[Secure-testing-commits] r48226 - data/CVE

Moritz Muehlenhoff Fri, 20 Jan 2017 07:10:12 -0800

Author: jmm
Date: 2017-01-20 15:09:44 +0000 (Fri, 20 Jan 2017)
New Revision: 48226


Modified:
   data/CVE/list
Log:
android NFUs, mark some issues potentially kernel-generic as undetermined


Modified: data/CVE/list
===================================================================
--- data/CVE/list       2017-01-20 14:34:44 UTC (rev 48225)
+++ data/CVE/list       2017-01-20 15:09:44 UTC (rev 48226)
@@ -12085,9 +12085,9 @@
 CVE-2017-0405
        RESERVED
 CVE-2017-0404 (An elevation of privilege vulnerability in the kernel sound 
subsystem ...)
-       TODO: check
+       - linux <undetermined>
 CVE-2017-0403 (An elevation of privilege vulnerability in the kernel 
performance ...)
-       TODO: check
+       - linux <undetermined>
 CVE-2017-0402 (An information disclosure vulnerability in ...)
        TODO: check
 CVE-2017-0401 (An information disclosure vulnerability in ...)
@@ -16589,11 +16589,11 @@
 CVE-2016-8467 (An elevation of privilege vulnerability in the bootloader could 
enable ...)
        TODO: check
 CVE-2016-8466 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8465 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8464 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8463 (A denial of service vulnerability in the Qualcomm FUSE file 
system ...)
        TODO: check
 CVE-2016-8462 (An information disclosure vulnerability in the bootloader could 
enable ...)
@@ -16601,83 +16601,83 @@
 CVE-2016-8461 (An information disclosure vulnerability in the bootloader could 
enable ...)
        TODO: check
 CVE-2016-8460 (An information disclosure vulnerability in the NVIDIA video 
driver ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8459 (Possible buffer overflow in storage subsystem. Bad parameters 
as part ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8458 (An elevation of privilege vulnerability in the Synaptics 
touchscreen ...)
-       TODO: check
+       - linux <undetermined>
 CVE-2016-8457 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8456 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8455 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8454 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8453 (An elevation of privilege vulnerability in the Broadcom Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Broadcom Wi-Fi driver for Android
 CVE-2016-8452 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8451 (An elevation of privilege vulnerability in the Synaptics 
touchscreen ...)
-       TODO: check
+       - linux <undetermined>
 CVE-2016-8450 (An elevation of privilege vulnerability in the Qualcomm sound 
driver ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8449 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8448 (An elevation of privilege vulnerability in MediaTek components, 
...)
-       TODO: check
+       NOT-FOR-US: MediaTek component for Android
 CVE-2016-8447 (An elevation of privilege vulnerability in MediaTek components, 
...)
-       TODO: check
+       NOT-FOR-US: MediaTek component for Android
 CVE-2016-8446 (An elevation of privilege vulnerability in MediaTek components, 
...)
-       TODO: check
+       NOT-FOR-US: MediaTek component for Android
 CVE-2016-8445 (An elevation of privilege vulnerability in MediaTek components, 
...)
-       TODO: check
+       NOT-FOR-US: MediaTek component for Android
 CVE-2016-8444 (An elevation of privilege vulnerability in the Qualcomm camera 
could ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8443 (Possible unauthorized memory access in the hypervisor. 
Incorrect ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8442 (Possible unauthorized memory access in the hypervisor. Lack of 
input ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8441 (Possible buffer overflow in the hypervisor. Inappropriate usage 
of a ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8440 (Possible buffer overflow in SMMU system call. Improper input 
...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8439 (Possible buffer overflow in trust zone access control API. 
Buffer ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8438 (Integer overflow leading to a TOCTOU condition in hypervisor 
PIL. An ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8437 (Improper input validation in Access Control APIs. Access 
control API ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8436 (An elevation of privilege vulnerability in the Qualcomm video 
driver ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8435 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8434 (An elevation of privilege vulnerability in the Qualcomm GPU 
driver ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8433 (An elevation of privilege vulnerability in the MediaTek driver 
could ...)
-       TODO: check
+       NOT-FOR-US: MediaTek driver for Android
 CVE-2016-8432 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8431 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8430 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8429 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8428 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8427 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8426 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8425 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8424 (An elevation of privilege vulnerability in the NVIDIA GPU 
driver could ...)
-       TODO: check
+       NOT-FOR-US: Nvidia driver for Android
 CVE-2016-8423 (An elevation of privilege vulnerability in the Qualcomm 
bootloader ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm bootloader for Android
 CVE-2016-8422 (An elevation of privilege vulnerability in the Qualcomm 
bootloader ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm bootloader for Android
 CVE-2016-8421
        RESERVED
 CVE-2016-8420
@@ -16691,13 +16691,13 @@
 CVE-2016-8416
        RESERVED
 CVE-2016-8415 (An elevation of privilege vulnerability in the Qualcomm Wi-Fi 
driver ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm driver for Android
 CVE-2016-8414
        RESERVED
 CVE-2016-8413
        RESERVED
 CVE-2016-8412 (An elevation of privilege vulnerability in the Qualcomm camera 
could ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8411
        RESERVED
 CVE-2016-8410 (An information disclosure vulnerability in the Qualcomm sound 
driver ...)
@@ -16728,7 +16728,7 @@
        [jessie] - linux 3.16.39-1
        NOTE: Fixed by: 
https://git.kernel.org/linus/0eab121ef8750a5c8637d51534d5e9143fb0633f
 CVE-2016-8398 (Unauthenticated messages processed by the UE. Certain NAS 
messages are ...)
-       TODO: check
+       NOT-FOR-US: Qualcomm component for Android
 CVE-2016-8397 (An information disclosure vulnerability in the NVIDIA video 
driver ...)
        TODO: check
 CVE-2016-8396 (An information disclosure vulnerability in the MediaTek video 
driver ...)
@@ -26772,6 +26772,7 @@
        RESERVED
 CVE-2016-5345
        RESERVED
+       NOT-FOR-US: Qualcomm radio driver for Android
 CVE-2016-5344 (Multiple integer overflows in the MDSS driver for the Linux 
kernel ...)
        TODO: check
 CVE-2016-5343 (drivers/soc/qcom/qdsp6v2/voice_svc.c in the QDSP6v2 Voice 
Service ...)


_______________________________________________
Secure-testing-commits mailing list
Secure-testing-commits@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-commits

[Secure-testing-commits] r48226 - data/CVE

Reply via email to