[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Apr 14 11:01:42 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
02fe78dc by Neil Williams at 2022-04-14T11:01:21+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -35709,45 +35709,45 @@ CVE-2022-20083
 CVE-2022-20082
 	RESERVED
 CVE-2022-20081 (In A-GPS, there is a possible man in the middle attack due to improper ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20080 (In SUB2AF, there is a possible memory corruption due to a race conditi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20079 (In vow, there is a possible read of uninitialized data due to a improp ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20078 (In vow, there is a possible memory corruption due to a race condition. ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20077 (In vow, there is a possible memory corruption due to a race condition. ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20076 (In ged, there is a possible memory corruption due to an incorrect erro ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20075 (In ged, there is a possible out of bounds write due to an integer over ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20074 (In preloader (partition), there is a possible out of bounds write due  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20073 (In preloader (usb), there is a possible out of bounds write due to a i ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20072 (In search engine service, there is a possible way to change the defaul ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20071 (In ccu, there is a possible escalation of privilege due to a missing c ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20070 (In ssmr, there is a possible out of bounds write due to a missing boun ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20069 (In preloader (usb), there is a possible out of bounds write due to an  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20068 (In mobile_log_d, there is a possible symbolic link following due to an ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20067 (In mdp, there is a possible out of bounds write due to a missing bound ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20066 (In atf (hwfde), there is a possible leak of sensitive information due  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20065 (In ccci, there is a possible out of bounds read due to a missing bound ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20064 (In ccci, there is a possible leak of kernel pointer due to an incorrec ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20063 (In atf (spm), there is a possible out of bounds write due to a missing ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20062 (In mdp, there is a possible memory corruption due to a use after free. ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20061
 	RESERVED
 CVE-2022-20060 (In preloader (usb), there is a possible permission bypass due to a mis ...)
@@ -35767,7 +35767,7 @@ CVE-2022-20054 (In ims service, there is a possible AT command injection due to
 CVE-2022-20053 (In ims service, there is a possible escalation of privilege due to a m ...)
 	NOT-FOR-US: Mediatek
 CVE-2022-20052 (In mdp, there is a possible memory corruption due to a use after free. ...)
-	TODO: check
+	NOT-FOR-US: MediaTek driver for Android
 CVE-2022-20051 (In ims service, there is a possible unexpected application behavior du ...)
 	NOT-FOR-US: Mediatek
 CVE-2022-20050 (In connsyslogger, there is a possible symbolic link following due to i ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02fe78dc564f14c3ed6fc69b00383c73049e1812

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/02fe78dc564f14c3ed6fc69b00383c73049e1812
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220414/7cac7b3f/attachment.htm>

More information about the debian-security-tracker-commits mailing list