[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso Mon, 02 Nov 2020 00:10:44 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
26bfbfa7 by security tracker role at 2020-11-02T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28822,8 +28822,8 @@ CVE-2020-14752 (Vulnerability in the Hyperion Lifecycle 
Management product of Or
        NOT-FOR-US: Oracle
 CVE-2020-14751
        RESERVED
-CVE-2020-14750
-       RESERVED
+CVE-2020-14750 (Vulnerability in the Oracle WebLogic Server product of Oracle 
Fusion M ...)
+       TODO: check
 CVE-2020-14749
        RESERVED
 CVE-2020-14748
@@ -39471,20 +39471,17 @@ CVE-2020-11176
        RESERVED
 CVE-2020-11175
        RESERVED
-CVE-2020-11174
-       RESERVED
+CVE-2020-11174 (u'Array index underflow issue in adsp driver due to improper 
check of  ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11173
-       RESERVED
+CVE-2020-11173 (u'Two threads running simultaneously from user space can lead 
to race  ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11172
-       RESERVED
+CVE-2020-11172 (u'fscanf reads a string from a file and stores its contents on 
a stati ...)
+       TODO: check
 CVE-2020-11171
        RESERVED
 CVE-2020-11170
        RESERVED
-CVE-2020-11169
-       RESERVED
+CVE-2020-11169 (u'Buffer over-read while processing received L2CAP packet due 
to lack  ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11168
        RESERVED
@@ -39494,13 +39491,11 @@ CVE-2020-11166
        RESERVED
 CVE-2020-11165
        RESERVED
-CVE-2020-11164
-       RESERVED
+CVE-2020-11164 (u'Third-party app may also call the broadcasts in Perfdump and 
cause p ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11163
        RESERVED
-CVE-2020-11162
-       RESERVED
+CVE-2020-11162 (u'Possible buffer overflow in MHI driver due to lack of input 
paramete ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11161
        RESERVED
@@ -39510,20 +39505,16 @@ CVE-2020-11159
        RESERVED
 CVE-2020-11158 (u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 
filter due t ...)
        NOT-FOR-US: Qualcomm
-CVE-2020-11157
-       RESERVED
+CVE-2020-11157 (u'Lack of handling unexpected control messages while 
encryption was in ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11156
-       RESERVED
+CVE-2020-11156 (u'Buffer over-read issue in Bluetooth estack due to lack of 
check for  ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11155
-       RESERVED
+CVE-2020-11155 (u'Buffer overflow while processing PDU packet in bluetooth due 
to lack ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11154
-       RESERVED
+CVE-2020-11154 (u'Buffer overflow while processing a crafted PDU data packet 
in blueto ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11153
-       RESERVED
+CVE-2020-11153 (u'Out of bound memory access while processing GATT data 
received due t ...)
+       TODO: check
 CVE-2020-11152
        RESERVED
 CVE-2020-11151
@@ -39546,8 +39537,7 @@ CVE-2020-11143
        RESERVED
 CVE-2020-11142
        RESERVED
-CVE-2020-11141
-       RESERVED
+CVE-2020-11141 (u'Buffer over-read issue in Bluetooth estack due to lack of 
check for  ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11140
        RESERVED
@@ -39579,8 +39569,7 @@ CVE-2020-11127
        RESERVED
 CVE-2020-11126
        RESERVED
-CVE-2020-11125
-       RESERVED
+CVE-2020-11125 (u'Out of bound access can happen in MHI command process due to 
lack of ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11124 (u'Possible use-after-free while accessing diag client map 
table since  ...)
        NOT-FOR-US: Snapdragon
@@ -39602,8 +39591,8 @@ CVE-2020-11116 (u'Possible out of bound write while 
processing association respo
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11115 (u'Buffer over read occurs while processing information element 
from be ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11114
-       RESERVED
+CVE-2020-11114 (u'Bluetooth devices does not properly restrict the L2CAP 
payload lengt ...)
+       TODO: check
 CVE-2020-5291 (Bubblewrap (bwrap) before version 0.4.1, if installed in setuid 
mode a ...)
        - bubblewrap 0.4.1-1 (low; bug #955441)
        [buster] - bubblewrap <not-affected> (Introduced in 0.4.0)
@@ -59243,11 +59232,9 @@ CVE-2020-3706
        RESERVED
 CVE-2020-3705
        RESERVED
-CVE-2020-3704
-       RESERVED
+CVE-2020-3704 (u'While processing invalid connection request PDU which is 
nonstandard ...)
        NOT-FOR-US: Qualcomm components for Android
-CVE-2020-3703
-       RESERVED
+CVE-2020-3703 (u'Buffer over-read issue in Bluetooth peripheral firmware due 
to lack  ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3702 (u'Specifically timed and handcrafted traffic can cause internal 
errors ...)
        NOT-FOR-US: Snapdragon
@@ -59261,21 +59248,19 @@ CVE-2020-3698 (Out of bound write while QoS DSCP 
mapping due to improper input v
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3697
        RESERVED
-CVE-2020-3696
-       RESERVED
+CVE-2020-3696 (u'Use after free while installing new security rule in ipcrtr 
as old o ...)
+       TODO: check
 CVE-2020-3695
        RESERVED
-CVE-2020-3694
-       RESERVED
-CVE-2020-3693
-       RESERVED
-CVE-2020-3692
-       RESERVED
+CVE-2020-3694 (u'Use out of range pointer issue can occur due to incorrect 
buffer ran ...)
+       TODO: check
+CVE-2020-3693 (u'Use out of range pointer issue can occur due to incorrect 
buffer ran ...)
+       TODO: check
+CVE-2020-3692 (u'Possible buffer overflow while updating output buffer for 
IMEI and G ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3691
        RESERVED
-CVE-2020-3690
-       RESERVED
+CVE-2020-3690 (u'Due to an incorrect SMMU configuration, the modem crypto 
engine can  ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3689
        RESERVED
@@ -59287,8 +59272,7 @@ CVE-2020-3686
        RESERVED
 CVE-2020-3685
        RESERVED
-CVE-2020-3684
-       RESERVED
+CVE-2020-3684 (u'QSEE reads the access permission policy for the SMEM TOC 
partition f ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3683
        RESERVED
@@ -59300,8 +59284,7 @@ CVE-2020-3680 (A race condition can occur when using 
the fastrpc memory mapping
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3679 (u'During execution after Address Space Layout Randomization is 
turned  ...)
        NOT-FOR-US: Snapdragon
-CVE-2020-3678
-       RESERVED
+CVE-2020-3678 (u'A buffer overflow could occur if the API is improperly used 
due to U ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3677
        RESERVED
@@ -59311,15 +59294,13 @@ CVE-2020-3675 (u'Potential integer underflow while 
parsing Service Info and IPv6
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3674 (Information can leak into userspace due to improper transfer of 
data f ...)
        NOT-FOR-US: Snapdragon
-CVE-2020-3673
-       RESERVED
+CVE-2020-3673 (u'Buffer overflow can happen as part of SIP message packet 
processing  ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3672
        RESERVED
 CVE-2020-3671 (Use-after-free issue could occur due to dangling pointer when 
generati ...)
        NOT-FOR-US: Snapdragon
-CVE-2020-3670
-       RESERVED
+CVE-2020-3670 (u'Potential out of bounds read while processing downlink NAS 
transport ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3669 (u'Buffer Overflow issue in WLAN tcp ip verification due to 
usage of ou ...)
        NOT-FOR-US: Qualcomm components for Android
@@ -59345,15 +59326,13 @@ CVE-2020-3659
        RESERVED
 CVE-2020-3658 (Possible null-pointer dereference can occur while parsing mp4 
clip wit ...)
        NOT-FOR-US: Snapdragon
-CVE-2020-3657
-       RESERVED
+CVE-2020-3657 (u'Remote code execution can happen by sending a carefully 
crafted POST ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3656 (Out of bound access can happen in MHI command process due to 
lack of c ...)
        NOT-FOR-US: Snapdragon
 CVE-2020-3655
        RESERVED
-CVE-2020-3654
-       RESERVED
+CVE-2020-3654 (u'Buffer overflow occurs while processing SIP message packet 
due to la ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3653 (Possible buffer over-read in windows wlan driver function due 
to lack  ...)
        NOT-FOR-US: Snapdragon
@@ -59385,8 +59364,7 @@ CVE-2020-3640 (u'Resizing the usage table header before 
passing all the checks l
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3639
        RESERVED
-CVE-2020-3638
-       RESERVED
+CVE-2020-3638 (u'An Unaligned address or size can propagate to the database 
due to im ...)
        NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3637
        RESERVED



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26bfbfa7eb756663570ed240d5544067609be2b0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26bfbfa7eb756663570ed240d5544067609be2b0
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] automatic update

Reply via email to