Debian Linux vulnerabilities

CVE-2022-27387 [HIGH] CWE-120 CVE-2022-27387: MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component d MariaDB Server v10.7 and below was discovered to contain a global buffer overflow in the component decimal_bin_size, which is exploited via specially crafted SQL statements.

CVE-2022-27386 [HIGH] CWE-89 CVE-2022-27386: MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/ MariaDB Server v10.7 and below was discovered to contain a segmentation fault via the component sql/sql_class.cc.

CVE-2021-28544 [MEDIUM] CWE-200 CVE-2021-28544: Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' Apache Subversion SVN authz protected copyfrom paths regression Subversion servers reveal 'copyfrom' paths that should be hidden according to configured path-based authorization (authz) rules. When a node has been copied from a protected location, users with access to the copy can see the 'copyfrom' path of the original. This also reveals the fact t

CVE-2022-28893 [HIGH] CWE-416 CVE-2022-28893: The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that s The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.

CVE-2022-24836 [HIGH] CWE-400 CVE-2022-24836: Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `< v1.13.4` contains an inefficie Nokogiri is an open source XML and HTML library for Ruby. Nokogiri `= 1.13.4`. There are no known workarounds for this issue.

CVE-2022-24786 [CRITICAL] CWE-125 CVE-2022-24786: PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 a PJSIP is a free and open source multimedia communication library written in C. PJSIP versions 2.12 and prior do not parse incoming RTCP feedback RPSI (Reference Picture Selection Indication) packet, but any app that directly uses pjmedia_rtcp_fb_parse_rpsi() will be affected. A patch is available in the `master` branch of the `pjsip/pjproject` Git

CVE-2022-24793 [HIGH] CWE-120 CVE-2022-24793: PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vul PJSIP is a free and open source multimedia communication library written in C. A buffer overflow vulnerability in versions 2.12 and prior affects applications that use PJSIP DNS resolution. It doesn't affect PJSIP users who utilize an external resolver. This vulnerability is related to CVE-2023-27585. The difference is that this issue is in parsing th

CVE-2022-26110 [HIGH] CVE-2022-26110: An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0 An issue was discovered in HTCondor 8.8.x before 8.8.16, 9.0.x before 9.0.10, and 9.1.x before 9.6.0. When a user authenticates to an HTCondor daemon via the CLAIMTOBE method, the user can then impersonate any entity when issuing additional commands to that daemon.

CVE-2022-26358 [HIGH] CVE-2022-26358: IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to mu IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for

CVE-2021-43008 [HIGH] CVE-2021-43008: Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attac Improper Access Control in Adminer versions 1.12.0 to 4.6.2 (fixed in version 4.6.3) allows an attacker to achieve Arbitrary File Read on the remote server by requesting the Adminer to connect to a remote MySQL database.

CVE-2022-26360 [HIGH] CVE-2022-26360: IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to mu IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for

CVE-2022-26361 [HIGH] CVE-2022-26361: IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to mu IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for

CVE-2022-26357 [HIGH] CWE-362 CVE-2022-26357: race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for on race in VT-d domain ID cleanup Xen domain IDs are up to 15 bits wide. VT-d hardware may allow for only less than 15 bits to hold a domain ID associating a physical device with a particular domain. Therefore internally Xen domain IDs are mapped to the smaller value range. The cleaning up of the housekeeping structures has a race, allowing for VT-d doma

CVE-2022-26359 [HIGH] CVE-2022-26359: IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to mu IOMMU: RMRR (VT-d) and unity map (AMD-Vi) handling issues T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Certain PCI devices in a system might be assigned Reserved Memory Regions (specified via Reserved Memory Region Reporting, "RMRR") for Intel VT-d or Unity Mapping ranges for

CVE-2022-26356 [MEDIUM] CWE-667 CVE-2022-26356: Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirt Racy interactions between dirty vram tracking and paging log dirty hypercalls Activation of log dirty mode done by XEN_DMOP_track_dirty_vram (was named HVMOP_track_dirty_vram before Xen 4.9) is racy with ongoing log dirty hypercalls. A suitably timed call to XEN_DMOP_track_dirty_vram can enable log dirty while another CPU is still in the process of

CVE-2022-24785 [HIGH] CWE-22 CVE-2022-24785: Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. Moment.js is a JavaScript date library for parsing, validating, manipulating, and formatting dates. A path traversal vulnerability impacts npm (server) users of Moment.js between versions 1.0.1 and 2.29.1, especially if a user-provided locale string is directly used to switch moment locale. This problem is patched in 2.29.2, and the patch can be applied

CVE-2022-24801 [HIGH] CWE-444 CVE-2022-24801: Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to vers Twisted is an event-based framework for internet applications, supporting Python 3.6+. Prior to version 22.4.0rc1, the Twisted Web HTTP 1.1 server, located in the `twisted.web.http` module, parsed several HTTP request constructs more leniently than permitted by RFC 7230. This non-conformant parsing can lead to desync if requests pass through multiple

CVE-2022-28390 [HIGH] CWE-415 CVE-2022-28390: ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.

CVE-2022-28389 [MEDIUM] CWE-415 CVE-2022-28389: mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a doubl mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.

CVE-2022-28388 [MEDIUM] CWE-415 CVE-2022-28388: usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a doubl usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.