[Git][security-tracker-team/security-tracker][master] Process some more NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Dec 5 14:57:55 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
1848f26d by Salvatore Bonaccorso at 2023-12-05T15:57:10+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -180,111 +180,111 @@ CVE-2023-40459 (The ACEManager component of ALEOS 4.16 and earlier does not adeq
CVE-2023-40103 (In multiple locations, there is a possible way to corrupt memory due t ...)
NOT-FOR-US: Android
CVE-2023-40098 (In mOnDone of NotificationConversationInfo.java, there is a possible w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40097 (In hasPermissionForActivity of PackageManagerHelper.java, there is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40096 (In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp, there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40095 (In createDontSendToRestrictedAppsBundle of PendingIntentUtils.java, th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40094 (In keyguardGoingAway of ActivityTaskManagerService.java, there is a po ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40092 (In verifyShortcutInfoPackage of ShortcutService.java, there is a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40091 (In onTransact of IncidentService.cpp, there is a possible out of bound ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40090 (In BTM_BleVerifySignature of btm_ble.cc, there is a possible way to by ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40089 (In getCredentialManagerPolicy of DevicePolicyManagerService.java, ther ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40088 (In callback_thread_event of com_android_bluetooth_btservice_AdapterSer ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40087 (In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40084 (In run of MDnsSdListener.cpp, there is a possible memory corruption du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40083 (In parse_gap_data of utils.cc, there is a possible out of bounds read ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40082 (In modify_for_next_stage of fdt.rs, there is a possible way to render ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40081 (In loadMediaDataInBgForResumption of MediaDataManager.kt, there is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40080 (In multiple functions of btm_ble_gap.cc, there is a possible out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40079 (In injectSendIntentSender of ShortcutService.java, there is a possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40078 (In a2dp_vendor_opus_decoder_decode_packet of a2dp_vendor_opus_decoder. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40077 (In multiple functions of MetaDataBase.cpp, there is a possible UAF wri ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40076 (In createPendingIntent of CredentialManagerUi.java, there is a possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40075 (In forceReplaceShortcutInner of ShortcutPackage.java, there is a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40074 (In saveToXml of PersistableBundle.java, invalid data could lead to loc ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40073 (In visitUris of Notification.java, there is a possible cross-user medi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-39248 (Dell OS10 Networking Switches running 10.5.2.x and above contain an Un ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-37572 (Softing OPC Suite version 5.25 and before has Incorrect Access Control ...)
- TODO: check
+ NOT-FOR-US: Softing OPC Suite
CVE-2023-35690 (There is elevation of privilege.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-35668 (In visitUris of Notification.java, there is a possible way to display ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-33107 (Memory corruption in Graphics Linux while assigning shared virtual mem ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33106 (Memory corruption while submitting a large list of sync points in an A ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33098 (Transient DOS while parsing WPA IES, when it is passed with length mor ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33097 (Transient DOS in WLAN Firmware while processing a FTMR frame.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33092 (Memory corruption while processing pin reply in Bluetooth, when pin co ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33089 (Transient DOS when processing a NULL buffer while parsing WLAN vdev.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33088 (Memory corruption when processing cmd parameters while parsing vdev.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33087 (Memory corruption in Core while processing RX intent request.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33083 (Memory corruption in WLAN Host while processing RRM beacon on the AP.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33082 (Memory corruption while sending an Assoc Request having BTM Query or B ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33081 (Transient DOS while converting TWT (Target Wake Time) frame parameters ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33080 (Transient DOS while parsing a vender specific IE (Information Element) ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33079 (Memory corruption in Audio while running invalid audio recording from ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33071 (Memory corruption in Automotive OS whenever untrusted apps try to acce ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33070 (Transient DOS in Automotive OS due to improper authentication to the s ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33063 (Memory corruption in DSP Services during a remote call from HLOS to DS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33054 (Cryptographic issue in GPS HLOS Driver while downloading Qualcomm GNSS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33053 (Memory corruption in Kernel while parsing metadata.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33044 (Transient DOS in Data modem while handling TLB control messages from t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33043 (Transient DOS in Modem when a Beam switch request is made with a non-c ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33042 (Transient DOS in Modem after RRC Setup message is received.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33041 (Under certain scenarios the WLAN Firmware will reach an assertion due ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33024 (Memory corruption while sending SMS from AP firmware.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33022 (Memory corruption in HLOS while invoking IOCTL calls from user-space.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33018 (Memory corruption while using the UIM diag command to get the operator ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33017 (Memory corruption in Boot while running a ListVars test in UEFI Menu d ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-4503
NOT-FOR-US: Red Hat EAP-Galleon
CVE-2023-6484
@@ -38248,13 +38248,13 @@ CVE-2023-28590
CVE-2023-28589
RESERVED
CVE-2023-28588 (Transient DOS in Bluetooth Host while rfc slot allocation.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28587 (Memory corruption in BT controller while parsing debug commands with s ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28586 (Information disclosure when the trusted application metadata symbol ad ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28585 (Memory corruption while loading an ELF segment in TEE Kernel.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28584 (Transient DOS in WLAN Host when a mobile station receives invalid chan ...)
NOT-FOR-US: Qualcomm
CVE-2023-28583
@@ -38264,9 +38264,9 @@ CVE-2023-28582
CVE-2023-28581 (Memory corruption in WLAN Firmware while parsing receieved GTK Keys in ...)
NOT-FOR-US: Qualcomm
CVE-2023-28580 (Memory corruption in WLAN Host while setting the PMK length in PMK len ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28579 (Memory Corruption in WLAN Host while deserializing the input PMK bytes ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28578
RESERVED
CVE-2023-28577 (In the function call related to CAM_REQ_MGR_RELEASE_BUF there is no ch ...)
@@ -38322,9 +38322,9 @@ CVE-2023-28553 (Information Disclosure in WLAN Host when processing WMI event co
CVE-2023-28552
RESERVED
CVE-2023-28551 (Memory corruption in UTILS when modem processes memory specific Diag c ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28550 (Memory corruption in MPP performance while accessing DSM watermark usi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28549 (Memory corruption in WLAN HAL while parsing Rx buffer in processing TL ...)
NOT-FOR-US: Qualcomm
CVE-2023-28548 (Memory corruption in WLAN HAL while processing Tx/Rx commands from QDA ...)
@@ -38332,7 +38332,7 @@ CVE-2023-28548 (Memory corruption in WLAN HAL while processing Tx/Rx commands fr
CVE-2023-28547
RESERVED
CVE-2023-28546 (Memory Corruption in SPS Application while exporting public key in sor ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28545 (Memory corruption in TZ Secure OS while loading an app ELF.)
NOT-FOR-US: Qualcomm
CVE-2023-28544 (Memory corruption in WLAN while sending transmit command from HLOS to ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1848f26d174f8952292a5fff887d88b969f90ebe
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1848f26d174f8952292a5fff887d88b969f90ebe
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20231205/dced3493/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list