[Git][security-tracker-team/security-tracker][master] Process some NFUs
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Jan 26 07:11:45 GMT 2023
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
9dac6589 by Salvatore Bonaccorso at 2023-01-26T08:11:13+01:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -80320,9 +80320,9 @@ CVE-2022-23816
CVE-2022-23815
RESERVED
CVE-2022-23814 (Failure to validate addresses provided by software to BIOS commands ma ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2022-23813 (The software interfaces to ASP and SMU may not enforce the SNP memory ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2022-22146 (Cross-site scripting vulnerability in TransmitMail 2.5.0 to 2.6.1 allo ...)
NOT-FOR-US: TransmitMail
CVE-2022-21193 (Directory traversal vulnerability in TransmitMail 2.5.0 to 2.6.1 allow ...)
@@ -141789,7 +141789,8 @@ CVE-2021-26348 (Failure to flush the Translation Lookaside Buffer (TLB) of the I
CVE-2021-26347 (Failure to validate the integer operand in ASP (AMD Secure Processor) ...)
NOT-FOR-US: AMD
CVE-2021-26346 (Failure to validate the integer operand in ASP (AMD Secure Processor) ...)
- TODO: check
+ NOT-FOR-US: AMD
+ NOTE: https://www.amd.com/en/corporate/product-security/bulletin/amd-sb-1031
CVE-2021-26345
RESERVED
CVE-2021-26344
@@ -141853,7 +141854,7 @@ CVE-2021-26318 (A timing and power-based side channel attack leveraging the x86
CVE-2021-26317 (Failure to verify the protocol in SMM may allow an attacker to control ...)
NOT-FOR-US: AMD
CVE-2021-26316 (Failure to validate the communication buffer and communication service ...)
- TODO: check
+ NOT-FOR-US: AMD
CVE-2021-26315 (When the AMD Platform Security Processor (PSP) boot rom loads, authent ...)
NOT-FOR-US: AMD
CVE-2021-26314 (Potential floating point value injection in all supported CPU products ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dac658974e0557f8663eb26d8829d46bb2c6da3
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/9dac658974e0557f8663eb26d8829d46bb2c6da3
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230126/061cea51/attachment.htm>
More information about the debian-security-tracker-commits
mailing list