Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e0fa6481 by Moritz Muehlenhoff at 2020-09-21T18:40:31+02:00
NFUs, one unclear iptables issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64982,51 +64982,51 @@ CVE-2020-0402
RESERVED
NOTE: Duplicate assignment for CVE-2019-19769 (Android security
informed)
CVE-2020-0401 (In setInstallerPackageName of PackageManagerService.java, there
is a m ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0400
RESERVED
CVE-2020-0399 (In showLimitedSimFunctionWarningNotification of
NotificationMgr.java, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0398
RESERVED
CVE-2020-0397 (In getNotificationBuilder of CarrierServiceStateTracker.java,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0396 (In various places in Telephony, there is a possible permission
bypass ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0395 (In showNotification of EmergencyCallbackModeService.java, there
is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0394 (In onCreate of BluetoothPairingDialog.java, there is a possible
tapjac ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0393 (In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a
possible ou ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2020-0392 (In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible
code e ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2020-0391 (In applyPolicy of PackageManagerService.java, there is possible
arbitr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0390 (In the app zygote SE Policy, there is a possible permissions
bypass. T ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0389 (In createSaveNotification of RecordingService.java, there is a
possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0388 (In createEmergencyLocationUserNotification of
GnssVisibilityControl.ja ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0387 (In manifest files of the SmartSpace package, there is a
possible tapja ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0386 (In onCreate of RequestPermissionActivity.java, there is a
possible tap ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0385 (In Parse_insh of eas_mdls.c, there is a possible out of bounds
write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0384 (In Parse_art of eas_mdls.c, there is a possible out of bounds
write du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0383 (In Parse_ins of eas_mdls.c, there is a possible out of bounds
write du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0382 (In RunInternal of dumpstate.cpp, there is a possible user
consent bypa ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0381 (In Parse_wave of eas_mdls.c, there is a possible out of bounds
write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0380 (In allocExcessBits of bitalloc.c, there is a possible out of
bounds wr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0379 (In the Bluetooth service, there is a possible spoofing attack
due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0378
RESERVED
CVE-2020-0377
@@ -65090,7 +65090,7 @@ CVE-2020-0349 (In NFC, there is a possible out of
bounds read due to a missing b
CVE-2020-0348 (In NFC, there is a possible out of bounds read due to a missing
bounds ...)
NOT-FOR-US: Android
CVE-2020-0347 (In iptables, there is a possible out of bounds write due to an
incorre ...)
- TODO: check
+ - iptables <undetermined>
CVE-2020-0346 (In Mediaserver, there is a possible out of bounds write due to
an inte ...)
NOT-FOR-US: Android Media Framework
CVE-2020-0345 (In DocumentsUI, there is a possible permission bypass due to a
confuse ...)
@@ -65100,7 +65100,7 @@ CVE-2020-0344 (In MediaProvider, there is a possible
permissions bypass due to S
CVE-2020-0343 (In NetworkStatsService, there is a possible access to protected
data d ...)
NOT-FOR-US: Android
CVE-2020-0342 (There is a possible out of bounds write due to an incorrect
bounds che ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0341 (In DisplayManager, there is a possible permission bypass due to
a miss ...)
NOT-FOR-US: Android
CVE-2020-0340 (In libcodec2_soft_mp3dec, there is a possible information
disclosure d ...)
@@ -65110,7 +65110,7 @@ CVE-2020-0339
CVE-2020-0338 (In AccountManager, there is a possible bypass of a permissions
check d ...)
NOT-FOR-US: Android
CVE-2020-0337 (In MediaProvider, there is a possible bypass of a permissions
check du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0336 (In SurfaceFlinger, there is possible memory corruption due to
type con ...)
NOT-FOR-US: Android Media Framework
CVE-2020-0335 (In NFC, there is a possible out of bounds write due to a
missing bound ...)
@@ -65236,7 +65236,7 @@ CVE-2020-0280
CVE-2020-0279 (In the AAC parser, there is a possible out of bounds read due
to a mis ...)
NOT-FOR-US: Android Media Framework
CVE-2020-0278 (There is a possible out of bounds write due to an incorrect
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek components for Android
CVE-2020-0277 (In NetworkPolicyManagerService, there is a possible permissions
bypass ...)
NOT-FOR-US: Android
CVE-2020-0276 (In Telephony, there is a possible permission bypass due to a
missing p ...)
@@ -65302,7 +65302,7 @@ CVE-2020-0247 (In Threshold::getHistogram of
ImageProcessHelper.java, there is a
CVE-2020-0246
RESERVED
CVE-2020-0245 (In DecodeFrameCombinedMode of combined_decode.cpp, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android Media framework
CVE-2020-0244
RESERVED
CVE-2020-0243 (In clearPropValue of MediaAnalyticsItem.cpp, there is a
possible use-a ...)
@@ -65334,7 +65334,7 @@ CVE-2020-0231 (There is a possible out of bounds write
due to an incorrect bound
CVE-2020-0230 (There is a possible out of bounds write due to an incorrect
bounds che ...)
NOT-FOR-US: MediaTek components for Android
CVE-2020-0229 (There is a possible out of bounds write due to an incorrect
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek components for Android
CVE-2020-0228 (There is an improper configuration of recorder related service.
Produc ...)
NOT-FOR-US: MediaTek components for Android
CVE-2020-0227 (In onCommand of CompanionDeviceManagerService.java, there is a
possibl ...)
@@ -65559,7 +65559,7 @@ CVE-2020-0125 (In mediadrm, there is a possible out of
bounds read due to a miss
CVE-2020-0124 (In markBootComplete of InstalldNativeService.cpp, there is a
possible ...)
NOT-FOR-US: Android
CVE-2020-0123 (There is a possible out of bounds write due to an incorrect
bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek components for Android
CVE-2020-0122 (In the permission declaration for
com.google.android.providers.gsf.per ...)
NOT-FOR-US: Android
CVE-2020-0121 (In updateUidProcState of AppOpsService.java, there is a
possible permi ...)
@@ -65667,7 +65667,7 @@ CVE-2020-0076 (In get_auth_result of the FPC IRIS
TrustZone app, there is a poss
CVE-2020-0075 (In set_shared_key of the FPC IRIS TrustZone app, there is a
possible o ...)
NOT-FOR-US: Android
CVE-2020-0074 (In verifyIntentFiltersIfNeeded of PackageManagerService.java,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0073 (In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a
possible ...)
NOT-FOR-US: Android
CVE-2020-0072 (In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a
possible ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0fa648181df845739d772a1b091dc6ad0e8176f
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0fa648181df845739d772a1b091dc6ad0e8176f
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
