[Git][security-tracker-team/security-tracker][master] NFUs

Moritz Muehlenhoff (@jmm) jmm at debian.org
Mon Mar 4 10:51:27 GMT 2024 


Moritz Muehlenhoff pushed to branch master at Debian Security Tracker / security-tracker


Commits:
c30dda8b by Moritz Muehlenhoff at 2024-03-04T11:50:59+01:00
NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -21,57 +21,57 @@ CVE-2024-21826 (in OpenHarmony v3.2.4 and prior versions allow a local attacker
 CVE-2024-21816 (in OpenHarmony v4.0.0 and prior versions allow a local attacker cause  ...)
 	NOT-FOR-US: OpenHarmony
 CVE-2024-20038 (In pq, there is a possible out of bounds read due to an incorrect boun ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20037 (In pq, there is a possible write-what-where condition due to an incorr ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20036 (In vdec, there is a possible permission bypass due to a permissions by ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20034 (In battery, there is a possible escalation of privilege due to a missi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20033 (In nvram, there is a possible information disclosure due to a missing  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20032 (In aee, there is a possible permission bypass due to a missing permiss ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20031 (In da, there is a possible out of bounds write due to lack of valudati ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20030 (In da, there is a possible information disclosure due to improper inpu ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20029 (In wlan firmware, there is a possible out of bounds write due to impro ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20028 (In da, there is a possible out of bounds write due to lack of valudati ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20027 (In da, there is a possible out of bounds write due to improper input v ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20026 (In da, there is a possible information disclosure due to improper inpu ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20025 (In da, there is a possible out of bounds write due to an integer overf ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20024 (In flashc, there is a possible out of bounds write due to lack of valu ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20023 (In flashc, there is a possible out of bounds write due to lack of valu ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20022 (In lk, there is a possible escalation of privilege due to a missing bo ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20020 (In OPTEE, there is a possible out of bounds write due to an incorrect  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20019 (In wlan driver, there is a possible memory leak due to improper input  ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20018 (In wlan driver, there is a possible out of bounds write due to imprope ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20017 (In wlan service, there is a possible out of bounds write due to improp ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2024-20005 (In da, there is a possible permission bypass due to a missing permissi ...)
-	TODO: check
+	NOT-FOR-US: MediaTek
 CVE-2023-4479 (Stored XSS Vulnerability in M-Files Web versions before 23.8 allows at ...)
-	TODO: check
+	NOT-FOR-US: M-Files Web
 CVE-2023-49602 (in OpenHarmony v3.2.4 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-46708 (in OpenHarmony v3.2.4 and prior versions allow a local attacker arbitr ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2023-25176 (in OpenHarmony v3.2.4 and prior versions allow a local attacker cause  ...)
-	TODO: check
+	NOT-FOR-US: OpenHarmony
 CVE-2019-25210 (An issue was discovered in Cloud Native Computing Foundation (CNCF) He ...)
-	TODO: check
+	- helm-kubernetes <itp> (bug #910799)
 CVE-2024-26622 (In the Linux kernel, the following vulnerability has been resolved:  t ...)
 	- linux <unfixed>
 	NOTE: https://git.kernel.org/linus/2f03fc340cac9ea1dc63cbf8c93dd2eb0f227815 (6.8-rc7)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c30dda8b322d2d70ad80b9389a76ab0759f147ab

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c30dda8b322d2d70ad80b9389a76ab0759f147ab
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240304/0b3ecb6d/attachment.htm>

More information about the debian-security-tracker-commits mailing list