Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
1848f26d by Salvatore Bonaccorso at 2023-12-05T15:57:10+01:00
Process some more NFUs
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -180,111 +180,111 @@ CVE-2023-40459 (The ACEManager component of ALEOS 4.16
and earlier does not adeq
CVE-2023-40103 (In multiple locations, there is a possible way to corrupt
memory due t ...)
NOT-FOR-US: Android
CVE-2023-40098 (In mOnDone of NotificationConversationInfo.java, there is a
possible w ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40097 (In hasPermissionForActivity of PackageManagerHelper.java,
there is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40096 (In OpRecordAudioMonitor::onFirstRef of AudioRecordClient.cpp,
there is ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40095 (In createDontSendToRestrictedAppsBundle of
PendingIntentUtils.java, th ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40094 (In keyguardGoingAway of ActivityTaskManagerService.java, there
is a po ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40092 (In verifyShortcutInfoPackage of ShortcutService.java, there is
a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40091 (In onTransact of IncidentService.cpp, there is a possible out
of bound ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40090 (In BTM_BleVerifySignature of btm_ble.cc, there is a possible
way to by ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40089 (In getCredentialManagerPolicy of
DevicePolicyManagerService.java, ther ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40088 (In callback_thread_event of
com_android_bluetooth_btservice_AdapterSer ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40087 (In transcodeQ*ToFloat of btif_avrcp_audio_track.cc, there is a
possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40084 (In run of MDnsSdListener.cpp, there is a possible memory
corruption du ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40083 (In parse_gap_data of utils.cc, there is a possible out of
bounds read ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40082 (In modify_for_next_stage of fdt.rs, there is a possible way to
render ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40081 (In loadMediaDataInBgForResumption of MediaDataManager.kt,
there is a p ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40080 (In multiple functions of btm_ble_gap.cc, there is a possible
out of bo ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40079 (In injectSendIntentSender of ShortcutService.java, there is a
possible ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40078 (In a2dp_vendor_opus_decoder_decode_packet of
a2dp_vendor_opus_decoder. ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40077 (In multiple functions of MetaDataBase.cpp, there is a possible
UAF wri ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40076 (In createPendingIntent of CredentialManagerUi.java, there is a
possibl ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40075 (In forceReplaceShortcutInner of ShortcutPackage.java, there is
a possi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40074 (In saveToXml of PersistableBundle.java, invalid data could
lead to loc ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-40073 (In visitUris of Notification.java, there is a possible
cross-user medi ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-39248 (Dell OS10 Networking Switches running 10.5.2.x and above
contain an Un ...)
- TODO: check
+ NOT-FOR-US: Dell
CVE-2023-37572 (Softing OPC Suite version 5.25 and before has Incorrect Access
Control ...)
- TODO: check
+ NOT-FOR-US: Softing OPC Suite
CVE-2023-35690 (There is elevation of privilege.)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-35668 (In visitUris of Notification.java, there is a possible way to
display ...)
- TODO: check
+ NOT-FOR-US: Android
CVE-2023-33107 (Memory corruption in Graphics Linux while assigning shared
virtual mem ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33106 (Memory corruption while submitting a large list of sync points
in an A ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33098 (Transient DOS while parsing WPA IES, when it is passed with
length mor ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33097 (Transient DOS in WLAN Firmware while processing a FTMR frame.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33092 (Memory corruption while processing pin reply in Bluetooth,
when pin co ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33089 (Transient DOS when processing a NULL buffer while parsing WLAN
vdev.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33088 (Memory corruption when processing cmd parameters while parsing
vdev.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33087 (Memory corruption in Core while processing RX intent request.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33083 (Memory corruption in WLAN Host while processing RRM beacon on
the AP.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33082 (Memory corruption while sending an Assoc Request having BTM
Query or B ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33081 (Transient DOS while converting TWT (Target Wake Time) frame
parameters ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33080 (Transient DOS while parsing a vender specific IE (Information
Element) ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33079 (Memory corruption in Audio while running invalid audio
recording from ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33071 (Memory corruption in Automotive OS whenever untrusted apps try
to acce ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33070 (Transient DOS in Automotive OS due to improper authentication
to the s ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33063 (Memory corruption in DSP Services during a remote call from
HLOS to DS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33054 (Cryptographic issue in GPS HLOS Driver while downloading
Qualcomm GNSS ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33053 (Memory corruption in Kernel while parsing metadata.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33044 (Transient DOS in Data modem while handling TLB control
messages from t ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33043 (Transient DOS in Modem when a Beam switch request is made with
a non-c ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33042 (Transient DOS in Modem after RRC Setup message is received.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33041 (Under certain scenarios the WLAN Firmware will reach an
assertion due ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33024 (Memory corruption while sending SMS from AP firmware.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33022 (Memory corruption in HLOS while invoking IOCTL calls from
user-space.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33018 (Memory corruption while using the UIM diag command to get the
operator ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-33017 (Memory corruption in Boot while running a ListVars test in
UEFI Menu d ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-4503
NOT-FOR-US: Red Hat EAP-Galleon
CVE-2023-6484
@@ -38248,13 +38248,13 @@ CVE-2023-28590
CVE-2023-28589
RESERVED
CVE-2023-28588 (Transient DOS in Bluetooth Host while rfc slot allocation.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28587 (Memory corruption in BT controller while parsing debug
commands with s ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28586 (Information disclosure when the trusted application metadata
symbol ad ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28585 (Memory corruption while loading an ELF segment in TEE Kernel.)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28584 (Transient DOS in WLAN Host when a mobile station receives
invalid chan ...)
NOT-FOR-US: Qualcomm
CVE-2023-28583
@@ -38264,9 +38264,9 @@ CVE-2023-28582
CVE-2023-28581 (Memory corruption in WLAN Firmware while parsing receieved GTK
Keys in ...)
NOT-FOR-US: Qualcomm
CVE-2023-28580 (Memory corruption in WLAN Host while setting the PMK length in
PMK len ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28579 (Memory Corruption in WLAN Host while deserializing the input
PMK bytes ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28578
RESERVED
CVE-2023-28577 (In the function call related to CAM_REQ_MGR_RELEASE_BUF there
is no ch ...)
@@ -38322,9 +38322,9 @@ CVE-2023-28553 (Information Disclosure in WLAN Host
when processing WMI event co
CVE-2023-28552
RESERVED
CVE-2023-28551 (Memory corruption in UTILS when modem processes memory
specific Diag c ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28550 (Memory corruption in MPP performance while accessing DSM
watermark usi ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28549 (Memory corruption in WLAN HAL while parsing Rx buffer in
processing TL ...)
NOT-FOR-US: Qualcomm
CVE-2023-28548 (Memory corruption in WLAN HAL while processing Tx/Rx commands
from QDA ...)
@@ -38332,7 +38332,7 @@ CVE-2023-28548 (Memory corruption in WLAN HAL while
processing Tx/Rx commands fr
CVE-2023-28547
RESERVED
CVE-2023-28546 (Memory Corruption in SPS Application while exporting public
key in sor ...)
- TODO: check
+ NOT-FOR-US: Qualcomm
CVE-2023-28545 (Memory corruption in TZ Secure OS while loading an app ELF.)
NOT-FOR-US: Qualcomm
CVE-2023-28544 (Memory corruption in WLAN while sending transmit command from
HLOS to ...)
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1848f26d174f8952292a5fff887d88b969f90ebe
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/1848f26d174f8952292a5fff887d88b969f90ebe
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
debian-security-tracker-commits@alioth-lists.debian.net
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
