains a vulnerability 
in a scr ...)
        NOT-FOR-US: NVIDIA
 CVE-2025-22391 (Improper access control for some SigTest before version 6.1.10 
within  ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-20622 (Sensitive information uncleared in resource before release for 
reuse f ...)
        TODO: check
 CVE-2025-20614 (External control of file name or path for some Intel(R) CIP 
software b ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-20065 (Uncontrolled search path for some Display Virtualization for 
Windows O ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-20056 (Improper input validation for some Intel VTune Profiler before 
version ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-20050 (Uncontrolled search path for some Intel(R) CIP software before 
version ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-20010 (Use of unmaintained third party components for some Intel(R) 
Processor ...)
-       TODO: check
+       NOT-FOR-US: Intel
 CVE-2025-13032 (Double fetch in sandbox kernel driver in Avast/AVG Antivirus 
<25.3 on  ...)
        TODO: check
 CVE-2025-13027 (Memory safety bugs present in Firefox 144 and Thunderbird 144. 
Some of ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a93e5af4f52742db4cc96e87cbd40973765aaec6

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/a93e5af4f52742db4cc96e87cbd40973765aaec6
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs from Intel advisories

Reply via email to