From 89b3c38a12c27ac61e1e1f0be64760b56469fab3 Mon Sep 17 00:00:00 2001 From: CVE Team Date: Tue, 6 Oct 2020 20:02:10 +0000 Subject: [PATCH] "-Synchronized-Data." --- 2020/25xxx/CVE-2020-25643.json | 2 +- 2020/26xxx/CVE-2020-26061.json | 5 +++++ 2020/8xxx/CVE-2020-8781.json | 12 +----------- 2020/8xxx/CVE-2020-8782.json | 5 ----- 4 files changed, 7 insertions(+), 17 deletions(-) diff --git a/2020/25xxx/CVE-2020-25643.json b/2020/25xxx/CVE-2020-25643.json index 2ce8cf6ebad..7ad77acbdc4 100644 --- a/2020/25xxx/CVE-2020-25643.json +++ b/2020/25xxx/CVE-2020-25643.json @@ -60,7 +60,7 @@ "description_data": [ { "lang": "eng", - "value": "A memory corruption flaw in the Linux kernel in versions before 5.9-rc7 in the HDLC_PPP module was found in the way it receives malformed packets by the PPP protocol. A remote user could use this flaw to crash the system or causing denial of service." + "value": "A flaw was found in the HDLC_PPP module of the Linux kernel in versions before 5.9-rc7. Memory corruption and a read overflow is caused by improper input validation in the ppp_cp_parse_cr function which can cause the system to crash or cause a denial of service. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability." } ] } diff --git a/2020/26xxx/CVE-2020-26061.json b/2020/26xxx/CVE-2020-26061.json index 8939c8d79f2..118003eb211 100644 --- a/2020/26xxx/CVE-2020-26061.json +++ b/2020/26xxx/CVE-2020-26061.json @@ -56,6 +56,11 @@ "url": "https://www.clickstudios.com.au/passwordstate-changelog.aspx", "refsource": "MISC", "name": "https://www.clickstudios.com.au/passwordstate-changelog.aspx" + }, + { + "refsource": "MISC", + "name": "https://github.com/missing0x00/CVE-2020-26061", + "url": "https://github.com/missing0x00/CVE-2020-26061" } ] } diff --git a/2020/8xxx/CVE-2020-8781.json b/2020/8xxx/CVE-2020-8781.json index f8dc0e9f5c5..017d901fc83 100644 --- a/2020/8xxx/CVE-2020-8781.json +++ b/2020/8xxx/CVE-2020-8781.json @@ -34,7 +34,7 @@ "description_data": [ { "lang": "eng", - "value": "Sierra Wireless ALEOS 4.11 through 4.13.0 has an Improper Authorization issue." + "value": "Lack of input sanitization in UpdateRebootMgr service of ALEOS 4.11 and later allow an escalation to root from a low-privilege process." } ] }, @@ -52,16 +52,6 @@ }, "references": { "reference_data": [ - { - "url": "https://www.sierrawireless.com/company/security/", - "refsource": "MISC", - "name": "https://www.sierrawireless.com/company/security/" - }, - { - "url": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,14,-d-,0-release-notes/", - "refsource": "MISC", - "name": "https://source.sierrawireless.com/resources/airlink/software_reference_docs/release-notes/aleos-4,-d-,14,-d-,0-release-notes/" - }, { "refsource": "CONFIRM", "name": "https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-005/", diff --git a/2020/8xxx/CVE-2020-8782.json b/2020/8xxx/CVE-2020-8782.json index 82444b5bc72..d696ec9782c 100644 --- a/2020/8xxx/CVE-2020-8782.json +++ b/2020/8xxx/CVE-2020-8782.json @@ -83,11 +83,6 @@ "refsource": "CONFIRM", "name": "https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-005/", "url": "https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-005/" - }, - { - "refsource": "MISC", - "url": "https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-005/", - "name": "https://source.sierrawireless.com/resources/security-bulletins/sierra-wireless-technical-bulletin---swi-psa-2020-005/" } ] },