[Git][security-tracker-team/security-tracker][master] buster/bullseye triage
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Tue Feb 22 20:07:35 GMT 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
084458e5 by Moritz Muehlenhoff at 2022-02-22T21:05:31+01:00
buster/bullseye triage
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -972,6 +972,7 @@ CVE-2022-25255 (In Qt 5.9.x through 5.15.x before 5.15.9 and 6.x before 6.2.4 on
NOTE: https://codereview.qt-project.org/c/qt/qtbase/+/396020
NOTE: https://download.qt.io/official_releases/qt/5.15/qprocess5-15.diff
NOTE: https://download.qt.io/official_releases/qt/6.2/qprocess6-2.diff
+ NOTE: https://www.qt.io/blog/security-advisory-qprocess
CVE-2022-25254
RESERVED
CVE-2022-25253
@@ -93555,6 +93556,8 @@ CVE-2021-0184
RESERVED
CVE-2021-0183 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0182 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
@@ -93565,78 +93568,116 @@ CVE-2021-0180 (Uncontrolled resource consumption in the Intel(R) HAXM software b
NOT-FOR-US: Intel Hardware Accelerated Execution Manager
CVE-2021-0179 (Improper Use of Validation Framework in software for Intel(R) PROSet/W ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0178 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0177 (Improper Validation of Consistency within input in software for Intel( ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0176 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0175 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0174 (Improper Use of Validation Framework in firmware for some Intel(R) PRO ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0173 (Improper Validation of Consistency within input in firmware for some I ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0172 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0171 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0170 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0169 (Uncontrolled Search Path Element in software for Intel(R) PROSet/Wirel ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0168 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0167 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0166 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0165 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0164 (Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0163 (Improper Validation of Consistency within input in software for Intel( ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0162 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0161 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- firmware-nonfree <unfixed>
+ [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
+ [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0160 (Uncontrolled search path in some Intel(R) NUC Pro Chassis Element Aver ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/084458e551e0c1c3f8946aaf81214e85f98c242f
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/084458e551e0c1c3f8946aaf81214e85f98c242f
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220222/b0b93475/attachment.htm>
More information about the debian-security-tracker-commits
mailing list