[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Tue Apr 5 14:55:33 BST 2022



Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
01c05f93 by Neil Williams at 2022-04-05T14:55:19+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -51897,7 +51897,7 @@ CVE-2021-35117 (An Out of Bounds read may potentially occur while processing an
 CVE-2021-35116
 	RESERVED
 CVE-2021-35115 (Improper handling of multiple session supported by PVM backend can lea ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2021-35114
 	RESERVED
 CVE-2021-35113
@@ -51907,7 +51907,7 @@ CVE-2021-35112
 CVE-2021-35111
 	RESERVED
 CVE-2021-35110 (Possible buffer overflow to improper validation of hash segment of fil ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2021-35109
 	RESERVED
 CVE-2021-35108
@@ -51915,13 +51915,13 @@ CVE-2021-35108
 CVE-2021-35107
 	RESERVED
 CVE-2021-35106 (Possible out of bound read due to improper length calculation of WMI m ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2021-35105 (Possible out of bounds access due to improper input validation during  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm components for Android
 CVE-2021-35104
 	RESERVED
 CVE-2021-35103 (Possible out of bound write due to improper validation of number of ti ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm QCA-WiFi for Android
 CVE-2021-35102
 	RESERVED
 CVE-2021-35101
@@ -51949,9 +51949,9 @@ CVE-2021-35091
 CVE-2021-35090
 	RESERVED
 CVE-2021-35089 (Possible buffer overflow due to lack of input IB amount validation whi ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2021-35088 (Possible out of bound read due to improper validation of IE length dur ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm QCA-WiFi for Android
 CVE-2021-35087
 	RESERVED
 CVE-2021-35086
@@ -57025,11 +57025,11 @@ CVE-2021-32982 (Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmwar
 CVE-2021-32981 (AVEVA System Platform versions 2017 through 2020 R2 P01 uses external  ...)
 	NOT-FOR-US: AVEVA
 CVE-2021-32980 (Automation Direct CLICK PLC CPU Modules: C0-1x CPUs with firmware prio ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2021-32979 (Null pointer dereference in SuiteLink server while processing commands ...)
 	NOT-FOR-US: Suitelink
 CVE-2021-32978 (The programming protocol allows for a previously entered password and  ...)
-	TODO: check
+	NOT-FOR-US: AutomationDirect
 CVE-2021-32977 (AVEVA System Platform versions 2017 through 2020 R2 P01 does not verif ...)
 	NOT-FOR-US: AVEVA
 CVE-2021-32976 (Five buffer overflows in the built-in web server in Moxa NPort IAW5000 ...)
@@ -64250,7 +64250,7 @@ CVE-2021-30331 (Possible buffer overflow due to improper data validation of exte
 CVE-2021-30330 (Possible null pointer dereference due to improper validation of APE cl ...)
 	NOT-FOR-US: Qualcomm
 CVE-2021-30329 (Possible assertion due to improper validation of TCI configuration in  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2021-30328 (Possible assertion due to improper validation of invalid NR CSI-IM res ...)
 	NOT-FOR-US: Qualcomm
 CVE-2021-30327



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c05f9329f8ca4bb8af382d38a5ef527c27c734

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/01c05f9329f8ca4bb8af382d38a5ef527c27c734
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220405/e68f5958/attachment.htm>


More information about the debian-security-tracker-commits mailing list