Debian Linux vulnerabilities

CVE-2021-20298 [HIGH] CWE-400 CVE-2021-20298: A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted f A flaw was found in OpenEXR's B44Compressor. This flaw allows an attacker who can submit a crafted file to be processed by OpenEXR, to exhaust all memory accessible to the application. The highest threat from this vulnerability is to system availability.

CVE-2022-31676 [HIGH] CWE-269 CVE-2022-31676: VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A mali VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

CVE-2021-31566 [HIGH] CWE-59 CVE-2021-31566: An improper link resolution flaw can occur while extracting an archive leading to changing modes, ti An improper link resolution flaw can occur while extracting an archive leading to changing modes, times, access control lists, and flags of a file outside of the archive. An attacker may provide a malicious archive to a victim user, who would trigger this flaw when trying to extract the archive. A local attacker may use this flaw to gain more privilege

CVE-2021-3975 [MEDIUM] CWE-416 CVE-2021-3975: A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandl A use-after-free flaw was found in libvirt. The qemuMonitorUnregister() function in qemuProcessHandleMonitorEOF is called using multiple threads without being adequately protected by a monitor lock. This flaw could be triggered by the virConnectGetAllDomainStats API when the guest is shutting down. An unprivileged client with a read-only connection co

CVE-2021-20316 [MEDIUM] CWE-362 CVE-2021-20316: A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated A flaw was found in the way Samba handled file/directory metadata. This flaw allows an authenticated attacker with permissions to read or modify share metadata, to perform this operation outside of the share.

CVE-2021-3800 [MEDIUM] CWE-200 CVE-2021-3800: A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content A flaw was found in glib before version 2.63.6. Due to random charset alias, pkexec can leak content from files owned by privileged users to unprivileged ones under the right condition.

CVE-2021-3759 [MEDIUM] CWE-400 CVE-2021-3759: A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsy A memory overflow vulnerability was found in the Linux kernel’s ipc functionality of the memcg subsystem, in the way a user calls the semget function multiple times, creating semaphores. This flaw allows a local user to starve the resources, causing a denial of service. The highest threat from this vulnerability is to system availability.

CVE-2022-2873 [MEDIUM] CWE-131 CVE-2022-2873: An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller An out-of-bounds memory access flaw was found in the Linux kernel Intel’s iSMT SMBus host controller driver in the way a user triggers the I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with malicious input data. This flaw allows a local user to crash the system.

CVE-2020-27792 [HIGH] CWE-119 CVE-2020-27792: A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function A heap-based buffer overwrite vulnerability was found in GhostScript's lp8000_print_page() function in the gdevlp8k.c file. This flaw allows an attacker to trick a user into opening a crafted PDF file, triggering the heap buffer overflow that could lead to memory corruption or a denial of service.

CVE-2022-26373 [MEDIUM] CVE-2022-26373: Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may Non-transparent sharing of return predictor targets between contexts in some Intel(R) Processors may allow an authorized user to potentially enable information disclosure via local access.

CVE-2021-32862 [MEDIUM] CWE-79 CVE-2021-32862: The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in n The GitHub Security Lab discovered sixteen ways to exploit a cross-site scripting vulnerability in nbconvert. When using nbconvert to generate an HTML version of a user-controllable notebook, it is possible to inject arbitrary HTML which may lead to cross-site scripting (XSS) vulnerabilities if these HTML notebooks are served by a web server (eg: nbv

CVE-2022-2869 [MEDIUM] CWE-191 CVE-2022-2869: libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the libtiff's tiffcrop tool has a uint32_t underflow which leads to out of bounds read and write in the extractContigSamples8bits routine. An attacker who supplies a crafted file to tiffcrop could trigger this flaw, most likely by tricking a user into opening the crafted file with tiffcrop. Triggering this flaw could cause a crash or potentially further ex

CVE-2022-2868 [MEDIUM] CWE-20 CVE-2022-2868: libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read libtiff's tiffcrop utility has a improper input validation flaw that can lead to out of bounds read and ultimately cause a crash if an attacker is able to supply a crafted file to tiffcrop.

CVE-2022-2867 [MEDIUM] CWE-191 CVE-2022-2867: libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. A libtiff's tiffcrop utility has a uint32_t underflow that can lead to out of bounds read and write. An attacker who supplies a crafted file to tiffcrop (likely via tricking a user to run tiffcrop on it with certain parameters) could cause a crash or in some cases, further exploitation.

CVE-2020-21365 [HIGH] CWE-22 CVE-2020-21365: Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read loca Directory traversal vulnerability in wkhtmltopdf through 0.12.5 allows remote attackers to read local files and disclose sensitive information via a crafted html file running with the default configurations.

CVE-2022-20369 [MEDIUM] CWE-787 CVE-2022-20369: In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper inpu In v4l2_m2m_querybuf of v4l2-mem2mem.c, there is a possible out of bounds write due to improper input validation. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-223375145References: Upstream kernel

CVE-2022-31778 [HIGH] CWE-20 CVE-2022-31778: Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic S Improper Input Validation vulnerability in handling the Transfer-Encoding header of Apache Traffic Server allows an attacker to poison the cache. This issue affects Apache Traffic Server 8.0.0 to 9.0.2.

CVE-2022-31779 [HIGH] CWE-20 CVE-2022-31779: Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an Improper Input Validation vulnerability in HTTP/2 header parsing of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

CVE-2022-31780 [HIGH] CWE-20 CVE-2022-31780: Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an Improper Input Validation vulnerability in HTTP/2 frame handling of Apache Traffic Server allows an attacker to smuggle requests. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.

CVE-2022-25763 [HIGH] CWE-444 CVE-2022-25763: Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows Improper Input Validation vulnerability in HTTP/2 request validation of Apache Traffic Server allows an attacker to create smuggle or cache poison attacks. This issue affects Apache Traffic Server 8.0.0 to 9.1.2.