Debian Linux vulnerabilities

CVE-2022-28356 [MEDIUM] CVE-2022-28356: In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c. In the Linux kernel before 5.17.1, a refcount leak bug was found in net/llc/af_llc.c.

CVE-2022-24790 [HIGH] CWE-444 CVE-2022-24790: Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When us Puma is a simple, fast, multi-threaded, parallel HTTP 1.1 server for Ruby/Rack applications. When using Puma behind a proxy that does not properly validate that the incoming HTTP request matches the RFC7230 standard, Puma and the frontend proxy may disagree on where a request starts and ends. This would allow requests to be smuggled via the front-end

CVE-2022-24763 [HIGH] CWE-835 CVE-2022-24763: PJSIP is a free and open source multimedia communication library written in the C language. Versions PJSIP is a free and open source multimedia communication library written in the C language. Versions 2.12 and prior contain a denial-of-service vulnerability that affects PJSIP users that consume PJSIP's XML parsing in their apps. Users are advised to update. There are no known workarounds.

CVE-2022-1154 [HIGH] CWE-416 CVE-2022-1154: Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646. Use after free in utf_ptr2char in GitHub repository vim/vim prior to 8.2.4646.

CVE-2022-28202 [MEDIUM] CWE-79 CVE-2022-28202: An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37 An XSS issue was discovered in MediaWiki before 1.35.6, 1.36.x before 1.36.4, and 1.37.x before 1.37.2. The widthheight, widthheightpage, and nbytes properties of messages are not escaped when used in galleries or Special:RevisionDelete.

CVE-2022-1122 [MEDIUM] CWE-665 CVE-2022-1122: A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input di A flaw was found in the opj2_decompress program in openjpeg2 2.4.0 in the way it handles an input directory with a large number of files. When it fails to allocate a buffer to store the filenames of the input directory, it calls free() on an uninitialized pointer, leading to a segmentation fault and a denial of service.

CVE-2022-26291 [MEDIUM] CWE-416 CVE-2022-26291: lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions z lrzip v0.641 was discovered to contain a multiple concurrency use-after-free between the functions zpaq_decompress_buf() and clear_rulist(). This vulnerability allows attackers to cause a Denial of Service (DoS) via a crafted Irz file.

CVE-2018-25032 [HIGH] CWE-787 CVE-2018-25032: zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.

CVE-2022-1049 [HIGH] CWE-287 CVE-2022-1049: A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired acco A flaw was found in the Pacemaker configuration tool (pcs). The pcs daemon was allowing expired accounts, and accounts with expired passwords to login when using PAM authentication. Therefore, unprivileged expired accounts that have been denied access could still login.

CVE-2022-0494 [MEDIUM] CWE-200 CVE-2022-0494: A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl. A kernel information leak flaw was identified in the scsi_ioctl function in drivers/scsi/scsi_ioctl.c in the Linux kernel. This flaw allows a local attacker with a special user privilege (CAP_SYS_ADMIN or CAP_SYS_RAWIO) to create issues with confidentiality.

CVE-2021-3933 [MEDIUM] CWE-190 CVE-2021-3933: An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 b An integer overflow could occur when OpenEXR processes a crafted file on systems where size_t < 64 bits. This could cause an invalid bytesPerLine and maxBytesPerLine value, which could lead to problems with application stability or lead to other attack paths.

CVE-2021-3582 [MEDIUM] CWE-119 CVE-2021-3582: A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs wh A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. The issue occurs while handling a "PVRDMA_CMD_CREATE_MR" command due to improper memory remapping (mremap). This flaw allows a malicious guest to crash the QEMU process on the host. The highest threat from this vulnerability is to system availability.

CVE-2021-3941 [MEDIUM] CWE-369 CVE-2021-3941: In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = ( In ImfChromaticities.cpp routine RGBtoXYZ(), there are some division operations such as `float Z = (1 - chroma.white.x - chroma.white.y) * Y / chroma.white.y;` and `chroma.green.y * (X + Z))) / d;` but the divisor is not checked for a 0 value. A specially crafted file could trigger a divide-by-zero condition which could affect the availability of prog

CVE-2021-43666 [HIGH] CWE-130 CVE-2021-43666: A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivat A Denial of Service vulnerability exists in mbed TLS 3.0.0 and earlier in the mbedtls_pkcs12_derivation function when an input password's length is 0.

CVE-2022-24769 [MEDIUM] CWE-732 CVE-2022-24769: Moby is an open-source project created by Docker to enable and accelerate software containerization. Moby is an open-source project created by Docker to enable and accelerate software containerization. A bug was found in Moby (Docker Engine) prior to version 20.10.14 where containers were incorrectly started with non-empty inheritable Linux process capabilities, creating an atypical Linux environment and enabling programs with inheritable file capa

CVE-2021-4156 [HIGH] CWE-125 CVE-2021-4156: An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is ab An out-of-bounds read flaw was found in libsndfile's FLAC codec functionality. An attacker who is able to submit a specially crafted file (via tricking a user to open or otherwise) to an application linked with libsndfile and using the FLAC codec, could trigger an out-of-bounds read that would most likely cause a crash but could potentially leak memory

CVE-2021-4197 [HIGH] CWE-287 CVE-2021-4197: An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces s An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this f

CVE-2022-27666 [HIGH] CWE-787 CVE-2022-27666: A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ip A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.

CVE-2021-44759 [HIGH] CWE-287 CVE-2021-44759: Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an at Improper Authentication vulnerability in TLS origin validation of Apache Traffic Server allows an attacker to create a man in the middle attack. This issue affects Apache Traffic Server 8.0.0 to 8.1.0.

CVE-2021-3748 [HIGH] CWE-416 CVE-2021-3748: A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the d A use-after-free vulnerability was found in the virtio-net device of QEMU. It could occur when the descriptor's address belongs to the non direct access region, due to num_buffers being set after the virtqueue elem has been unmapped. A malicious guest could use this flaw to crash QEMU, resulting in a denial of service condition, or potentially execute c