[Git][security-tracker-team/security-tracker][master] Stop tracking Intel firmware issues as unfixed, there's not enough information
Moritz Muehlenhoff (@jmm)
jmm at debian.org
Mon Jun 20 16:26:46 BST 2022
Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker
Commits:
31ae7836 by Moritz Mühlenhoff at 2022-06-20T17:25:39+02:00
Stop tracking Intel firmware issues as unfixed, there's not enough information
available and this is causing too much noise
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -118825,11 +118825,9 @@ CVE-2021-0185
CVE-2021-0184
RESERVED
CVE-2021-0183 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0182 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
NOT-FOR-US: Intel Hardware Accelerated Execution Manager
CVE-2021-0181
@@ -118837,119 +118835,81 @@ CVE-2021-0181
CVE-2021-0180 (Uncontrolled resource consumption in the Intel(R) HAXM software before ...)
NOT-FOR-US: Intel Hardware Accelerated Execution Manager
CVE-2021-0179 (Improper Use of Validation Framework in software for Intel(R) PROSet/W ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0178 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0177 (Improper Validation of Consistency within input in software for Intel( ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0176 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0175 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0174 (Improper Use of Validation Framework in firmware for some Intel(R) PRO ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0173 (Improper Validation of Consistency within input in firmware for some I ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0172 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0171 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0170 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0169 (Uncontrolled Search Path Element in software for Intel(R) PROSet/Wirel ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0168 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0167 (Improper access control in software for Intel(R) PROSet/Wireless Wi-Fi ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0166 (Exposure of Sensitive Information to an Unauthorized Actor in firmware ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0165 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0164 (Improper access control in firmware for Intel(R) PROSet/Wireless Wi-Fi ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0163 (Improper Validation of Consistency within input in software for Intel( ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0162 (Improper input validation in software for Intel(R) PROSet/Wireless Wi- ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0161 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0160 (Uncontrolled search path in some Intel(R) NUC Pro Chassis Element Aver ...)
NOT-FOR-US: Intel
CVE-2021-0159 (Improper input validation in the BIOS authenticated code module for so ...)
@@ -119147,11 +119107,9 @@ CVE-2021-0078 (Improper input validation in software for some Intel(R) PROSet/Wi
CVE-2021-0077 (Insecure inherited permissions in the installer for the Intel(R) VTune ...)
NOT-FOR-US: Intel
CVE-2021-0076 (Improper Validation of Specified Index, Position, or Offset in Input i ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0075 (Out-of-bounds write in firmware for some Intel(R) PROSet/Wireless WiFi ...)
NOT-FOR-US: Intel
CVE-2021-0074 (Improper permissions in the installer for the Intel(R) Computing Impro ...)
@@ -119159,11 +119117,9 @@ CVE-2021-0074 (Improper permissions in the installer for the Intel(R) Computing
CVE-2021-0073 (Insufficient control flow management in Intel(R) DSA before version 20 ...)
NOT-FOR-US: Intel
CVE-2021-0072 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0071 (Improper input validation in firmware for some Intel(R) PROSet/Wireles ...)
NOT-FOR-US: Intel
CVE-2021-0070 (Improper input validation in the BMC firmware for Intel(R) Server Boar ...)
@@ -119175,11 +119131,9 @@ CVE-2021-0068
CVE-2021-0067 ( Improper access control in system firmware for some Intel(R) ...)
NOT-FOR-US: Intel
CVE-2021-0066 (Improper input validation in firmware for Intel(R) PROSet/Wireless Wi- ...)
- - firmware-nonfree <unfixed>
- [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
- [buster] - firmware-nonfree <no-dsa> (Non-free not supported)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00539.html
- TODO: check, research in kernel-team; unclear in which firmware version fixed for firmware-nonfree
CVE-2021-0065 (Incorrect default permissions in the Intel(R) PROSet/Wireless WiFi sof ...)
NOT-FOR-US: Intel
CVE-2021-0064 (Insecure inherited permissions in the Intel(R) PROSet/Wireless WiFi so ...)
@@ -155488,27 +155442,21 @@ CVE-2020-12323 (Improper input validation in the Intel(R) ADAS IE before version
CVE-2020-12322 (Improper input validation in some Intel(R) Wireless Bluetooth(R) produ ...)
NOT-FOR-US: Intel (Wireless Bluetooth products, but only affecting Windows)
CVE-2020-12321 (Improper buffer restriction in some Intel(R) Wireless Bluetooth(R) pro ...)
- - firmware-nonfree <undetermined>
- [buster] - firmware-nonfree <no-dsa> (non-free not supported)
- [stretch] - firmware-nonfree <no-dsa> (Minor issue, can be considered if some other major issue appear)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00403.html
- NOTE: See notes for CVE-2020-12313
CVE-2020-12320 (Uncontrolled search path in Intel(R) SCS Add-on for Microsoft* SCCM be ...)
NOT-FOR-US: Intel
CVE-2020-12319 (Insufficient control flow management in some Intel(R) PROSet/Wireless ...)
- - firmware-nonfree <undetermined>
- [buster] - firmware-nonfree <no-dsa> (non-free not supported)
- [stretch] - firmware-nonfree <no-dsa> (Minor issue, can be considered if some other major issue appear)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
- NOTE: See notes for CVE-2020-12313
CVE-2020-12318 (Protection mechanism failure in some Intel(R) PROSet/Wireless WiFi pro ...)
NOT-FOR-US: Intel PROSet/Wireless WiFi products (not applicable to Linux)
CVE-2020-12317 (Improper buffer restriction in some Intel(R) PROSet/Wireless WiFi prod ...)
- - firmware-nonfree <undetermined>
- [buster] - firmware-nonfree <no-dsa> (non-free not supported)
- [stretch] - firmware-nonfree <no-dsa> (Minor Issue, May be considered if some major issue appear)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
- NOTE: See notes for CVE-2020-12313
CVE-2020-12316 (Insufficiently protected credentials in the Intel(R) EMA before versio ...)
NOT-FOR-US: Intel
CVE-2020-12315 (Path traversal in the Intel(R) EMA before version 1.3.3 may allow an u ...)
@@ -155516,9 +155464,8 @@ CVE-2020-12315 (Path traversal in the Intel(R) EMA before version 1.3.3 may allo
CVE-2020-12314 (Improper input validation in some Intel(R) PROSet/Wireless WiFi produc ...)
NOT-FOR-US: Intel PROSet/Wireless WiFi products (not applicable to Linux)
CVE-2020-12313 (Insufficient control flow management in some Intel(R) PROSet/Wireless ...)
- - firmware-nonfree <undetermined>
- [buster] - firmware-nonfree <no-dsa> (non-free not supported)
- [stretch] - firmware-nonfree <no-dsa> (Minor Issue, May be considered if some major issue appear)
+ NOTE: Intel firmware, there is no conclusive information if the blobs shipped in
+ NOTE: firmware-nonfree are affected. If they are, they would get fixed via release updates
NOTE: https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00402.html
NOTE: Fixed firmware blobs:
NOTE: ibt-18-16-1.sfi: FW Build: REL17064 Release Version: 22.20.0.3
@@ -155526,8 +155473,6 @@ CVE-2020-12313 (Insufficient control flow management in some Intel(R) PROSet/Wir
NOTE: Not shipped in Debian: Wi-Fi 6 AX200, Wireless-AC 9560, Wireless-AC 9462, Wireless-AC 9461, Dual Band Wireless-AC 3165
NOTE: Intel seems to have missed the update for ibt-12-16.sfi, last update from May 2019
NOTE: Intel seems to have missed the update for ibt-11-5.sfi, last update from Jan 2019
- NOTE: There's no conclusive information which allows to track these, until something
- NOTE: gets confirmed by Intel, track as <undetermined>
CVE-2020-12312 (Improper buffer restrictions in the Intel(R) Stratix(R) 10 FPGA firmwa ...)
NOT-FOR-US: Intel
CVE-2020-12311 (Insufficient control flow managementin firmware in some Intel(R) Clien ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31ae7836c447de7b46491ab5053e38f63940f7c8
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/31ae7836c447de7b46491ab5053e38f63940f7c8
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20220620/a2bfb758/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list