[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Wed, 13 Jun 2018 01:10:55 -0700

Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
577385e0 by security tracker role at 2018-06-13T08:10:15+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
--- a/data/CVE/list
+++ b/data/CVE/list
@@ -1,3 +1,15 @@
+CVE-2018-12267
+       RESERVED
+CVE-2018-12266
+       RESERVED
+CVE-2018-12265
+       RESERVED
+CVE-2018-12264
+       RESERVED
+CVE-2018-12263
+       RESERVED
+CVE-2018-12262
+       RESERVED
 CVE-2018-12261 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. 
All ...)
        NOT-FOR-US: Momentum Axel 720P 5.1.8 devices
 CVE-2018-12260 (An issue was discovered on Momentum Axel 720P 5.1.8 devices. 
The root ...)
@@ -960,6 +972,7 @@ CVE-2018-1002202 [Arbitrary File Write via Archive 
Extraction]
 CVE-2018-1002201
        NOT-FOR-US: zt-zip
 CVE-2018-1002200 [arbitrary file write vulnerability / arbitrary code 
execution using a specially crafted zip file]
+       {DSA-4227-1}
        - plexus-archiver 3.6.0-1 (bug #900953)
        NOTE: https://github.com/codehaus-plexus/plexus-archiver/pull/87
        NOTE: 
https://github.com/codehaus-plexus/plexus-archiver/commit/58bc24e465c0842981692adbf6d75680298989de
@@ -16930,8 +16943,7 @@ CVE-2017-18072 (In Android before security patch level 
2018-04-05 on Qualcomm ..
        NOT-FOR-US: Qualcomm component for Android
 CVE-2017-18071 (In Android before security patch level 2018-04-05 on Qualcomm 
...)
        NOT-FOR-US: Qualcomm component for Android
-CVE-2017-18070
-       RESERVED
+CVE-2017-18070 (In wma_ndp_end_response_event_handler(), the variable 
len_end_rsp is a ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-18069 (In Android for MSM, Firefox OS for MSM, QRD Android, with all 
Android ...)
        NOT-FOR-US: Qualcomm component for Android
@@ -17324,32 +17336,25 @@ CVE-2018-5853
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5852
        RESERVED
-CVE-2018-5851
-       RESERVED
+CVE-2018-5851 (Buffer over flow can occur while processing a ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5850 (In the function csr_update_fils_params_rso(), insufficient 
validation ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5849
-       RESERVED
+CVE-2018-5849 (Due to a race condition in the QTEECOM driver in all Android 
releases ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5848
-       RESERVED
+CVE-2018-5848 (In the function wmi_set_ie(), the length validation code does 
not ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5847
-       RESERVED
+CVE-2018-5847 (Early or late retirement of rotation requests can result in a 
Use ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5846 (A Use After Free condition can occur in the IPA driver whenever 
the ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5845 (A race condition in drm_atomic_nonblocking_commit() in the 
display ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5844
-       RESERVED
+CVE-2018-5844 (In the video driver function set_output_buffers(), binfo can be 
...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5843
-       RESERVED
+CVE-2018-5843 (In the function wma_pdev_div_info_evt_handler() in all Android 
...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-5842
-       RESERVED
+CVE-2018-5842 (An arbitrary address write can occur if a compromised WLAN 
firmware ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-5841 (dcc_curr_list is initialized with a default invalid value that 
is ...)
        NOT-FOR-US: Qualcomm components for Android
@@ -23688,34 +23693,29 @@ CVE-2018-3584 (In Qualcomm Android for MSM, Firefox 
OS for MSM, and QRD Android 
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3583
        RESERVED
-CVE-2018-3582
-       RESERVED
+CVE-2018-3582 (Buffer overflow can occur due to improper input validation in 
multiple ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3581
-       RESERVED
+CVE-2018-3581 (In the WLAN driver in all Android releases from CAF (Android 
for MSM, ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3580 (Stack-based buffer overflow can occur In the WLAN driver if the 
...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3579
-       RESERVED
+CVE-2018-3579 (In the WLAN driver in all Android releases from CAF (Android 
for MSM, ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3578 (Type mismatch for ie_len can cause the WLAN driver to allocate 
less ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3577
        RESERVED
-CVE-2018-3576
-       RESERVED
+CVE-2018-3576 (improper validation of array index in WiFi driver function ...)
+       TODO: check
 CVE-2018-3575
        RESERVED
 CVE-2018-3574
        RESERVED
 CVE-2018-3573
        RESERVED
-CVE-2018-3572
-       RESERVED
+CVE-2018-3572 (While processing a DSP buffer in an audio driver's event 
handler, an ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2018-3571
-       RESERVED
+CVE-2018-3571 (In the KGSL driver in all Android releases from CAF (Android 
for MSM, ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2018-3570
        RESERVED
@@ -32732,8 +32732,7 @@ CVE-2018-0498
        RESERVED
 CVE-2018-0497
        RESERVED
-CVE-2018-0496 [directory traversal in D-Mod extractor]
-       RESERVED
+CVE-2018-0496 (Directory traversal issues in the D-Mod extractor in DFArc and 
DFArc2 ...)
        - freedink-dfarc 3.14-1
        [stretch] - freedink-dfarc <no-dsa> (Minor issue)
        [jessie] - freedink-dfarc <no-dsa> (Minor issue)
@@ -37525,15 +37524,13 @@ CVE-2017-15859 (While processing the ...)
        NOT-FOR-US: Qualcomm component for Android
 CVE-2017-15858
        RESERVED
-CVE-2017-15857
-       RESERVED
+CVE-2017-15857 (In the camera driver, an out-of-bounds access can occur due to 
an ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15856
        RESERVED
 CVE-2017-15855 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD 
Android with ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15854
-       RESERVED
+CVE-2017-15854 (The value of fix_param-&gt;num_chans is received from firmware 
and if it ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15853 (In Qualcomm Android for MSM, Firefox OS for MSM, and QRD 
Android with ...)
        NOT-FOR-US: Qualcomm components for Android
@@ -37555,11 +37552,9 @@ CVE-2017-15845 (In Android for MSM, Firefox OS for 
MSM, QRD Android, with all An
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15844
        RESERVED
-CVE-2017-15843
-       RESERVED
+CVE-2017-15843 (Due to a race condition in a bus driver, a double free in ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2017-15842
-       RESERVED
+CVE-2017-15842 (Buffer might get used after it gets freed due to unlocking the 
mutex ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2017-15841
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/577385e0700870d6ab3d22686aff61978306a141

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/577385e0700870d6ab3d22686aff61978306a141
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to