Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
4b2d372e by Salvatore Bonaccorso at 2020-09-09T10:40:55+02:00
Process some NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -32424,11 +32424,11 @@ CVE-2020-11137
CVE-2020-11136
RESERVED
CVE-2020-11135 (u'Reachable assertion when wrong data size is returned by
parser for a ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-11134
RESERVED
CVE-2020-11133 (u'Possible out of bound array write in rxdco cal utility due
to lack o ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-11132
RESERVED
CVE-2020-11131
@@ -32436,7 +32436,7 @@ CVE-2020-11131
CVE-2020-11130
RESERVED
CVE-2020-11129 (u'During the error occurrence in capture request, the buffer
is freed ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-11128 (u'Possible out of bound access while copying the mask file
content int ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11127
@@ -32446,7 +32446,7 @@ CVE-2020-11126
CVE-2020-11125
RESERVED
CVE-2020-11124 (u'Possible use-after-free while accessing diag client map
table since ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-11123
RESERVED
CVE-2020-11122 (u'Null Pointer exception while playing crafted mkv file as
data stream ...)
@@ -32460,7 +32460,7 @@ CVE-2020-11119
CVE-2020-11118 (u'Information exposure issues while processing IE header due
to improp ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11117 (u'In the lbd service, an external user can issue a specially
crafted d ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-11116 (u'Possible out of bound write while processing association
response re ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-11115 (u'Buffer over read occurs while processing information element
from be ...)
@@ -52042,7 +52042,7 @@ CVE-2020-3704
CVE-2020-3703
RESERVED
CVE-2020-3702 (u'Specifically timed and handcrafted traffic can cause internal
errors ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3701 (Use after free issue while processing error notification from
camx dri ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3700 (Possible out of bounds read due to a missing bounds check and
could le ...)
@@ -52088,7 +52088,7 @@ CVE-2020-3681 (Authenticated and encrypted payload MMEs
can be forged and remote
CVE-2020-3680 (A race condition can occur when using the fastrpc memory
mapping API. ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3679 (u'During execution after Address Space Layout Randomization is
turned ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3678
RESERVED
CVE-2020-3677
@@ -52098,7 +52098,7 @@ CVE-2020-3676 (Possible memory corruption in
perfservice due to improper validat
CVE-2020-3675 (u'Potential integer underflow while parsing Service Info and
IPv6 link ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3674 (u'Information can leak into userspace due to improper transfer
of data ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3673
RESERVED
CVE-2020-3672
@@ -52134,7 +52134,7 @@ CVE-2020-3658 (Possible null-pointer dereference can
occur while parsing mp4 cli
CVE-2020-3657
RESERVED
CVE-2020-3656 (u'Out of bound access can happen in MHI command process due to
lack of ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3655
RESERVED
CVE-2020-3654
@@ -52150,7 +52150,7 @@ CVE-2020-3650
CVE-2020-3649
RESERVED
CVE-2020-3648 (u'Possible out of bound write in DSP driver code due to lack of
check ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3647 (u'Potential buffer overflow when accessing npu debugfs node
"off"/"log ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3646 (u'Buffer overflow seen as the destination buffer size is lesser
than t ...)
@@ -52178,7 +52178,7 @@ CVE-2020-3636 (u'Out of bound writes happen when
accessing usage_table header en
CVE-2020-3635 (Stack based overflow If the maximum number of arguments allowed
per re ...)
NOT-FOR-US: Snapdragon
CVE-2020-3634 (u'Multiple Read overflows issue due to improper length check
while dec ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3633 (Array out of bound may occur while playing mp3 file as no check
is the ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3632
@@ -52188,7 +52188,7 @@ CVE-2020-3631
CVE-2020-3630 (Possibility of out of bound access while processing the
responses from ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3629 (u'Stack out of bound issue occurs when making query to DSP
capabilitie ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3628 (Improper access due to socket opened by the logging application
withou ...)
NOT-FOR-US: Snapdragon
CVE-2020-3627
@@ -52202,17 +52202,17 @@ CVE-2020-3624 (u'A potential buffer overflow exists
due to integer overflow when
CVE-2020-3623 (kernel failure due to load failures while running v1 path
directly via ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3622 (u'Channel name string which has been read from shared memory is
potent ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3621 (u'Lack of check to ensure that the TX read index & RX write
index ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3620 (u'Lack of check of integer overflow while doing a round up
operation f ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3619 (u'Non-secure memory is touched multiple times during
TrustZone\u2019s ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3618 (NULL exception due to accessing bad pointer while posting
events on RT ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3617 (u'Buffer over-read Issue in Q6 testbus framework due to diag
packet le ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2020-3616 (Buffer overflow in display function due to memory copy without
checkin ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2020-3615 (Valid deauth/disassoc frames is dropped in case if RMF is
enabled and ...)
@@ -77066,7 +77066,7 @@ CVE-2019-14119 (u'While processing SMCInvoke
asynchronous message header, messag
CVE-2019-14118
RESERVED
CVE-2019-14117 (u'Whenever the page list is updated via privileged user, the
previous ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2019-14116 (Privilege escalation by using an altered debug policy image
can occur ...)
NOT-FOR-US: Snapdragon
CVE-2019-14115 (u'Information disclosure issue occurs as in current logic as
secure to ...)
@@ -77152,7 +77152,7 @@ CVE-2019-14076 (Buffer overflow occurs while processing
an subsample data length
CVE-2019-14075 (Null pointer dereference issue in radio interface layer due to
lack of ...)
NOT-FOR-US: Qualcomm components for Android
CVE-2019-14074 (u'Heap overflow in diag command handler due to lack of check
of packet ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2019-14073 (Copying RTCP messages into the output buffer without checking
the dest ...)
NOT-FOR-US: Snapdragon
CVE-2019-14072 (Unhandled paging request is observed due to dereferencing an
already f ...)
@@ -77310,13 +77310,13 @@ CVE-2019-13997
CVE-2019-13996
RESERVED
CVE-2019-13995 (u'Lack of integer overflow check for addition of fragment size
and rem ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2019-13994 (u'Lack of check that the current received data fragment size
of a part ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2019-13993
RESERVED
CVE-2019-13992 (u'Out of bound memory access if stack push and pop operation
are perfo ...)
- TODO: check
+ NOT-FOR-US: Snapdragon
CVE-2019-13991 (Embedded systems based on Arduino before Rev3 allow remote
attackers t ...)
NOT-FOR-US: Issue on embedded systems based on Arduino before Rev3
CVE-2019-13990 (initDocumentParser in xml/XMLSchedulingDataProcessor.java in
Terracott ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2d372e61c9cbb638d490597f5a21cba18b7353
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/4b2d372e61c9cbb638d490597f5a21cba18b7353
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
