From 7f55ab7899bdd417c9821f3593c845f70ed1f10d Mon Sep 17 00:00:00 2001 From: Moritz Muehlenhoff Date: Wed, 8 Dec 2021 12:53:48 +0100 Subject: NFUs --- data/CVE/2020.list | 1 + data/CVE/2021.list | 42 ++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 43 insertions(+) diff --git a/data/CVE/2020.list b/data/CVE/2020.list index ad87a6f23c..b413168fc6 100644 --- a/data/CVE/2020.list +++ b/data/CVE/2020.list @@ -46431,6 +46431,7 @@ CVE-2020-11264 (Improper authentication of Non-EAPOL/WAPI plaintext frames durin NOT-FOR-US: Qualcomm WLAN Windows Host CVE-2020-11263 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2020-11262 (A race between command submission and destroying the context can cause ...) NOT-FOR-US: Qualcomm components for Android CVE-2020-11261 (Memory corruption due to improper check to return error when user appl ...) diff --git a/data/CVE/2021.list b/data/CVE/2021.list index 9f39c3413b..ed8dbca4fc 100644 --- a/data/CVE/2021.list +++ b/data/CVE/2021.list @@ -34470,6 +34470,7 @@ CVE-2021-30352 RESERVED CVE-2021-30351 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30350 RESERVED CVE-2021-30349 @@ -34498,10 +34499,13 @@ CVE-2021-30338 RESERVED CVE-2021-30337 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30336 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30335 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30334 RESERVED CVE-2021-30333 @@ -34566,6 +34570,7 @@ CVE-2021-30304 (Possible buffer out of bound read can occur due to improper vali NOT-FOR-US: Snapdragon CVE-2021-30303 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30302 (Improper authentication of EAP WAPI EAPOL frames from unauthenticated ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30301 @@ -34587,6 +34592,7 @@ CVE-2021-30294 (Potential null pointer dereference in KGSL GPU auxiliary command NOT-FOR-US: Qualcomm components for Android CVE-2021-30293 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30292 (Possible memory corruption due to lack of validation of client data us ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30291 (Possible memory corruption due to lack of validation of client data us ...) @@ -34595,6 +34601,7 @@ CVE-2021-30290 (Possible null pointer dereference due to race condition between NOT-FOR-US: Snapdragon CVE-2021-30289 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30288 (Possible stack overflow due to improper length check of TLV while copy ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30287 @@ -34607,38 +34614,52 @@ CVE-2021-30284 (Possible information exposure and denial of service due to NAS n NOT-FOR-US: Qualcomm components for Android CVE-2021-30283 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30282 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30281 RESERVED CVE-2021-30280 RESERVED CVE-2021-30279 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30278 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30277 RESERVED CVE-2021-30276 RESERVED + NOT-FOR-US: Android CVE-2021-30275 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30274 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30273 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30272 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30271 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30270 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30269 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30268 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30267 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30266 (Possible use after free due to improper memory validation when initial ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30265 (Possible memory corruption due to improper validation of memory addres ...) @@ -34649,6 +34670,7 @@ CVE-2021-30263 (Possible race condition can occur due to lack of synchronization NOT-FOR-US: Qualcomm components for Android CVE-2021-30262 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-30261 (Possible integer and heap overflow due to lack of input command size v ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-30260 (Possible Integer overflow to buffer overflow issue can occur due to im ...) @@ -60603,6 +60625,7 @@ CVE-2021-1919 (Integer underflow can occur when the RTCP length is lesser than t NOT-FOR-US: Qualcomm components for Android CVE-2021-1918 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-1917 (Null pointer dereference can occur due to memory allocation failure in ...) NOT-FOR-US: Qualcomm components for Android CVE-2021-1916 (Possible buffer underflow due to lack of check for negative indices va ...) @@ -60651,6 +60674,7 @@ CVE-2021-1895 (Possible integer overflow due to improper length check while flas NOT-FOR-US: Snapdragon CVE-2021-1894 RESERVED + NOT-FOR-US: Qualcomm components for Android CVE-2021-1893 RESERVED CVE-2021-1892 (Memory corruption due to improper input validation while processing IO ...) @@ -62672,22 +62696,31 @@ CVE-2021-0972 RESERVED CVE-2021-0971 RESERVED + NOT-FOR-US: Google Play CVE-2021-0970 RESERVED + NOT-FOR-US: Android CVE-2021-0969 RESERVED + NOT-FOR-US: Android CVE-2021-0968 RESERVED + NOT-FOR-US: Android CVE-2021-0967 RESERVED + NOT-FOR-US: Google Play CVE-2021-0966 RESERVED + NOT-FOR-US: Android CVE-2021-0965 RESERVED + NOT-FOR-US: Android CVE-2021-0964 RESERVED + NOT-FOR-US: Google Play CVE-2021-0963 RESERVED + NOT-FOR-US: Android CVE-2021-0962 RESERVED CVE-2021-0961 @@ -62700,18 +62733,24 @@ CVE-2021-0959 RESERVED CVE-2021-0958 RESERVED + NOT-FOR-US: Android CVE-2021-0957 RESERVED CVE-2021-0956 RESERVED + NOT-FOR-US: Android CVE-2021-0955 RESERVED + NOT-FOR-US: Android CVE-2021-0954 RESERVED + NOT-FOR-US: Android CVE-2021-0953 RESERVED + NOT-FOR-US: Android CVE-2021-0952 RESERVED + NOT-FOR-US: Android CVE-2021-0951 RESERVED CVE-2021-0950 @@ -62850,6 +62889,7 @@ CVE-2021-0905 RESERVED CVE-2021-0904 RESERVED + NOT-FOR-US: MediaTek components for Android CVE-2021-0903 RESERVED CVE-2021-0902 @@ -63253,6 +63293,7 @@ CVE-2021-0705 (In sanitizeSbn of NotificationManagerService.java, there is a pos NOT-FOR-US: Android CVE-2021-0704 RESERVED + NOT-FOR-US: Android CVE-2021-0703 (In SecondStageMain of init.cpp, there is a possible use after free due ...) NOT-FOR-US: Android CVE-2021-0702 (In RevertActiveSessions of apexd.cpp, there is a possible way to share ...) @@ -63312,6 +63353,7 @@ CVE-2021-0676 RESERVED CVE-2021-0675 RESERVED + NOT-FOR-US: MediaTek components for Android CVE-2021-0674 RESERVED CVE-2021-0673 -- cgit v1.2.3