[Git][security-tracker-team/security-tracker][master] Process some NFUs

Neil Williams (@codehelp) codehelp at debian.org
Thu Aug 11 08:40:21 BST 2022 


Neil Williams pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c7fcae9e by Neil Williams at 2022-08-11T08:39:50+01:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1739,7 +1739,7 @@ CVE-2022-2635
 CVE-2022-37393
 	RESERVED
 CVE-2022-2634 (An attacker may be able to execute malicious actions due to the lack o ...)
-	TODO: check
+	NOT-FOR-US: Digi ConnectPort X2D
 CVE-2022-37392
 	RESERVED
 CVE-2022-37391
@@ -59793,11 +59793,11 @@ CVE-2022-20348 (In updateState of LocationServicesWifiScanningPreferenceControll
 CVE-2022-20347 (In onAttach of ConnectedDeviceDashboardFragment.java, there is a possi ...)
 	TODO: check
 CVE-2022-20346 (In updateAudioTrackInfoFromESDS_MPEG4Audio of MPEG4Extractor.cpp, ther ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2022-20345 (In l2cble_process_sig_cmd of l2c_ble.cc, there is a possible out of bo ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2022-20344 (In stealReceiveChannel of EventThread.cpp, there is a possible way to  ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2022-20343
 	RESERVED
 CVE-2022-20342
@@ -60007,7 +60007,7 @@ CVE-2022-20241
 CVE-2022-20240
 	RESERVED
 CVE-2022-20239 ('remap_pfn_range' here may map out of size kernel memory (for example, ...)
-	TODO: check
+	NOT-FOR-US: Unisoc
 CVE-2022-20238 ('remap_pfn_range' here may map out of size kernel memory (for example, ...)
 	NOT-FOR-US: Unisoc
 CVE-2022-20237
@@ -66872,7 +66872,7 @@ CVE-2021-40042 (There is a release of invalid pointer vulnerability in some Huaw
 CVE-2021-40041 (There is a Cross-Site Scripting(XSS) vulnerability in HUAWEI WS318n pr ...)
 	NOT-FOR-US: Huawei
 CVE-2021-40040 (Vulnerability of writing data to an arbitrary address in the HW_KEYMAS ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-40039 (There is a Null pointer dereference vulnerability in the camera module ...)
 	NOT-FOR-US: Huawei
 CVE-2021-40038 (There is a Double free vulnerability in the AOD module in smartphones. ...)
@@ -66884,7 +66884,7 @@ CVE-2021-40036 (The bone voice ID TA has a memory overwrite vulnerability. Succe
 CVE-2021-40035 (There is a Buffer overflow vulnerability due to a boundary error with  ...)
 	NOT-FOR-US: Huawei
 CVE-2021-40034 (The video framework has the memory overwriting vulnerability caused by ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-40033 (There is an information exposure vulnerability on several Huawei Produ ...)
 	NOT-FOR-US: Huawei
 CVE-2021-40032 (The bone voice ID TA has a vulnerability in information management,Suc ...)
@@ -66892,7 +66892,7 @@ CVE-2021-40032 (The bone voice ID TA has a vulnerability in information manageme
 CVE-2021-40031 (There is a Null pointer dereference vulnerability in the camera module ...)
 	NOT-FOR-US: Huawei
 CVE-2021-40030 (The My HUAWEI app has a defect in the design. Successful exploitation  ...)
-	TODO: check
+	NOT-FOR-US: Huawei
 CVE-2021-40029 (There is a Buffer overflow vulnerability due to a boundary error with  ...)
 	NOT-FOR-US: Huawei
 CVE-2021-40028 (The eID module has an out-of-bounds memory write vulnerability,Success ...)
@@ -67628,7 +67628,7 @@ CVE-2021-39698 (In aio_poll_complete_work of aio.c, there is a possible memory c
 CVE-2021-39697 (In checkFileUriDestination of DownloadProvider.java, there is a possib ...)
 	NOT-FOR-US: Android
 CVE-2021-39696 (In Task.java, there is a possible escalation of privilege due to a con ...)
-	TODO: check
+	NOT-FOR-US: Android
 CVE-2021-39695 (In createOrUpdate of BasePermission.java, there is a possible permissi ...)
 	NOT-FOR-US: Android
 CVE-2021-39694 (In parse of RoleParser.java, there is a possible way for default apps  ...)
@@ -82595,13 +82595,13 @@ CVE-2021-33648 (When performing the inference shape operation of Affine, Concat,
 CVE-2021-33647 (When performing the inference shape operation of the Tile operator, if ...)
 	NOT-FOR-US: Mindspore deep learning
 CVE-2021-33646 (The th_read() function doesn’t free a variable t->th_buf.gnu_ ...)
-	TODO: check
+	NOT-FOR-US: Huawei OpenEuler OS
 CVE-2021-33645 (The th_read() function doesn’t free a variable t->th_buf.gnu_ ...)
-	TODO: check
+	NOT-FOR-US: Huawei OpenEuler OS
 CVE-2021-33644 (An attacker who submits a crafted tar file with size in header struct  ...)
-	TODO: check
+	NOT-FOR-US: Huawei OpenEuler OS
 CVE-2021-33643 (An attacker who submits a crafted tar file with size in header struct  ...)
-	TODO: check
+	NOT-FOR-US: Huawei OpenEuler OS
 CVE-2021-33642
 	RESERVED
 CVE-2021-33641



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7fcae9e0822e0d01e9cc18f32eb926c2ad53ec6

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c7fcae9e0822e0d01e9cc18f32eb926c2ad53ec6
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220811/9fdca4c0/attachment.htm>

More information about the debian-security-tracker-commits mailing list