[Git][security-tracker-team/security-tracker][master] automatic update

Salvatore Bonaccorso carnil at debian.org
Mon Nov 2 08:10:27 GMT 2020 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
26bfbfa7 by security tracker role at 2020-11-02T08:10:19+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -28822,8 +28822,8 @@ CVE-2020-14752 (Vulnerability in the Hyperion Lifecycle Management product of Or
 	NOT-FOR-US: Oracle
 CVE-2020-14751
 	RESERVED
-CVE-2020-14750
-	RESERVED
+CVE-2020-14750 (Vulnerability in the Oracle WebLogic Server product of Oracle Fusion M ...)
+	TODO: check
 CVE-2020-14749
 	RESERVED
 CVE-2020-14748
@@ -39471,20 +39471,17 @@ CVE-2020-11176
 	RESERVED
 CVE-2020-11175
 	RESERVED
-CVE-2020-11174
-	RESERVED
+CVE-2020-11174 (u'Array index underflow issue in adsp driver due to improper check of  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11173
-	RESERVED
+CVE-2020-11173 (u'Two threads running simultaneously from user space can lead to race  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11172
-	RESERVED
+CVE-2020-11172 (u'fscanf reads a string from a file and stores its contents on a stati ...)
+	TODO: check
 CVE-2020-11171
 	RESERVED
 CVE-2020-11170
 	RESERVED
-CVE-2020-11169
-	RESERVED
+CVE-2020-11169 (u'Buffer over-read while processing received L2CAP packet due to lack  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11168
 	RESERVED
@@ -39494,13 +39491,11 @@ CVE-2020-11166
 	RESERVED
 CVE-2020-11165
 	RESERVED
-CVE-2020-11164
-	RESERVED
+CVE-2020-11164 (u'Third-party app may also call the broadcasts in Perfdump and cause p ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11163
 	RESERVED
-CVE-2020-11162
-	RESERVED
+CVE-2020-11162 (u'Possible buffer overflow in MHI driver due to lack of input paramete ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11161
 	RESERVED
@@ -39510,20 +39505,16 @@ CVE-2020-11159
 	RESERVED
 CVE-2020-11158 (u'Null pointer dereference in HP OfficeJet Pro 8210 jbig2 filter due t ...)
 	NOT-FOR-US: Qualcomm
-CVE-2020-11157
-	RESERVED
+CVE-2020-11157 (u'Lack of handling unexpected control messages while encryption was in ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11156
-	RESERVED
+CVE-2020-11156 (u'Buffer over-read issue in Bluetooth estack due to lack of check for  ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11155
-	RESERVED
+CVE-2020-11155 (u'Buffer overflow while processing PDU packet in bluetooth due to lack ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11154
-	RESERVED
+CVE-2020-11154 (u'Buffer overflow while processing a crafted PDU data packet in blueto ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11153
-	RESERVED
+CVE-2020-11153 (u'Out of bound memory access while processing GATT data received due t ...)
+	TODO: check
 CVE-2020-11152
 	RESERVED
 CVE-2020-11151
@@ -39546,8 +39537,7 @@ CVE-2020-11143
 	RESERVED
 CVE-2020-11142
 	RESERVED
-CVE-2020-11141
-	RESERVED
+CVE-2020-11141 (u'Buffer over-read issue in Bluetooth estack due to lack of check for  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11140
 	RESERVED
@@ -39579,8 +39569,7 @@ CVE-2020-11127
 	RESERVED
 CVE-2020-11126
 	RESERVED
-CVE-2020-11125
-	RESERVED
+CVE-2020-11125 (u'Out of bound access can happen in MHI command process due to lack of ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11124 (u'Possible use-after-free while accessing diag client map table since  ...)
 	NOT-FOR-US: Snapdragon
@@ -39602,8 +39591,8 @@ CVE-2020-11116 (u'Possible out of bound write while processing association respo
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11115 (u'Buffer over read occurs while processing information element from be ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-11114
-	RESERVED
+CVE-2020-11114 (u'Bluetooth devices does not properly restrict the L2CAP payload lengt ...)
+	TODO: check
 CVE-2020-5291 (Bubblewrap (bwrap) before version 0.4.1, if installed in setuid mode a ...)
 	- bubblewrap 0.4.1-1 (low; bug #955441)
 	[buster] - bubblewrap <not-affected> (Introduced in 0.4.0)
@@ -59243,11 +59232,9 @@ CVE-2020-3706
 	RESERVED
 CVE-2020-3705
 	RESERVED
-CVE-2020-3704
-	RESERVED
+CVE-2020-3704 (u'While processing invalid connection request PDU which is nonstandard ...)
 	NOT-FOR-US: Qualcomm components for Android
-CVE-2020-3703
-	RESERVED
+CVE-2020-3703 (u'Buffer over-read issue in Bluetooth peripheral firmware due to lack  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3702 (u'Specifically timed and handcrafted traffic can cause internal errors ...)
 	NOT-FOR-US: Snapdragon
@@ -59261,21 +59248,19 @@ CVE-2020-3698 (Out of bound write while QoS DSCP mapping due to improper input v
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3697
 	RESERVED
-CVE-2020-3696
-	RESERVED
+CVE-2020-3696 (u'Use after free while installing new security rule in ipcrtr as old o ...)
+	TODO: check
 CVE-2020-3695
 	RESERVED
-CVE-2020-3694
-	RESERVED
-CVE-2020-3693
-	RESERVED
-CVE-2020-3692
-	RESERVED
+CVE-2020-3694 (u'Use out of range pointer issue can occur due to incorrect buffer ran ...)
+	TODO: check
+CVE-2020-3693 (u'Use out of range pointer issue can occur due to incorrect buffer ran ...)
+	TODO: check
+CVE-2020-3692 (u'Possible buffer overflow while updating output buffer for IMEI and G ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3691
 	RESERVED
-CVE-2020-3690
-	RESERVED
+CVE-2020-3690 (u'Due to an incorrect SMMU configuration, the modem crypto engine can  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3689
 	RESERVED
@@ -59287,8 +59272,7 @@ CVE-2020-3686
 	RESERVED
 CVE-2020-3685
 	RESERVED
-CVE-2020-3684
-	RESERVED
+CVE-2020-3684 (u'QSEE reads the access permission policy for the SMEM TOC partition f ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3683
 	RESERVED
@@ -59300,8 +59284,7 @@ CVE-2020-3680 (A race condition can occur when using the fastrpc memory mapping
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3679 (u'During execution after Address Space Layout Randomization is turned  ...)
 	NOT-FOR-US: Snapdragon
-CVE-2020-3678
-	RESERVED
+CVE-2020-3678 (u'A buffer overflow could occur if the API is improperly used due to U ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3677
 	RESERVED
@@ -59311,15 +59294,13 @@ CVE-2020-3675 (u'Potential integer underflow while parsing Service Info and IPv6
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3674 (Information can leak into userspace due to improper transfer of data f ...)
 	NOT-FOR-US: Snapdragon
-CVE-2020-3673
-	RESERVED
+CVE-2020-3673 (u'Buffer overflow can happen as part of SIP message packet processing  ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3672
 	RESERVED
 CVE-2020-3671 (Use-after-free issue could occur due to dangling pointer when generati ...)
 	NOT-FOR-US: Snapdragon
-CVE-2020-3670
-	RESERVED
+CVE-2020-3670 (u'Potential out of bounds read while processing downlink NAS transport ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3669 (u'Buffer Overflow issue in WLAN tcp ip verification due to usage of ou ...)
 	NOT-FOR-US: Qualcomm components for Android
@@ -59345,15 +59326,13 @@ CVE-2020-3659
 	RESERVED
 CVE-2020-3658 (Possible null-pointer dereference can occur while parsing mp4 clip wit ...)
 	NOT-FOR-US: Snapdragon
-CVE-2020-3657
-	RESERVED
+CVE-2020-3657 (u'Remote code execution can happen by sending a carefully crafted POST ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3656 (Out of bound access can happen in MHI command process due to lack of c ...)
 	NOT-FOR-US: Snapdragon
 CVE-2020-3655
 	RESERVED
-CVE-2020-3654
-	RESERVED
+CVE-2020-3654 (u'Buffer overflow occurs while processing SIP message packet due to la ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3653 (Possible buffer over-read in windows wlan driver function due to lack  ...)
 	NOT-FOR-US: Snapdragon
@@ -59385,8 +59364,7 @@ CVE-2020-3640 (u'Resizing the usage table header before passing all the checks l
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3639
 	RESERVED
-CVE-2020-3638
-	RESERVED
+CVE-2020-3638 (u'An Unaligned address or size can propagate to the database due to im ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-3637
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26bfbfa7eb756663570ed240d5544067609be2b0

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/26bfbfa7eb756663570ed240d5544067609be2b0
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20201102/d871fc35/attachment-0001.html>

More information about the debian-security-tracker-commits mailing list