[Git][security-tracker-team/security-tracker][master] Process some NFUs

Salvatore Bonaccorso (@carnil) carnil at debian.org
Mon Apr 7 21:54:37 BST 2025 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker


Commits:
d9df3a43 by Salvatore Bonaccorso at 2025-04-07T22:53:33+02:00
Process some NFUs

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -124,73 +124,73 @@ CVE-2025-21447 (Memory corruption may occur while processing device IO control c
 CVE-2025-21443 (Memory corruption while processing message content in eAVB.)
 	NOT-FOR-US: Qualcomm
 CVE-2025-21442 (Memory corruption while transmitting packet mapping information with i ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21441 (Memory corruption when IOCTL call is invoked from user-space to write  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21440 (Memory corruption when IOCTL call is invoked from user-space to write  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21439 (Memory corruption may occur while reading board data via IOCTL call wh ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21438 (Memory corruption while IOCTL call is invoked from user-space to read  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21437 (Memory corruption while processing memory map or unmap IOCTL operation ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21436 (Memory corruption may occur while initiating two IOCTL calls simultane ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21435 (Transient DOS may occur while parsing extended IE in beacon.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21434 (Transient DOS may occur while parsing EHT operation IE or EHT capabili ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21431 (Information disclosure may be there when a guest VM is connected.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21430 (Transient DOS while connecting STA to AP and initiating ADD TS request ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21429 (Memory corruption occurs while connecting a STA to an AP and initiatin ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21428 (Memory corruption occurs while connecting a STA to an AP and initiatin ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21425 (Memory corruption may occur due top improper access control in HAB pro ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21423 (Memory corruption occurs when handling client calls to EnableTestMode  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-21421 (Memory corruption while processing escape code in API.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2025-0050 (Improper Restriction of Operations within the Bounds of a Memory Buffe ...)
 	TODO: check
 CVE-2024-49848 (Memory corruption while processing multiple IOCTL calls from HLOS to D ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-46494 (A cross-site scripting (XSS) vulnerability in Typecho v1.2.1 allows at ...)
 	TODO: check
 CVE-2024-45557 (Memory corruption can occur when TME processes addresses from TZ and M ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-45556 (Cryptographic issue may arise because the access control configuration ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-45552 (Information disclosure may occur during a video call if a device reset ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-45551 (Cryptographic issue occurs during PIN/password verification using Gate ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-45549 (Information disclosure while creating MQ channels.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-45544 (Memory corruption while processing IOCTL calls to add route entry in t ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-45543 (Memory corruption while accessing MSM channel map and mixer functions.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-45540 (Memory corruption while invoking IOCTL map buffer request from userspa ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-43067 (Memory corruption occurs during the copying of read data from the EEPR ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-43066 (Memory corruption while handling file descriptor during listener regis ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-43065 (Cryptographic issues while generating an asymmetric key pair for RKP u ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-43058 (Memory corruption while processing IOCTL calls.)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-43046 (There may be information disclosure during memory re-allocation in TZ  ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-38797 (EDK2 contains a vulnerability in the HashPeImageByType(). A user may c ...)
 	TODO: check
 CVE-2024-33058 (Memory corruption while assigning memory from the source DDR memory(HL ...)
-	TODO: check
+	NOT-FOR-US: Qualcomm
 CVE-2024-11859 (DLL Search Order Hijacking vulnerability potentially allowed an attack ...)
 	TODO: check
 CVE-2025-30195 (An attacker can publish a zone containing specific Resource Record Set ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9df3a431725d9890d39dbb54e5943d81af5a343

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d9df3a431725d9890d39dbb54e5943d81af5a343
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250407/21ebf0fc/attachment-0001.htm>

More information about the debian-security-tracker-commits mailing list