Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
d5c39034 by security tracker role at 2023-04-01T20:10:18+00:00
automatic update

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -1,3 +1,5 @@
+CVE-2023-1790 (A vulnerability, which was classified as problematic, was found 
in Sou ...)
+       TODO: check
 CVE-2023-28938
        RESERVED
 CVE-2023-28736
@@ -52143,6 +52145,7 @@ CVE-2022-38401 (Adobe InCopy version 17.3 (and earlier) 
and 16.4.2 (and earlier)
 CVE-2022-38102
        RESERVED
 CVE-2022-38090 (Improper isolation of shared resources in some Intel(R) 
Processors whe ...)
+       {DLA-3379-1}
        - intel-microcode 3.20230214.1 (bug #1031334)
        [bullseye] - intel-microcode <no-dsa> (Minor issue)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00767.html
@@ -57697,6 +57700,7 @@ CVE-2022-34846
 CVE-2022-34657
        RESERVED
 CVE-2022-33196 (Incorrect default permissions in some memory controller 
configurations ...)
+       {DLA-3379-1}
        - intel-microcode 3.20230214.1 (bug #1031334)
        [bullseye] - intel-microcode <no-dsa> (Minor issue)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00738.html
@@ -61759,6 +61763,7 @@ CVE-2022-34488 (Improper buffer restrictions in the 
firmware for some Intel(R) N
 CVE-2022-34346 (Out-of-bounds read in the Intel(R) Media SDK software before 
version 2 ...)
        NOT-FOR-US: Intel
 CVE-2022-33972 (Incorrect calculation in microcode keying mechanism for some 
3rd Gener ...)
+       {DLA-3379-1}
        - intel-microcode 3.20230214.1 (bug #1031334)
        [bullseye] - intel-microcode <no-dsa> (Minor issue)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00730.html
@@ -92307,6 +92312,7 @@ CVE-2022-21807 (Uncontrolled search path elements in 
the Intel(R) VTune(TM) Prof
 CVE-2022-21795
        RESERVED
 CVE-2022-21233 (Improper isolation of shared resources in some Intel(R) 
Processors may ...)
+       {DLA-3379-1}
        - intel-microcode 3.20220809.1
        [bullseye] - intel-microcode <no-dsa> (Minor issue, only impacts SGX)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00657.html
@@ -105239,6 +105245,7 @@ CVE-2021-44740 (Acrobat Reader DC version 
21.007.20099 (and earlier), 20.004.300
 CVE-2021-44739 (Acrobat Reader DC ActiveX Control versions 21.007.20099 (and 
earlier), ...)
        NOT-FOR-US: Adobe
 CVE-2021-44545 (Improper input validation for some Intel(R) PROSet/Wireless 
WiFi and K ...)
+       {DLA-3380-1}
        - firmware-nonfree 20220913-1
        [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
@@ -105269,6 +105276,7 @@ CVE-2021-26254 (Out of bounds read for some Intel(R) 
PROSet/Wireless WiFi and Ki
 CVE-2021-23188 (Improper access control for some Intel(R) PROSet/Wireless WiFi 
and Kil ...)
        NOT-FOR-US: Intel
 CVE-2021-23168 (Out of bounds read for some Intel(R) PROSet/Wireless WiFi and 
Killer(T ...)
+       {DLA-3380-1}
        - firmware-nonfree 20220913-1
        [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
@@ -106267,6 +106275,7 @@ CVE-2021-4037 (A vulnerability was found in the 
fs/inode.c:inode_init_owner() fu
 CVE-2021-4036
        RESERVED
 CVE-2021-37409 (Improper access control for some Intel(R) PROSet/Wireless WiFi 
and Kil ...)
+       {DLA-3380-1}
        - firmware-nonfree 20220913-1
        [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
@@ -106295,6 +106304,7 @@ CVE-2021-26257 (Improper buffer restrictions in 
firmware for some Intel(R) Wirel
 CVE-2021-26251 (Improper input validation in the Intel(R) Distribution of 
OpenVINO(TM) ...)
        NOT-FOR-US: Intel
 CVE-2021-23223 (Improper initialization for some Intel(R) PROSet/Wireless WiFi 
and Kil ...)
+       {DLA-3380-1}
        - firmware-nonfree 20220913-1
        [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
@@ -109590,6 +109600,7 @@ CVE-2021-43746 (Adobe Premiere Rush versions 1.5.16 
(and earlier) allows access
 CVE-2021-3961 (snipe-it is vulnerable to Improper Neutralization of Input 
During Web  ...)
        - snipe-it <itp> (bug #1005172)
 CVE-2022-21216 (Insufficient granularity of access control in out-of-band 
management i ...)
+       {DLA-3379-1}
        - intel-microcode 3.20230214.1 (bug #1031334)
        [bullseye] - intel-microcode <no-dsa> (Minor issue)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00700.html
@@ -110015,6 +110026,7 @@ CVE-2022-21205 (Improper restriction of XML external 
entity reference in DSP Bui
 CVE-2022-21203 (Improper permissions in the SafeNet Sentinel driver for 
Intel(R) Quart ...)
        NOT-FOR-US: Intel
 CVE-2022-21181 (Improper input validation for some Intel(R) PROSet/Wireless 
WiFi and K ...)
+       {DLA-3380-1}
        - firmware-nonfree 20220913-1
        [bullseye] - firmware-nonfree <no-dsa> (Non-free not supported)
        NOTE: 
https://www.intel.com/content/www/us/en/security-center/advisory/intel-sa-00621.html
@@ -192691,7 +192703,7 @@ CVE-2020-24590 (The Management Console in WSO2 API 
Manager through 3.1.0 and API
 CVE-2020-24589 (The Management Console in WSO2 API Manager through 3.1.0 and 
API Micro ...)
        NOT-FOR-US: WSO2
 CVE-2020-24588 (The 802.11 standard that underpins Wi-Fi Protected Access 
(WPA, WPA2,  ...)
-       {DLA-2690-1 DLA-2689-1}
+       {DLA-3380-1 DLA-2690-1 DLA-2689-1}
        - linux 5.10.46-1
        [buster] - linux 4.19.194-1
        [experimental] - firmware-nonfree 20210716-1~exp1
@@ -192710,7 +192722,7 @@ CVE-2020-24588 (The 802.11 standard that underpins 
Wi-Fi Protected Access (WPA,
        NOTE: firmware-nonfree (iwlwifi-fw-2021-05-12) addressed the firmware 
part of the CVE
        NOTE: 
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=55d964905a2b6cd790cbbbb46640bb2fb520b0cb
 CVE-2020-24587 (The 802.11 standard that underpins Wi-Fi Protected Access 
(WPA, WPA2,  ...)
-       {DLA-2690-1 DLA-2689-1}
+       {DLA-3380-1 DLA-2690-1 DLA-2689-1}
        - linux 5.10.46-1
        [buster] - linux 4.19.194-1
        [experimental] - firmware-nonfree 20210716-1~exp1
@@ -192726,7 +192738,7 @@ CVE-2020-24587 (The 802.11 standard that underpins 
Wi-Fi Protected Access (WPA,
        NOTE: firmware-nonfree (iwlwifi-fw-2021-05-12) addressed the firmware 
part of the CVE
        NOTE: 
https://git.kernel.org/pub/scm/linux/kernel/git/firmware/linux-firmware.git/commit/?id=55d964905a2b6cd790cbbbb46640bb2fb520b0cb
 CVE-2020-24586 (The 802.11 standard that underpins Wi-Fi Protected Access 
(WPA, WPA2,  ...)
-       {DLA-2690-1 DLA-2689-1}
+       {DLA-3380-1 DLA-2690-1 DLA-2689-1}
        - linux 5.10.46-1
        [buster] - linux 4.19.194-1
        [experimental] - firmware-nonfree 20210716-1~exp1
@@ -221271,6 +221283,7 @@ CVE-2020-12366 (Insufficient input validation in some 
Intel(R) Graphics Drivers
 CVE-2020-12365 (Untrusted pointer dereference in some Intel(R) Graphics 
Drivers before ...)
        NOT-FOR-US: Intel graphics drivers for Windows
 CVE-2020-12364 (Null pointer reference in some Intel(R) Graphics Drivers for 
Windows*  ...)
+       {DLA-3380-1}
        - linux 5.14.6-1
        [bullseye] - linux <ignored> (Too intrusive to backport)
        [buster] - linux <ignored> (Too intrusive to backport)
@@ -221284,6 +221297,7 @@ CVE-2020-12364 (Null pointer reference in some 
Intel(R) Graphics Drivers for Win
        NOTE: The vulnerability is fixed in firmware, but needs an updated 
Linux kernel to load
        NOTE: the updated firmware, thus also marking linux as affected
 CVE-2020-12363 (Improper input validation in some Intel(R) Graphics Drivers 
for Window ...)
+       {DLA-3380-1}
        - linux 5.14.6-1
        [bullseye] - linux <ignored> (Too intrusive to backport)
        [buster] - linux <ignored> (Too intrusive to backport)
@@ -221297,6 +221311,7 @@ CVE-2020-12363 (Improper input validation in some 
Intel(R) Graphics Drivers for
        NOTE: The vulnerability is fixed in firmware, but needs an updated 
Linux kernel to load
        NOTE: the updated firmware, thus also marking linux as affected
 CVE-2020-12362 (Integer overflow in the firmware for some Intel(R) Graphics 
Drivers fo ...)
+       {DLA-3380-1}
        - linux 5.14.6-1
        [bullseye] - linux <ignored> (Too intrusive to backport)
        [buster] - linux <ignored> (Too intrusive to backport)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5c390340094d5a20fbcb46c334139bc456060e4

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/d5c390340094d5a20fbcb46c334139bc456060e4
You're receiving this email because of your account on salsa.debian.org.


_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to