Bastien Roucariès pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
2e4925f2 by Bastien Roucariès at 2025-08-08T01:15:15+02:00
CVE-2025-3770/edk2 [bullseye]
This is likely a race condition on real hardware.
On emulated hardware, MCE are not triggerable easilly and must be enable for
fault injection.
Moreover SMM does not occurs on virtual machine except for S3 handling.
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -191,7 +191,9 @@ CVE-2025-46659 (An issue was discovered in ExonautWeb in 4C
Strategies Exonaut 2
NOT-FOR-US: 4C Strategies
CVE-2025-3770 (EDK2 contains a vulnerability in BIOS where an attacker may
cause \u20 ...)
- edk2 <unfixed> (bug #1110533)
+ [bullseye] - edk2 <postponed> (minor; likely a concern only on real
hardware; used on S3 handling on qemu)
NOTE:
https://github.com/tianocore/edk2/security/advisories/GHSA-vx5v-4gg6-6qxr
+ NOTE: only arch: amd64, other arch (particularly i386) are not affected
CVE-2025-35970 (On multiple products of SEIKO EPSON and FUJIFILM Corporation,
the init ...)
NOT-FOR-US: SEIKO EPSON and FUJIFILM Corporation products
CVE-2025-32094 (An issue was discovered in Akamai Ghost, as used for the
Akamai CDN pl ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e4925f2be03877803e402d8bdf8e2e4c22386ce
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/2e4925f2be03877803e402d8bdf8e2e4c22386ce
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
