Moritz Muehlenhoff pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
87ecdf59 by Moritz Muehlenhoff at 2021-04-12T13:36:06+02:00
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -75472,9 +75472,9 @@ CVE-2020-11254
CVE-2020-11253 (Arbitrary memory write issue in video driver while setting the
interna ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11252 (Trustzone initialization code will disable xPU`s when memory
dumps are ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11251 (Out-of-bounds read vulnerability while accessing DTMF payload
due to l ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11250
RESERVED
NOT-FOR-US: Qualcomm components for Android
@@ -75483,17 +75483,17 @@ CVE-2020-11249
CVE-2020-11248
RESERVED
CVE-2020-11247 (Out of bound memory read while unpacking data due to lack of
offset le ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11246 (A double free condition can occur when the device moves to
suspend mod ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11245 (Unintended reads and writes by NS EL2 in access control driver
due to ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11244
RESERVED
CVE-2020-11243 (RRC sends a connection establishment success to NAS even
though connec ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11242 (User could gain access to secure memory due to incorrect
argument into ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11241
RESERVED
NOT-FOR-US: Qualcomm components for Android
@@ -75507,21 +75507,21 @@ CVE-2020-11238
RESERVED
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11237 (Memory crash when accessing histogram type KPI input received
due to l ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11236 (Memory corruption due to invalid value of total dimension in
the non-h ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11235
RESERVED
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11234 (When sending a socket event message to a user application,
invalid inf ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11233
RESERVED
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11232
RESERVED
CVE-2020-11231 (Two threads call one or both functions concurrently leading to
corrupt ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11230 (Potential arbitrary memory corruption when the qseecom driver
updates ...)
NOT-FOR-US: Snapdragon
CVE-2020-11229
@@ -75563,7 +75563,7 @@ CVE-2020-11212 (Out of bounds reads while parsing NAN
beacons attributes and OUI
CVE-2020-11211
RESERVED
CVE-2020-11210 (Possible memory corruption in RPM region due to improper XPU
configura ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11209 (u'Improper authorization in DSP process could allow
unauthorized users ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11208 (u'Out of Bound issue in DSP services while processing received
argumen ...)
@@ -75601,7 +75601,7 @@ CVE-2020-11193 (u'Buffer over read can happen while
parsing mkv clip due to impr
CVE-2020-11192 (Out of bound write while parsing SDP string due to missing
check on nu ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11191 (Out of bound read occurs while processing crafted SDP due to
lack of c ...)
- TODO: check
+ NOT-FOR-US: Qualcomm components for Android
CVE-2020-11190 (Buffer over-read can happen while parsing received SDP values
due to l ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11189 (Buffer over-read can happen while parsing received SDP values
due to l ...)
@@ -87635,7 +87635,7 @@ CVE-2020-6592
CVE-2020-6591
RESERVED
CVE-2020-6590 (Forcepoint Web Security Content Gateway versions prior to 8.5.4
improp ...)
- TODO: check
+ NOT-FOR-US: Forcepoint Web Security Content Gateway
CVE-2020-6589
RESERVED
CVE-2020-6588
@@ -365487,9 +365487,9 @@ CVE-2013-1057 (Untrusted search path vulnerability in
maas-import-pxe-files in M
CVE-2013-1056 (X.org X server 1.13.3 and earlier, when not run as root, allows
local ...)
- xorg-server <not-affected> (Ubuntu-specific patch, see
http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1056.html)
CVE-2013-1055 (The unity-firefox-extension package could be tricked into
dropping a C ...)
- TODO: check
+ NOT-FOR-US: unity-firefox-extension
CVE-2013-1054 (The unity-firefox-extension package could be tricked into
destroying t ...)
- TODO: check
+ NOT-FOR-US: unity-firefox-extension
CVE-2013-1053 (In crypt.c of remote-login-service, the cryptographic algorithm
used t ...)
NOT-FOR-US: remote-login-service Ubuntu package
CVE-2013-1052 (pam-xdg-support, as used in Ubuntu 12.10, does not properly
handle the ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87ecdf594d7a85b38cd5f94a878236203d4e2cdd
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87ecdf594d7a85b38cd5f94a878236203d4e2cdd
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
