[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff jmm at debian.org
Mon Apr 12 12:36:27 BST 2021 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
87ecdf59 by Moritz Muehlenhoff at 2021-04-12T13:36:06+02:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -75472,9 +75472,9 @@ CVE-2020-11254
 CVE-2020-11253 (Arbitrary memory write issue in video driver while setting the interna ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11252 (Trustzone initialization code will disable xPU`s when memory dumps are ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11251 (Out-of-bounds read vulnerability while accessing DTMF payload due to l ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11250
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
@@ -75483,17 +75483,17 @@ CVE-2020-11249
 CVE-2020-11248
 	RESERVED
 CVE-2020-11247 (Out of bound memory read while unpacking data due to lack of offset le ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11246 (A double free condition can occur when the device moves to suspend mod ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11245 (Unintended reads and writes by NS EL2 in access control driver due to  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11244
 	RESERVED
 CVE-2020-11243 (RRC sends a connection establishment success to NAS even though connec ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11242 (User could gain access to secure memory due to incorrect argument into ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11241
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
@@ -75507,21 +75507,21 @@ CVE-2020-11238
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11237 (Memory crash when accessing histogram type KPI input received due to l ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11236 (Memory corruption due to invalid value of total dimension in the non-h ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11235
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11234 (When sending a socket event message to a user application, invalid inf ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11233
 	RESERVED
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11232
 	RESERVED
 CVE-2020-11231 (Two threads call one or both functions concurrently leading to corrupt ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11230 (Potential arbitrary memory corruption when the qseecom driver updates  ...)
 	NOT-FOR-US: Snapdragon
 CVE-2020-11229
@@ -75563,7 +75563,7 @@ CVE-2020-11212 (Out of bounds reads while parsing NAN beacons attributes and OUI
 CVE-2020-11211
 	RESERVED
 CVE-2020-11210 (Possible memory corruption in RPM region due to improper XPU configura ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11209 (u'Improper authorization in DSP process could allow unauthorized users ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11208 (u'Out of Bound issue in DSP services while processing received argumen ...)
@@ -75601,7 +75601,7 @@ CVE-2020-11193 (u'Buffer over read can happen while parsing mkv clip due to impr
 CVE-2020-11192 (Out of bound write while parsing SDP string due to missing check on nu ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11191 (Out of bound read occurs while processing crafted SDP due to lack of c ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11190 (Buffer over-read can happen while parsing received SDP values due to l ...)
 	NOT-FOR-US: Qualcomm components for Android
 CVE-2020-11189 (Buffer over-read can happen while parsing received SDP values due to l ...)
@@ -87635,7 +87635,7 @@ CVE-2020-6592
 CVE-2020-6591
 	RESERVED
 CVE-2020-6590 (Forcepoint Web Security Content Gateway versions prior to 8.5.4 improp ...)
-	TODO: check
+	NOT-FOR-US: Forcepoint Web Security Content Gateway
 CVE-2020-6589
 	RESERVED
 CVE-2020-6588
@@ -365487,9 +365487,9 @@ CVE-2013-1057 (Untrusted search path vulnerability in maas-import-pxe-files in M
 CVE-2013-1056 (X.org X server 1.13.3 and earlier, when not run as root, allows local  ...)
 	- xorg-server <not-affected> (Ubuntu-specific patch, see http://people.canonical.com/~ubuntu-security/cve/2013/CVE-2013-1056.html)
 CVE-2013-1055 (The unity-firefox-extension package could be tricked into dropping a C ...)
-	TODO: check
+	NOT-FOR-US: unity-firefox-extension
 CVE-2013-1054 (The unity-firefox-extension package could be tricked into destroying t ...)
-	TODO: check
+	NOT-FOR-US: unity-firefox-extension
 CVE-2013-1053 (In crypt.c of remote-login-service, the cryptographic algorithm used t ...)
 	NOT-FOR-US: remote-login-service Ubuntu package
 CVE-2013-1052 (pam-xdg-support, as used in Ubuntu 12.10, does not properly handle the ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87ecdf594d7a85b38cd5f94a878236203d4e2cdd

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/87ecdf594d7a85b38cd5f94a878236203d4e2cdd
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210412/83ffb38a/attachment.htm>

More information about the debian-security-tracker-commits mailing list