Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits: 95b0f7ef by Salvatore Bonaccorso at 2023-08-18T07:01:52+02:00 Associate issues from INTEL-SA-00766 with firmware-nonfree - - - - - 1 changed file: - data/CVE/list Changes: ===================================== data/CVE/list ===================================== @@ -46433,7 +46433,11 @@ CVE-2022-46647 CVE-2022-46646 RESERVED CVE-2022-46329 (Protection mechanism failure for some Intel(R) PROSet/Wireless WiFi so ...) - TODO: check + - firmware-nonfree <unfixed> + [bookworm] - firmware-nonfree <no-dsa> (Non-free not supported) + [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported) + NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html + NOTE: Fixed upstream in linux-firmware/20230804 CVE-2022-46301 RESERVED CVE-2022-46299 @@ -63901,7 +63905,11 @@ CVE-2022-40971 (Incorrect default permissions for the Intel(R) HDMI Firmware Upd CVE-2022-40970 RESERVED CVE-2022-40964 (Improper access control for some Intel(R) PROSet/Wireless WiFi and Kil ...) - TODO: check + - firmware-nonfree <unfixed> + [bookworm] - firmware-nonfree <no-dsa> (Non-free not supported) + [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported) + NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html + NOTE: Fixed upstream in linux-firmware/20230804 CVE-2022-40210 (Exposure of data element to wrong session in the Intel DCM software be ...) NOT-FOR-US: Intel CVE-2022-40196 (Improper access control in the Intel(R) oneAPI DPC++/C++ Compiler befo ...) @@ -73260,7 +73268,11 @@ CVE-2022-38092 CVE-2022-38087 (Exposure of resource to wrong sphere in BIOS firmware for some Intel(R ...) NOT-FOR-US: Intel CVE-2022-38076 (Improper input validation in some Intel(R) PROSet/Wireless WiFi and Ki ...) - TODO: check + - firmware-nonfree <unfixed> + [bookworm] - firmware-nonfree <no-dsa> (Non-free not supported) + [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported) + NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html + NOTE: Fixed upstream in linux-firmware/20230804 CVE-2022-38060 (A privilege escalation vulnerability exists in the sudo functionality ...) - kolla <itp> (bug #804128) NOTE: https://bugs.launchpad.net/kolla/+bug/1985784 @@ -73273,7 +73285,11 @@ CVE-2022-37329 (Uncontrolled search path in some Intel(R) Quartus(R) Prime Pro a CVE-2022-36406 RESERVED CVE-2022-36351 (Improper input validation in some Intel(R) PROSet/Wireless WiFi and Ki ...) - TODO: check + - firmware-nonfree <unfixed> + [bookworm] - firmware-nonfree <no-dsa> (Non-free not supported) + [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported) + NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html + NOTE: Fixed upstream in linux-firmware/20230804 CVE-2022-33893 RESERVED CVE-2022-2759 (Delta Electronics Delta Robot Automation Studio (DRAS) versions prior ...) @@ -102998,7 +103014,11 @@ CVE-2022-1042 (In Zephyr bluetooth mesh core stack, an out-of-bound write vulner CVE-2022-1041 (In Zephyr bluetooth mesh core stack, an out-of-bound write vulnerabili ...) NOT-FOR-US: Zyphyr CVE-2022-27635 (Improper access control for some Intel(R) PROSet/Wireless WiFi and Kil ...) - TODO: check + - firmware-nonfree <unfixed> + [bookworm] - firmware-nonfree <no-dsa> (Non-free not supported) + [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported) + NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00766.html + NOTE: Fixed upstream in linux-firmware/20230804 CVE-2022-27626 (A vulnerability regarding concurrent execution using shared resource w ...) NOT-FOR-US: Synology CVE-2022-27625 (A vulnerability regarding improper restriction of operations within th ...) View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95b0f7ef8d964c6230aed3b2e10acb7b9a20e1cb -- View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/95b0f7ef8d964c6230aed3b2e10acb7b9a20e1cb You're receiving this email because of your account on salsa.debian.org.
_______________________________________________ debian-security-tracker-commits mailing list debian-security-tracker-commits@alioth-lists.debian.net https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits