[Git][security-tracker-team/security-tracker][master] NFUs
Moritz Muehlenhoff
jmm at debian.org
Thu May 9 22:55:30 BST 2019
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
59c398cf by Moritz Muehlenhoff at 2019-05-09T21:55:04Z
NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -25324,14 +25324,18 @@ CVE-2019-2260
RESERVED
CVE-2019-2259
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-2258
RESERVED
CVE-2019-2257
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-2256
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-2255
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2019-2254
RESERVED
CVE-2019-2253
@@ -25739,27 +25743,27 @@ CVE-2019-2054 (In the seccomp implementation prior to kernel version 4.8, there
- linux <undetermined>
TODO: check
CVE-2019-2053 (In wnm_parse_neighbor_report_elem of wnm_sta.c, there is a possible ou ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2052 (In VisitPointers of heap.cc, there is a possible out-of-bounds read du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2051 (In heap of spaces.h, there is a possible out of bounds read due to imp ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2050 (In tearDownClientInterface of WificondControl.java, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2049 (In SendMediaUpdate and SendFolderUpdate of avrcp_service.cc, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2048
RESERVED
CVE-2019-2047 (In UpdateLoadElement of ic.cc, there is a possible out-of-bounds write ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2046 (In CalculateInstanceSizeForDerivedClass of objects.cc, there is possib ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2045 (In JSCallTyper of typer.cc, there is an out of bounds write due to an ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2044 (In MakeMP>G4VideoCodecSpecificData of APacketSource.cpp, there is a ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2019-2043 (In SmsDefaultDialog.onStart of SmsDefaultDialog.java, there is a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2019-2042
RESERVED
CVE-2019-2041 (In the configuration of NFC modules on certain devices, there is a pos ...)
@@ -27298,6 +27302,7 @@ CVE-2018-19861 (Buffer overflow in MiniShare 1.4.1 and earlier allows remote att
NOT-FOR-US: MiniShare
CVE-2018-19860
RESERVED
+ NOT-FOR-US: Broadcom components for Android
CVE-2018-19859 (OpenRefine before 3.2 beta allows directory traversal via a relative p ...)
NOT-FOR-US: OpenRefine
CVE-2018-19858 (PrinceXML, versions 10 and below, is vulnerable to XXE due to the lack ...)
@@ -45977,6 +45982,7 @@ CVE-2018-13920
NOT-FOR-US: Qualcomm components for Android
CVE-2018-13919
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13918 (kernel could return a received message length higher than expected, wh ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-13917
@@ -45994,16 +46000,22 @@ CVE-2018-13912 (Arbitrary write issue can occur when user provides kernel addres
NOT-FOR-US: CodeAurora components for Android
CVE-2018-13911
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13910
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13909
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13908
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13907
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13906
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13905 (KGSL syncsource lock not handled properly during syncsource cleanup ca ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-13904 (Improper input validation in SCM handler to access storage in TZ can l ...)
@@ -46012,8 +46024,10 @@ CVE-2018-13903
RESERVED
CVE-2018-13902
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13901
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13900 (Use-after-free vulnerability will occur as there is no protection for ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2018-13899
@@ -46021,6 +46035,7 @@ CVE-2018-13899
NOT-FOR-US: Qualcomm components for Android
CVE-2018-13898
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-13897
RESERVED
CVE-2018-13896
@@ -51087,6 +51102,7 @@ CVE-2018-11956 (In all android releases(Android for MSM, Firefox OS for MSM, QRD
NOT-FOR-US: Android
CVE-2018-11955
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-11954
RESERVED
CVE-2018-11953
@@ -67176,7 +67192,7 @@ CVE-2018-6245
CVE-2018-6244
RESERVED
CVE-2018-6243 (NVIDIA Tegra TLK Widevine Trust Application contains a vulnerability i ...)
- TODO: check
+ NOT-FOR-US: NVIDIA
CVE-2018-6242 (Some NVIDIA Tegra mobile processors released prior to 2016 contain a b ...)
NOT-FOR-US: NVIDIA
CVE-2018-6241 (NVIDIA Tegra Gralloc module contains a vulnerability in driver in whic ...)
@@ -68439,6 +68455,7 @@ CVE-2018-5914 (Improper input validation in TZ led to array out of bound in TZ f
NOT-FOR-US: Qualcomm components for Android
CVE-2018-5913
RESERVED
+ NOT-FOR-US: Qualcomm components for Android
CVE-2018-5912 (Potential buffer overflow in Video due to lack of input validation in ...)
NOT-FOR-US: Snapdragon
CVE-2018-5911
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/59c398cf430e0fd912c55cdcbb65001f7dba9880
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/59c398cf430e0fd912c55cdcbb65001f7dba9880
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20190509/5ddf05c8/attachment.html>
More information about the debian-security-tracker-commits
mailing list