[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) Wed, 25 Jan 2023 23:11:54 -0800


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker



Commits:
9dac6589 by Salvatore Bonaccorso at 2023-01-26T08:11:13+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -80320,9 +80320,9 @@ CVE-2022-23816
 CVE-2022-23815
        RESERVED
 CVE-2022-23814 (Failure to validate addresses provided by software to BIOS 
commands ma ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2022-23813 (The software interfaces to ASP and SMU may not enforce the SNP 
memory  ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2022-22146 (Cross-site scripting vulnerability in TransmitMail 2.5.0 to 
2.6.1 allo ...)
        NOT-FOR-US: TransmitMail
 CVE-2022-21193 (Directory traversal vulnerability in TransmitMail 2.5.0 to 
2.6.1 allow ...)
@@ -141789,7 +141789,8 @@ CVE-2021-26348 (Failure to flush the Translation 
Lookaside Buffer (TLB) of the I
 CVE-2021-26347 (Failure to validate the integer operand in ASP (AMD Secure 
Processor)  ...)
        NOT-FOR-US: AMD
 CVE-2021-26346 (Failure to validate the integer operand in ASP (AMD Secure 
Processor)  ...)
-       TODO: check
+       NOT-FOR-US: AMD
+       NOTE: 
https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1031
 CVE-2021-26345
        RESERVED
 CVE-2021-26344
@@ -141853,7 +141854,7 @@ CVE-2021-26318 (A timing and power-based side channel 
attack leveraging the x86
 CVE-2021-26317 (Failure to verify the protocol in SMM may allow an attacker to 
control ...)
        NOT-FOR-US: AMD
 CVE-2021-26316 (Failure to validate the communication buffer and communication 
service ...)
-       TODO: check
+       NOT-FOR-US: AMD
 CVE-2021-26315 (When the AMD Platform Security Processor (PSP) boot rom loads, 
authent ...)
        NOT-FOR-US: AMD
 CVE-2021-26314 (Potential floating point value injection in all supported CPU 
products ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dac658974e0557f8663eb26d8829d46bb2c6da3

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dac658974e0557f8663eb26d8829d46bb2c6da3
You're receiving this email because of your account on salsa.debian.org.

_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

[Git][security-tracker-team/security-tracker][master] Process some NFUs

Reply via email to