[Git][security-tracker-team/security-tracker][master] NFUs, one unclear iptables issues
Moritz Muehlenhoff
jmm at debian.org
Mon Sep 21 17:41:31 BST 2020
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
e0fa6481 by Moritz Muehlenhoff at 2020-09-21T18:40:31+02:00
NFUs, one unclear iptables issues
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -64982,51 +64982,51 @@ CVE-2020-0402
RESERVED
NOTE: Duplicate assignment for CVE-2019-19769 (Android security informed)
CVE-2020-0401 (In setInstallerPackageName of PackageManagerService.java, there is a m ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0400
RESERVED
CVE-2020-0399 (In showLimitedSimFunctionWarningNotification of NotificationMgr.java, ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0398
RESERVED
CVE-2020-0397 (In getNotificationBuilder of CarrierServiceStateTracker.java, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0396 (In various places in Telephony, there is a possible permission bypass ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0395 (In showNotification of EmergencyCallbackModeService.java, there is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0394 (In onCreate of BluetoothPairingDialog.java, there is a possible tapjac ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0393 (In decrypt and decrypt_1_2 of CryptoPlugin.cpp, there is a possible ou ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2020-0392 (In getLayerDebugInfo of SurfaceFlinger.cpp, there is a possible code e ...)
- TODO: check
+ NOT-FOR-US: Android Media Framework
CVE-2020-0391 (In applyPolicy of PackageManagerService.java, there is possible arbitr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0390 (In the app zygote SE Policy, there is a possible permissions bypass. T ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0389 (In createSaveNotification of RecordingService.java, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0388 (In createEmergencyLocationUserNotification of GnssVisibilityControl.ja ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0387 (In manifest files of the SmartSpace package, there is a possible tapja ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0386 (In onCreate of RequestPermissionActivity.java, there is a possible tap ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0385 (In Parse_insh of eas_mdls.c, there is a possible out of bounds write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0384 (In Parse_art of eas_mdls.c, there is a possible out of bounds write du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0383 (In Parse_ins of eas_mdls.c, there is a possible out of bounds write du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0382 (In RunInternal of dumpstate.cpp, there is a possible user consent bypa ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0381 (In Parse_wave of eas_mdls.c, there is a possible out of bounds write d ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0380 (In allocExcessBits of bitalloc.c, there is a possible out of bounds wr ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0379 (In the Bluetooth service, there is a possible spoofing attack due to a ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0378
RESERVED
CVE-2020-0377
@@ -65090,7 +65090,7 @@ CVE-2020-0349 (In NFC, there is a possible out of bounds read due to a missing b
CVE-2020-0348 (In NFC, there is a possible out of bounds read due to a missing bounds ...)
NOT-FOR-US: Android
CVE-2020-0347 (In iptables, there is a possible out of bounds write due to an incorre ...)
- TODO: check
+ - iptables <undetermined>
CVE-2020-0346 (In Mediaserver, there is a possible out of bounds write due to an inte ...)
NOT-FOR-US: Android Media Framework
CVE-2020-0345 (In DocumentsUI, there is a possible permission bypass due to a confuse ...)
@@ -65100,7 +65100,7 @@ CVE-2020-0344 (In MediaProvider, there is a possible permissions bypass due to S
CVE-2020-0343 (In NetworkStatsService, there is a possible access to protected data d ...)
NOT-FOR-US: Android
CVE-2020-0342 (There is a possible out of bounds write due to an incorrect bounds che ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0341 (In DisplayManager, there is a possible permission bypass due to a miss ...)
NOT-FOR-US: Android
CVE-2020-0340 (In libcodec2_soft_mp3dec, there is a possible information disclosure d ...)
@@ -65110,7 +65110,7 @@ CVE-2020-0339
CVE-2020-0338 (In AccountManager, there is a possible bypass of a permissions check d ...)
NOT-FOR-US: Android
CVE-2020-0337 (In MediaProvider, there is a possible bypass of a permissions check du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0336 (In SurfaceFlinger, there is possible memory corruption due to type con ...)
NOT-FOR-US: Android Media Framework
CVE-2020-0335 (In NFC, there is a possible out of bounds write due to a missing bound ...)
@@ -65236,7 +65236,7 @@ CVE-2020-0280
CVE-2020-0279 (In the AAC parser, there is a possible out of bounds read due to a mis ...)
NOT-FOR-US: Android Media Framework
CVE-2020-0278 (There is a possible out of bounds write due to an incorrect bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek components for Android
CVE-2020-0277 (In NetworkPolicyManagerService, there is a possible permissions bypass ...)
NOT-FOR-US: Android
CVE-2020-0276 (In Telephony, there is a possible permission bypass due to a missing p ...)
@@ -65302,7 +65302,7 @@ CVE-2020-0247 (In Threshold::getHistogram of ImageProcessHelper.java, there is a
CVE-2020-0246
RESERVED
CVE-2020-0245 (In DecodeFrameCombinedMode of combined_decode.cpp, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android Media framework
CVE-2020-0244
RESERVED
CVE-2020-0243 (In clearPropValue of MediaAnalyticsItem.cpp, there is a possible use-a ...)
@@ -65334,7 +65334,7 @@ CVE-2020-0231 (There is a possible out of bounds write due to an incorrect bound
CVE-2020-0230 (There is a possible out of bounds write due to an incorrect bounds che ...)
NOT-FOR-US: MediaTek components for Android
CVE-2020-0229 (There is a possible out of bounds write due to an incorrect bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek components for Android
CVE-2020-0228 (There is an improper configuration of recorder related service. Produc ...)
NOT-FOR-US: MediaTek components for Android
CVE-2020-0227 (In onCommand of CompanionDeviceManagerService.java, there is a possibl ...)
@@ -65559,7 +65559,7 @@ CVE-2020-0125 (In mediadrm, there is a possible out of bounds read due to a miss
CVE-2020-0124 (In markBootComplete of InstalldNativeService.cpp, there is a possible ...)
NOT-FOR-US: Android
CVE-2020-0123 (There is a possible out of bounds write due to an incorrect bounds che ...)
- TODO: check
+ NOT-FOR-US: MediaTek components for Android
CVE-2020-0122 (In the permission declaration for com.google.android.providers.gsf.per ...)
NOT-FOR-US: Android
CVE-2020-0121 (In updateUidProcState of AppOpsService.java, there is a possible permi ...)
@@ -65667,7 +65667,7 @@ CVE-2020-0076 (In get_auth_result of the FPC IRIS TrustZone app, there is a poss
CVE-2020-0075 (In set_shared_key of the FPC IRIS TrustZone app, there is a possible o ...)
NOT-FOR-US: Android
CVE-2020-0074 (In verifyIntentFiltersIfNeeded of PackageManagerService.java, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2020-0073 (In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible ...)
NOT-FOR-US: Android
CVE-2020-0072 (In rw_t2t_handle_tlv_detect_rsp of rw_t2t_ndef.cc, there is a possible ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0fa648181df845739d772a1b091dc6ad0e8176f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e0fa648181df845739d772a1b091dc6ad0e8176f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200921/0f9f517d/attachment.html>
More information about the debian-security-tracker-commits
mailing list