Debian Linux vulnerabilities

CVE-2022-20785 [HIGH] CWE-401 CVE-2022-20785: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in HTML file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of

CVE-2022-20770 [HIGH] CWE-399 CVE-2022-20770: On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and e On April 20, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in CHM file parser of Clam AntiVirus (ClamAV) versions 0.104.0 through 0.104.2 and LTS version 0.103.5 and prior versions could allow an unauthenticated, remote attacker to cause a denial of

CVE-2022-20796 [MEDIUM] CWE-822 CVE-2022-20796: On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earl On May 4, 2022, the following vulnerability in the ClamAV scanning library versions 0.103.5 and earlier and 0.104.2 and earlier was disclosed: A vulnerability in Clam AntiVirus (ClamAV) versions 0.103.4, 0.103.5, 0.104.1, and 0.104.2 could allow an authenticated, local attacker to cause a denial of service condition on an affected device. For a desc

CVE-2022-1292 [HIGH] CWE-78 CVE-2022-1292: The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. Th The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete

CVE-2022-29824 [MEDIUM] CWE-190 CVE-2022-29824: In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer In libxml2 before 2.9.14, several buffer handling functions in buf.c (xmlBuf*) and tree.c (xmlBuffer*) don't check for integer overflows. This can result in out-of-bounds memory writes. Exploitation requires a victim to open a crafted, multi-gigabyte XML file. Other software using libxml2's buffer functions, for example libxslt through 1.1.35, is af

CVE-2021-46790 [HIGH] CWE-787 CVE-2021-46790: ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: ntfsck in NTFS-3G through 2021.8.22 has a heap-based buffer overflow involving buffer+512*3-2. NOTE: the upstream position is that ntfsck is deprecated; however, it is shipped by some Linux distributions.

CVE-2022-29970 [HIGH] CWE-22 CVE-2022-29970: Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static Sinatra before 2.2.0 does not validate that the expanded path matches public_dir when serving static files.

CVE-2021-42531 [HIGH] CWE-121 CVE-2021-42531: XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerabi XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

CVE-2021-42532 [HIGH] CWE-121 CVE-2021-42532: XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerabi XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

CVE-2021-42529 [HIGH] CWE-121 CVE-2021-42529: XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerabi XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

CVE-2021-42530 [HIGH] CWE-121 CVE-2021-42530: XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerabi XMP Toolkit SDK version 2021.07 (and earlier) is affected by a stack-based buffer overflow vulnerability potentially resulting in arbitrary code execution in the context of the current user. Exploitation requires user interaction in that a victim must open a crafted file.

CVE-2021-42528 [MEDIUM] CWE-476 CVE-2021-42528: XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsi XMP Toolkit 2021.07 (and earlier) is affected by a Null pointer dereference vulnerability when parsing a specially crafted file. An unauthenticated attacker could leverage this vulnerability to achieve an application denial-of-service in the context of the current user. Exploitation of this issue requires user interaction in that a victim must open

CVE-2022-25647 [HIGH] CWE-502 CVE-2022-25647: The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Da The package com.google.code.gson:gson before 2.8.9 are vulnerable to Deserialization of Untrusted Data via the writeReplace() method in internal classes, which may lead to DoS attacks.

CVE-2021-4207 [HIGH] CWE-362 CVE-2021-4207: A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled val A flaw was found in the QXL display device emulation in QEMU. A double fetch of guest controlled values `cursor->header.width` and `cursor->header.height` can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. A malicious privileged guest user could use this flaw to crash the QEMU process on the host or

CVE-2022-1353 [HIGH] CWE-200 CVE-2022-1353: A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. Th A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.

CVE-2021-4206 [HIGH] CWE-190 CVE-2021-4206: A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_allo A flaw was found in the QXL display device emulation in QEMU. An integer overflow in the cursor_alloc() function can lead to the allocation of a small cursor object followed by a subsequent heap-based buffer overflow. This flaw allows a malicious privileged guest user to crash the QEMU process on the host or potentially execute arbitrary code within the

CVE-2022-1048 [HIGH] CWE-416 CVE-2022-1048: A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers con A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.

CVE-2022-1195 [MEDIUM] CWE-362 CVE-2022-1195: A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allo A use-after-free vulnerability was found in the Linux kernel in drivers/net/hamradio. This flaw allows a local attacker with a user privilege to cause a denial of service (DOS) when the mkiss or sixpack device is detached and reclaim resources early.

CVE-2022-29869 [MEDIUM] CWE-532 CVE-2022-29869: cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = cifs-utils through 6.14, with verbose logging, can cause an information leak when a file contains = (equal sign) characters but is not a valid credentials file.

CVE-2022-27239 [HIGH] CWE-787 CVE-2022-27239: In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-li In cifs-utils through 6.14, a stack-based buffer overflow when parsing the mount.cifs ip= command-line argument could lead to local attackers gaining root privileges.