[Git][security-tracker-team/security-tracker][master] Process more NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Aug 5 21:39:09 BST 2024 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
8fffdc7b by Salvatore Bonaccorso at 2024-08-05T22:37:24+02:00
Process more NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -37,75 +37,75 @@ CVE-2024-40498 (SQL Injection vulnerability in PuneethReddyHC Online Shopping sy
 CVE-2024-40096 (The com.cascadialabs.who (aka Who - Caller ID, Spam Block) application ...)
 	NOT-FOR-US: com.cascadialabs.who (aka Who - Caller ID, Spam Block) application
 CVE-2024-33034 (Memory corruption can occur if VBOs hold outdated or invalid GPU SMMU  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33028 (Memory corruption as fence object may still be accessed in timeline de ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33027 (Memory corruption can occur when arbitrary user-space app gains kernel ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33026 (Transient DOS while parsing probe response and assoc response frame wh ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33025 (Transient DOS while parsing the BSS parameter change count or MLD capa ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33024 (Transient DOS while parsing the ML IE when a beacon with length field  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33023 (Memory corruption while creating a fence to wait on timeline events, a ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33022 (Memory corruption while allocating memory in HGSL driver.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33021 (Memory corruption while processing IOCTL call to set metainfo.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33020 (Transient DOS while processing TID-to-link mapping IE elements.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33019 (Transient DOS while parsing the received TID-to-link mapping action fr ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33018 (Transient DOS while parsing the received TID-to-link mapping element o ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33015 (Transient DOS while parsing SCAN RNR IE when bytes received from AP is ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33014 (Transient DOS while parsing ESP IE from beacon/probe response frame.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33013 (Transient DOS when driver accesses the ML IE memory and offset value i ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33012 (Transient DOS while parsing the multiple MBSSID IEs from the beacon, w ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33011 (Transient DOS while parsing the MBSSID IE from the beacons, when the M ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-33010 (Transient DOS while parsing fragments of MBSSID IE from beacon frame.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-2937 (Use After Free vulnerability in Arm Ltd Bifrost GPU Kernel Driver, Arm ...)
 	TODO: check
 CVE-2024-23384 (Memory corruption when the mapped pages in VBO are still mapped after  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23383 (Memory corruption when kernel driver attempts to trigger hardware fenc ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23382 (Memory corruption while processing graphics kernel driver request to c ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23381 (Memory corruption when memory mapped in a VBO is not unmapped by the G ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23357 (Transient DOS while importing a PKCS#8-encoded RSA key with zero bytes ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23356 (Memory corruption during session sign renewal request calls in HLOS.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23355 (Memory corruption when keymaster operation imports a shared key.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23353 (Transient DOS while decoding attach reject message received by UE, whe ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23352 (Transient DOS when NAS receives ODAC criteria of length 1 and type 1 i ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-23350 (Permanent DOS when DL NAS transport receives multiple payloads such th ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-21980 (Improper restriction of write operations in SNP firmware could allow a ...)
 	TODO: check
 CVE-2024-21978 (Improper input validation in SEV-SNP could allow a malicious hyperviso ...)
 	TODO: check
 CVE-2024-21481 (Memory corruption when preparing a shared memory notification for a me ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-21479 (Transient DOS during music playback of ALAC content.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-21467 (Information disclosure while handling beacon probe frame during scan e ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-21459 (Information disclosure while handling beacon or probe response frame i ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2023-31355 (Improper restriction of write operations in SNP firmware could allow a ...)
 	TODO: check
 CVE-2024-7383 (A flaw was found in libnbd. The client did not always correctly verify ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fffdc7be1880456c21cb662b22eac967f8eb99c

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/8fffdc7be1880456c21cb662b22eac967f8eb99c
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240805/44651070/attachment.htm>

More information about the debian-security-tracker-commits mailing list