Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
e696f687 by Salvatore Bonaccorso at 2021-06-15T21:17:50+02:00
Process several NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -47244,7 +47244,7 @@ CVE-2021-0086 (Improper permissions in the installer
for the Intel(R) Brand Veri
NOTE:
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00546.html
NOTE: Claimed to not affect Xen, Cf.
https://xenbits.xen.org/xsa/advisory-375.html in
NOTE: ("NOTE CONCERNING CVE-2021-0086 / CVE-2021-26314").
- TODO: check
+ NOT-FOR-US: Intel
CVE-2021-0085
RESERVED
CVE-2021-0084
@@ -54946,13 +54946,13 @@ CVE-2020-24511 (Improper isolation of shared
resources in some Intel(R) Processo
CVE-2020-24510
RESERVED
CVE-2020-24509 (Insufficient control flow management in subsystem in Intel(R)
SPS vers ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-24508
RESERVED
CVE-2020-24507 (Improper initialization in a subsystem in the Intel(R) CSME
versions b ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-24506 (Out of bound read in a subsystem in the Intel(R) CSME versions
before ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-24505 (Insufficient input validation in the firmware for the Intel(R)
700-ser ...)
NOT-FOR-US: Intel NIC firmware
CVE-2020-24504 (Uncontrolled resource consumption in some Intel(R) Ethernet
E810 Adapt ...)
@@ -54999,7 +54999,7 @@ CVE-2020-24488
CVE-2020-24487
RESERVED
CVE-2020-24486 (Improper input validation in the firmware for some Intel(R)
Processors ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-24485 (Improper conditions check in the Intel(R) FPGA OPAE Driver for
Linux b ...)
NOT-FOR-US: Intel
CVE-2020-24484
@@ -55021,11 +55021,11 @@ CVE-2020-24477
CVE-2020-24476
RESERVED
CVE-2020-24475 (Improper initialization in the BMC firmware for some Intel(R)
Server B ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-24474 (Buffer overflow in the BMC firmware for some Intel(R) Server
Boards, S ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-24473 (Out of bounds write in the BMC firmware for some Intel(R)
Server Board ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-24472
RESERVED
CVE-2020-24471
@@ -74373,27 +74373,27 @@ CVE-2020-15389 (jp2/opj_decompress.c in OpenJPEG
through 2.3.1 has a use-after-f
CVE-2020-15388
RESERVED
CVE-2020-15387 (The host SSH servers of Brocade Fabric OS before Brocade
Fabric OS v7. ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15386 (Brocade Fabric OS prior to v9.0.1a and 8.2.3a and after v9.0.0
and 8.2 ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15385 (Brocade SANnav before version 2.1.1 allows an authenticated
attacker t ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15384 (Brocade SANNav before version 2.1.1 contains an information
disclosure ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15383 (Running security scans against the SAN switch can cause config
and sec ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15382 (Brocade SANnav before version 2.1.1 uses a hard-coded
administrator ac ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15381 (Brocade SANnav before version 2.1.1 contains an Improper
Authenticatio ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15380 (Brocade SANnav before version 2.1.1 logs account credentials
at the &# ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15379 (Brocade SANnav before v.2.1.0a could allow remote attackers
cause a de ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15378 (The OVA version of Brocade SANnav before version 2.1.1
installation wi ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15377 (Webtools in Brocade SANnav before version 2.1.1 allows
unauthenticated ...)
- TODO: check
+ NOT-FOR-US: Brocade
CVE-2020-15376 (Brocade Fabric OS versions before v9.0.0 and after version
v8.1.0, con ...)
NOT-FOR-US: Brocade Fabric OS
CVE-2020-15375 (Brocade Fabric OS versions before v9.0.0, v8.2.2c, v8.2.1e,
v8.1.2k, v ...)
@@ -82672,13 +82672,13 @@ CVE-2020-12362 (Integer overflow in the firmware for
some Intel(R) Graphics Driv
CVE-2020-12361 (Use after free in some Intel(R) Graphics Drivers before
version 15.33. ...)
NOT-FOR-US: Intel graphics drivers for Windows
CVE-2020-12360 (Out of bounds read in the firmware for some Intel(R)
Processors may al ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12359 (Insufficient control flow management in the firmware for some
Intel(R) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12358 (Out of bounds write in the firmware for some Intel(R)
Processors may a ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12357 (Improper initialization in the firmware for some Intel(R)
Processors m ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12356 (Out-of-bounds read in subsystem in Intel(R) AMT versions
before 11.8.8 ...)
NOT-FOR-US: Intel
CVE-2020-12355 (Authentication bypass by capture-replay in RPMB protocol
message authe ...)
@@ -82831,23 +82831,23 @@ CVE-2020-12298
CVE-2020-12297 (Improper access control in Installer for Intel(R) CSME Driver
for Wind ...)
NOT-FOR-US: Intel
CVE-2020-12296 (Uncontrolled resource consumption in some Intel(R)
Thunderbolt(TM) con ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12295 (Improper input validation in some Intel(R) Thunderbolt(TM)
controllers ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12294 (Insufficient control flow management in some Intel(R)
Thunderbolt(TM) ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12293 (Improper control of a resource through its lifetime in some
Intel(R) T ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12292 (Improper conditions check in some Intel(R) Thunderbolt(TM)
controllers ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12291 (Uncontrolled resource consumption in some Intel(R)
Thunderbolt(TM) con ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12290 (Improper access control in some Intel(R) Thunderbolt(TM)
controllers m ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12289 (Out-of-bounds write in some Intel(R) Thunderbolt(TM)
controllers may a ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12288 (Protection mechanism failure in some Intel(R) Thunderbolt(TM)
controll ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-12287 (Incorrect permissions in the Intel(R) Distribution of
OpenVINO(TM) Too ...)
NOT-FOR-US: Intel
CVE-2019-20791 (OpenThread before 2019-12-13 has a stack-based buffer overflow
in Mesh ...)
@@ -93424,15 +93424,15 @@ CVE-2020-8706 (Buffer overflow in a daemon for some
Intel(R) Server Boards, Serv
CVE-2020-8705 (Insecure default initialization of resource in Intel(R) Boot
Guard in ...)
NOT-FOR-US: Intel
CVE-2020-8704 (Race condition in a subsystem in the Intel(R) LMS versions
before 2039 ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-8703 (Improper buffer restrictions in a subsystem in the Intel(R)
CSME versi ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-8702 (Uncontrolled search path element in the Intel(R) Processor
Diagnostic ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-8701 (Incorrect default permissions in installer for the Intel(R) SSD
Toolbo ...)
NOT-FOR-US: Intel
CVE-2020-8700 (Improper input validation in the firmware for some Intel(R)
Processors ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-8699
RESERVED
CVE-2020-8698 (Improper isolation of shared resources in some Intel(R)
Processors may ...)
@@ -93507,7 +93507,7 @@ CVE-2020-8672 (Out of bound read in BIOS firmware for
8th, 9th Generation Intel(
CVE-2020-8671 (Insufficient control flow management in BIOS firmware 8th, 9th
Generat ...)
NOT-FOR-US: Intel
CVE-2020-8670 (Race condition in the firmware for some Intel(R) Processors may
allow ...)
- TODO: check
+ NOT-FOR-US: Intel
CVE-2020-8669 (Improper input validation in the Intel(R) Data Center Manager
Console ...)
NOT-FOR-US: Intel
CVE-2020-8668
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e696f68787d667762444afde50240352d7ea8ec9
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/e696f68787d667762444afde50240352d7ea8ec9
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
