Debian Linux vulnerabilities

CVE-2021-3563 [HIGH] CWE-863 CVE-2021-3563: A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are ve A flaw was found in openstack-keystone. Only the first 72 characters of an application secret are verified allowing attackers bypass some password complexity which administrators may be counting on. The highest threat from this vulnerability is to data confidentiality and integrity.

CVE-2021-3864 [HIGH] CWE-284 CVE-2021-3864: A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries execute A flaw was found in the way the dumpable flag setting was handled when certain SUID binaries executed its descendants. The prerequisite is a SUID binary that sets real UID equal to effective UID, and real GID equal to effective GID. The descendant will then have a dumpable value set to 1. As a result, if the descendant process crashes and core_pattern i

CVE-2021-3669 [MEDIUM] CWE-400 CVE-2021-3669: A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large A flaw was found in the Linux kernel. Measuring usage of the shared memory does not scale with large shared memory segment counts which could lead to resource exhaustion and DoS.

CVE-2022-0171 [MEDIUM] CWE-459 CVE-2022-0171: A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non A flaw was found in the Linux kernel. The existing KVM SEV API has a vulnerability that allows a non-root (host) user-level application to crash the host kernel by creating a confidential guest VM instance in AMD CPU that supports Secure Encrypted Virtualization (SEV).

CVE-2021-3735 [MEDIUM] CWE-667 CVE-2021-3735: A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahc A deadlock issue was found in the AHCI controller device of QEMU. It occurs on a software reset (ahci_reset_port) while handling a host-to-device Register FIS (Frame Information Structure) packet from the guest. A privileged user inside the guest could use this flaw to hang the QEMU process on the host, resulting in a denial of service condition. The

CVE-2022-2255 [HIGH] CWE-348 CVE-2022-2255: A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an A vulnerability was found in mod_wsgi. The X-Client-IP header is not removed from a request from an untrusted proxy, allowing an attacker to pass the X-Client-IP header to the target WSGI application because the condition to remove it is missing.

CVE-2022-0135 [HIGH] CWE-787 CVE-2022-0135: An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This fl An out-of-bounds write issue was found in the VirGL virtual OpenGL renderer (virglrenderer). This flaw allows a malicious guest to create a specially crafted virgil resource and then issue a VIRTGPU_EXECBUFFER ioctl, leading to a denial of service or possible code execution.

CVE-2022-22728 [HIGH] CWE-120 CVE-2022-22728: A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing A flaw in Apache libapreq2 versions 2.16 and earlier could cause a buffer overflow while processing multipart form uploads. A remote attacker could send a request causing a process crash which could lead to a denial of service attack.

CVE-2021-4204 [HIGH] CWE-20 CVE-2021-4204: An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper In An out-of-bounds (OOB) memory access flaw was found in the Linux kernel's eBPF due to an Improper Input Validation. This flaw allows a local attacker with a special privilege to crash the system or leak internal information.

CVE-2021-4213 [HIGH] CWE-401 CVE-2021-4213: A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory A flaw was found in JSS, where it did not properly free up all memory. Over time, the wasted memory builds up in the server memory, saturating the server’s RAM. This flaw allows an attacker to force the invocation of an out-of-memory process, causing a denial of service.

CVE-2021-4037 [HIGH] CVE-2021-4037: A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel th A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a directory is SGID and belongs to a certain group and is writable by a user who is not a m

CVE-2021-3999 [HIGH] CWE-193 CVE-2021-3999: A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memor A flaw was found in glibc. An off-by-one buffer overflow and underflow in getcwd() may lead to memory corruption when the size of the buffer is exactly 1. A local attacker who can control the input buffer and size passed to getcwd() in a setuid program could use this flaw to potentially execute arbitrary code and escalate their privileges on the system.

CVE-2022-32893 [HIGH] CWE-787 CVE-2022-32893: An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS An out-of-bounds write issue was addressed with improved bounds checking. This issue is fixed in iOS 15.6.1 and iPadOS 15.6.1, macOS Monterey 12.5.1, Safari 15.6.1. Processing maliciously crafted web content may lead to arbitrary code execution. Apple is aware of a report that this issue may have been actively exploited.

CVE-2022-2978 [HIGH] CWE-416 CVE-2022-2978: A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers funct A flaw use after free in the Linux kernel NILFS file system was found in the way user triggers function security_inode_alloc to fail with following call to function nilfs_mdt_destroy. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

CVE-2021-4159 [MEDIUM] CWE-202 CVE-2021-4159: A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures A vulnerability was found in the Linux kernel's EBPF verifier when handling internal data structures. Internal memory locations could be returned to userspace. A local attacker with the permissions to insert eBPF code to the kernel can use this to leak internal kernel memory details defeating some of the exploit mitigations in place for the kernel.

CVE-2021-4189 [MEDIUM] CWE-252 CVE-2021-4189: A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV A flaw was found in Python, specifically in the FTP (File Transfer Protocol) client library in PASV (passive) mode. The issue is how the FTP client trusts the host from the PASV response by default. This flaw allows an attacker to set up a malicious FTP server that can trick FTP clients into connecting back to a given IP address and port. This vulnerab

CVE-2021-4214 [MEDIUM] CWE-120 CVE-2021-4214: A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with loc A heap overflow flaw was found in libpngs' pngimage.c program. This flaw allows an attacker with local network access to pass a specially crafted PNG file to the pngimage utility, causing an application to crash, leading to a denial of service.

CVE-2022-2946 [HIGH] CWE-416 CVE-2022-2946: Use After Free in GitHub repository vim/vim prior to 9.0.0246. Use After Free in GitHub repository vim/vim prior to 9.0.0246.

CVE-2021-23177 [HIGH] CWE-59 CVE-2021-23177: An improper link resolution flaw while extracting an archive can lead to changing the access control An improper link resolution flaw while extracting an archive can lead to changing the access control list (ACL) of the target of the link. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to change the ACL of a file on the system and gain mor

CVE-2020-35511 [HIGH] CWE-126 CVE-2020-35511: A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) vi A global buffer overflow was discovered in pngcheck function in pngcheck-2.4.0(5 patches applied) via a crafted png file.