[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso
carnil at debian.org
Mon Nov 2 08:10:27 GMT 2020
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
26bfbfa7 by security tracker role at 2020-11-02T08:10:19+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -28822,8 +28822,8 @@ CVE-2020-14752 (Vulnerability in the Hyperion Lifecycle Management product of Or
NOT-FOR-US: Oracle
CVE-2020-14751
RESERVED
-CVE-2020-14750
- RESERVED
+CVE-2020-14750 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+ TODO: check
CVE-2020-14749
RESERVED
CVE-2020-14748
@@ -39471,20 +39471,17 @@ CVE-2020-11176
RESERVED
CVE-2020-11175
RESERVED
-CVE-2020-11174
- RESERVED
+CVE-2020-11174 (u'Array index underflow issue in adsp driver due to improper check of ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11173
- RESERVED
+CVE-2020-11173 (u'Two threads running simultaneously from user space can lead to race ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11172
- RESERVED
+CVE-2020-11172 (u'fscanf reads a string from a file and stores its contents on a stati ...)
+ TODO: check
CVE-2020-11171
RESERVED
CVE-2020-11170
RESERVED
-CVE-2020-11169
- RESERVED
+CVE-2020-11169 (u'Buffer over-read while processing received L2CAP packet due to lack ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11168
RESERVED
@@ -39494,13 +39491,11 @@ CVE-2020-11166
RESERVED
CVE-2020-11165
RESERVED
-CVE-2020-11164
- RESERVED
+CVE-2020-11164 (u'Third-party app may also call the broadcasts in Perfdump and cause p ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11163
RESERVED
-CVE-2020-11162
- RESERVED
+CVE-2020-11162 (u'Possible buffer overflow in MHI driver due to lack of input paramete ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11161
RESERVED
@@ -39510,20 +39505,16 @@ CVE-2020-11159
RESERVED
CVE-2020-11158 (u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due t ...)
NOT-FOR-US: Qualcomm
-CVE-2020-11157
- RESERVED
+CVE-2020-11157 (u'Lack of handling unexpected control messages while encryption was in ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11156
- RESERVED
+CVE-2020-11156 (u'Buffer over-read issue in Bluetooth estack due to lack of check for ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11155
- RESERVED
+CVE-2020-11155 (u'Buffer overflow while processing PDU packet in bluetooth due to lack ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11154
- RESERVED
+CVE-2020-11154 (u'Buffer overflow while processing a crafted PDU data packet in blueto ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11153
- RESERVED
+CVE-2020-11153 (u'Out of bound memory access while processing GATT data received due t ...)
+ TODO: check
CVE-2020-11152
RESERVED
CVE-2020-11151
@@ -39546,8 +39537,7 @@ CVE-2020-11143
RESERVED
CVE-2020-11142
RESERVED
-CVE-2020-11141
- RESERVED
+CVE-2020-11141 (u'Buffer over-read issue in Bluetooth estack due to lack of check for ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11140
RESERVED
@@ -39579,8 +39569,7 @@ CVE-2020-11127
RESERVED
CVE-2020-11126
RESERVED
-CVE-2020-11125
- RESERVED
+CVE-2020-11125 (u'Out of bound access can happen in MHI command process due to lack of ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11124 (u'Possible use-after-free while accessing diag client map table since ...)
NOT-FOR-US: Snapdragon
@@ -39602,8 +39591,8 @@ CVE-2020-11116 (u'Possible out of bound write while processing association respo
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11115 (u'Buffer over read occurs while processing information element from be ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11114
- RESERVED
+CVE-2020-11114 (u'Bluetooth devices does not properly restrict the L2CAP payload lengt ...)
+ TODO: check
CVE-2020-5291 (Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode a ...)
- bubblewrap 0.4.1-1 (low; bug #955441)
[buster] - bubblewrap <not-affected> (Introduced in 0.4.0)
@@ -59243,11 +59232,9 @@ CVE-2020-3706
RESERVED
CVE-2020-3705
RESERVED
-CVE-2020-3704
- RESERVED
+CVE-2020-3704 (u'While processing invalid connection request PDU which is nonstandard ...)
NOT-FOR-US: Qualcomm components for Android
-CVE-2020-3703
- RESERVED
+CVE-2020-3703 (u'Buffer over-read issue in Bluetooth peripheral firmware due to lack ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3702 (u'Specifically timed and handcrafted traffic can cause internal errors ...)
NOT-FOR-US: Snapdragon
@@ -59261,21 +59248,19 @@ CVE-2020-3698 (Out of bound write while QoS DSCP mapping due to improper input v
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3697
RESERVED
-CVE-2020-3696
- RESERVED
+CVE-2020-3696 (u'Use after free while installing new security rule in ipcrtr as old o ...)
+ TODO: check
CVE-2020-3695
RESERVED
-CVE-2020-3694
- RESERVED
-CVE-2020-3693
- RESERVED
-CVE-2020-3692
- RESERVED
+CVE-2020-3694 (u'Use out of range pointer issue can occur due to incorrect buffer ran ...)
+ TODO: check
+CVE-2020-3693 (u'Use out of range pointer issue can occur due to incorrect buffer ran ...)
+ TODO: check
+CVE-2020-3692 (u'Possible buffer overflow while updating output buffer for IMEI and G ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3691
RESERVED
-CVE-2020-3690
- RESERVED
+CVE-2020-3690 (u'Due to an incorrect SMMU configuration, the modem crypto engine can ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3689
RESERVED
@@ -59287,8 +59272,7 @@ CVE-2020-3686
RESERVED
CVE-2020-3685
RESERVED
-CVE-2020-3684
- RESERVED
+CVE-2020-3684 (u'QSEE reads the access permission policy for the SMEM TOC partition f ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3683
RESERVED
@@ -59300,8 +59284,7 @@ CVE-2020-3680 (A race condition can occur when using the fastrpc memory mapping
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3679 (u'During execution after Address Space Layout Randomization is turned ...)
NOT-FOR-US: Snapdragon
-CVE-2020-3678
- RESERVED
+CVE-2020-3678 (u'A buffer overflow could occur if the API is improperly used due to U ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3677
RESERVED
@@ -59311,15 +59294,13 @@ CVE-2020-3675 (u'Potential integer underflow while parsing Service Info and IPv6
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3674 (Information can leak into userspace due to improper transfer of data f ...)
NOT-FOR-US: Snapdragon
-CVE-2020-3673
- RESERVED
+CVE-2020-3673 (u'Buffer overflow can happen as part of SIP message packet processing ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3672
RESERVED
CVE-2020-3671 (Use-after-free issue could occur due to dangling pointer when generati ...)
NOT-FOR-US: Snapdragon
-CVE-2020-3670
- RESERVED
+CVE-2020-3670 (u'Potential out of bounds read while processing downlink NAS transport ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3669 (u'Buffer Overflow issue in WLAN tcp ip verification due to usage of ou ...)
NOT-FOR-US: Qualcomm components for Android
@@ -59345,15 +59326,13 @@ CVE-2020-3659
RESERVED
CVE-2020-3658 (Possible null-pointer dereference can occur while parsing mp4 clip wit ...)
NOT-FOR-US: Snapdragon
-CVE-2020-3657
- RESERVED
+CVE-2020-3657 (u'Remote code execution can happen by sending a carefully crafted POST ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3656 (Out of bound access can happen in MHI command process due to lack of c ...)
NOT-FOR-US: Snapdragon
CVE-2020-3655
RESERVED
-CVE-2020-3654
- RESERVED
+CVE-2020-3654 (u'Buffer overflow occurs while processing SIP message packet due to la ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3653 (Possible buffer over-read in windows wlan driver function due to lack ...)
NOT-FOR-US: Snapdragon
@@ -59385,8 +59364,7 @@ CVE-2020-3640 (u'Resizing the usage table header before passing all the checks l
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3639
RESERVED
-CVE-2020-3638
- RESERVED
+CVE-2020-3638 (u'An Unaligned address or size can propagate to the database due to im ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3637
RESERVED
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26bfbfa7eb756663570ed240d5544067609be2b0
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26bfbfa7eb756663570ed240d5544067609be2b0
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201102/d871fc35/attachment-0001.html>
More information about the debian-security-tracker-commits
mailing list