[Git][security-tracker-team/security-tracker][master] Track for now several of the INTEL-SA-00539 issues for firmware-nonfree
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Sun Feb 20 19:54:25 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
75b99c86 by Salvatore Bonaccorso at 2022-02-20T20:53:03+01:00
Track for now several of the INTEL-SA-00539 issues for firmware-nonfree
Detail for now remain unclear but for INTEL-SA-00539 the advisory
explicitly refers to firwmare present in the firmware-nonfree
source. Details on which upstream version fixes it remain unclear.
Link: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -92849,7 +92849,9 @@ CVE-2021-0185
CVE-2021-0184
RESERVED
CVE-2021-0183 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0182 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
NOT-FOR-US: Intel Hardware Accelerated Execution Manager
CVE-2021-0181
@@ -92857,43 +92859,79 @@ CVE-2021-0181
CVE-2021-0180 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
NOT-FOR-US: Intel Hardware Accelerated Execution Manager
CVE-2021-0179 (Improper Use of Validation Framework in software for Intel(R) PROSet/W ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0178 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0177 (Improper Validation of Consistency within input in software for Intel( ...)
TODO: check
CVE-2021-0176 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0175 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0174 (Improper Use of Validation Framework in firmware for some Intel(R) PRO ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0173 (Improper Validation of Consistency within input in firmware for some I ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0172 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0171 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0170 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0169 (Uncontrolled Search Path Element in software for Intel(R) PROSet/Wirel ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0168 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0167 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0166 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0165 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0164 (Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0163 (Improper Validation of Consistency within input in software for Intel( ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0162 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0161 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0160 (Uncontrolled search path in some Intel(R) NUC Pro Chassis Element Aver ...)
NOT-FOR-US: Intel
CVE-2021-0159
@@ -93088,7 +93126,9 @@ CVE-2021-0078 (Improper input validation in software for some Intel(R) PROSet/Wi
CVE-2021-0077 (Insecure inherited permissions in the installer for the Intel(R) VTune ...)
NOT-FOR-US: Intel
CVE-2021-0076 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0075 (Out-of-bounds write in firmware for some Intel(R) PROSet/Wireless WiFi ...)
NOT-FOR-US: Intel
CVE-2021-0074 (Improper permissions in the installer for the Intel(R) Computing Impro ...)
@@ -93096,7 +93136,9 @@ CVE-2021-0074 (Improper permissions in the installer for the Intel(R) Computing
CVE-2021-0073 (Insufficient control flow management in Intel(R) DSA before version 20 ...)
NOT-FOR-US: Intel
CVE-2021-0072 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0071 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
NOT-FOR-US: Intel
CVE-2021-0070 (Improper input validation in the BMC firmware for Intel(R) Server Boar ...)
@@ -93108,7 +93150,9 @@ CVE-2021-0068
CVE-2021-0067 ( Improper access control in system firmware for some Intel(R) ...)
NOT-FOR-US: Intel
CVE-2021-0066 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- TODO: check
+ - firmware-nonfree <unfixed>
+ NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
+ TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0065 (Incorrect default permissions in the Intel(R) PROSet/Wireless WiFi sof ...)
NOT-FOR-US: Intel
CVE-2021-0064 (Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi so ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75b99c86107e4fa2ed7fe3726f27704790765eec
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/75b99c86107e4fa2ed7fe3726f27704790765eec
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220220/803c5aa6/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list