[Secure-testing-commits] r48226 - data/CVE

Moritz Muehlenhoff jmm at moszumanska.debian.org
Fri Jan 20 15:09:44 UTC 2017 

Author: jmm
Date: 2017-01-20 15:09:44 +0000 (Fri, 20 Jan 2017)
New Revision: 48226

Modified:
   data/CVE/list
Log:
android NFUs, mark some issues potentially kernel-generic as undetermined


Modified: data/CVE/list
===================================================================
--- data/CVE/list	2017-01-20 14:34:44 UTC (rev 48225)
+++ data/CVE/list	2017-01-20 15:09:44 UTC (rev 48226)
@@ -12085,9 +12085,9 @@
 CVE-2017-0405
 	RESERVED
 CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound subsystem ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2017-0403 (An elevation of privilege vulnerability in the kernel performance ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2017-0402 (An information disclosure vulnerability in ...)
 	TODO: check
 CVE-2017-0401 (An information disclosure vulnerability in ...)
@@ -16589,11 +16589,11 @@
 CVE-2016-8467 (An elevation of privilege vulnerability in the bootloader could enable ...)
 	TODO: check
 CVE-2016-8466 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8465 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8464 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8463 (A denial of service vulnerability in the Qualcomm FUSE file system ...)
 	TODO: check
 CVE-2016-8462 (An information disclosure vulnerability in the bootloader could enable ...)
@@ -16601,83 +16601,83 @@
 CVE-2016-8461 (An information disclosure vulnerability in the bootloader could enable ...)
 	TODO: check
 CVE-2016-8460 (An information disclosure vulnerability in the NVIDIA video driver ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8459 (Possible buffer overflow in storage subsystem. Bad parameters as part ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8458 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8457 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8456 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8455 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8454 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8453 (An elevation of privilege vulnerability in the Broadcom Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8452 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8451 (An elevation of privilege vulnerability in the Synaptics touchscreen ...)
-	TODO: check
+	- linux <undetermined>
 CVE-2016-8450 (An elevation of privilege vulnerability in the Qualcomm sound driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8449 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8448 (An elevation of privilege vulnerability in MediaTek components, ...)
-	TODO: check
+	NOT-FOR-US: MediaTek component for Android
 CVE-2016-8447 (An elevation of privilege vulnerability in MediaTek components, ...)
-	TODO: check
+	NOT-FOR-US: MediaTek component for Android
 CVE-2016-8446 (An elevation of privilege vulnerability in MediaTek components, ...)
-	TODO: check
+	NOT-FOR-US: MediaTek component for Android
 CVE-2016-8445 (An elevation of privilege vulnerability in MediaTek components, ...)
-	TODO: check
+	NOT-FOR-US: MediaTek component for Android
 CVE-2016-8444 (An elevation of privilege vulnerability in the Qualcomm camera could ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8443 (Possible unauthorized memory access in the hypervisor. Incorrect ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8442 (Possible unauthorized memory access in the hypervisor. Lack of input ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8441 (Possible buffer overflow in the hypervisor. Inappropriate usage of a ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8440 (Possible buffer overflow in SMMU system call. Improper input ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8439 (Possible buffer overflow in trust zone access control API. Buffer ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8438 (Integer overflow leading to a TOCTOU condition in hypervisor PIL. An ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8437 (Improper input validation in Access Control APIs. Access control API ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8436 (An elevation of privilege vulnerability in the Qualcomm video driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8435 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8434 (An elevation of privilege vulnerability in the Qualcomm GPU driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8433 (An elevation of privilege vulnerability in the MediaTek driver could ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2016-8432 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8431 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8430 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8429 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8428 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8427 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8426 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8425 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8424 (An elevation of privilege vulnerability in the NVIDIA GPU driver could ...)
-	TODO: check
+	NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8423 (An elevation of privilege vulnerability in the Qualcomm bootloader ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm bootloader for Android
 CVE-2016-8422 (An elevation of privilege vulnerability in the Qualcomm bootloader ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm bootloader for Android
 CVE-2016-8421
 	RESERVED
 CVE-2016-8420
@@ -16691,13 +16691,13 @@
 CVE-2016-8416
 	RESERVED
 CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi driver ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8414
 	RESERVED
 CVE-2016-8413
 	RESERVED
 CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera could ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8411
 	RESERVED
 CVE-2016-8410 (An information disclosure vulnerability in the Qualcomm sound driver ...)
@@ -16728,7 +16728,7 @@
 	[jessie] - linux 3.16.39-1
 	NOTE: Fixed by: https://git.kernel.org/linus/0eab121ef8750a5c8637d51534d5e9143fb0633f
 CVE-2016-8398 (Unauthenticated messages processed by the UE. Certain NAS messages are ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8397 (An information disclosure vulnerability in the NVIDIA video driver ...)
 	TODO: check
 CVE-2016-8396 (An information disclosure vulnerability in the MediaTek video driver ...)
@@ -26772,6 +26772,7 @@
 	RESERVED
 CVE-2016-5345
 	RESERVED
+	NOT-FOR-US: Qualcomm radio driver for Android
 CVE-2016-5344 (Multiple integer overflows in the MDSS driver for the Linux kernel ...)
 	TODO: check
 CVE-2016-5343 (drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice Service ...)

More information about the Secure-testing-commits mailing list