[Git][security-tracker-team/security-tracker][master] new nvidia issues

[Moritz Muehlenhoff]

Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ae228528 by Moritz Mühlenhoff at 2021-01-10T00:22:49+01:00
new nvidia issues
bullseye triage

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -15556,17 +15556,24 @@ CVE-2021-1058 (NVIDIA vGPU software contains a vulnerability in the guest kernel
 CVE-2021-1057 (NVIDIA Virtual GPU Manager NVIDIA vGPU manager contains a vulnerabilit ...)
 	NOT-FOR-US: NVIDIA Virtual GPU Manager NVIDIA vGPU manager
 CVE-2021-1056 (NVIDIA GPU Display Driver for Linux, all versions, contains a vulnerab ...)
-	TODO: check
+	- nvidia-graphics-drivers <unfixed> (bug #979670)
+	- nvidia-graphics-drivers-legacy-340xx <unfixed>
+	- nvidia-graphics-drivers-legacy-390xx <unfixed>
+	- nvidia-graphics-drivers-tesla-418 <unfixed>
+	- nvidia-graphics-drivers-tesla-440 <unfixed>
+	- nvidia-graphics-drivers-tesla-450 <unfixed>
 CVE-2021-1055 (NVIDIA GPU Display Driver for Windows, all versions, contains a vulner ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA Windows drivers
 CVE-2021-1054 (NVIDIA GPU Display Driver for Windows, all versions, contains a vulner ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA Windows drivers
 CVE-2021-1053 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...)
-	TODO: check
+	- nvidia-graphics-drivers <unfixed> (bug #979670)
+	- nvidia-graphics-drivers-tesla-450 <unfixed>
 CVE-2021-1052 (NVIDIA GPU Display Driver for Windows and Linux, all versions, contain ...)
-	TODO: check
+	- nvidia-graphics-drivers <unfixed> (bug #979670)
+	- nvidia-graphics-drivers-tesla-450 <unfixed>
 CVE-2021-1051 (NVIDIA GPU Display Driver for Windows, all versions, contains a vulner ...)
-	TODO: check
+	NOT-FOR-US: NVIDIA Windows drivers
 CVE-2020-28576 (An improper access control information disclosure vulnerability in Tre ...)
 	NOT-FOR-US: Trend Micro
 CVE-2020-28575 (A heap-based buffer overflow privilege escalation vulnerability in Tre ...)
@@ -36958,6 +36965,7 @@ CVE-2020-19669
 	RESERVED
 CVE-2020-19668 (Unverified indexs into the array lead to out of bound access in the gi ...)
 	- libsixel <unfixed>
+	[bullseye] - libsixel <no-dsa> (Minor issue)
 	[buster] - libsixel <no-dsa> (Minor issue)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	NOTE: https://github.com/saitoha/libsixel/issues/136
@@ -57162,6 +57170,7 @@ CVE-2020-11722 (Dungeon Crawl Stone Soup (aka DCSS or crawl) before 0.25 allows
 	NOTE: https://github.com/crawl/crawl/commit/fc522ff6eb1bbb85e3de60c60a45762571e48c28
 CVE-2020-11721 (load_png in loader.c in libsixel.a in libsixel 1.8.6 has an uninitiali ...)
 	- libsixel <unfixed> (low; bug #972641)
+	[bullseye] - libsixel <no-dsa> (Minor issue)
 	[buster] - libsixel <no-dsa> (Minor issue)
 	[stretch] - libsixel <no-dsa> (Minor issue)
 	[jessie] - libsixel <no-dsa> (Minor issue)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae22852897d947b3dfb997f41e2358a1d64adc71

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ae22852897d947b3dfb997f41e2358a1d64adc71
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20210109/98f83a78/attachment.html>