Debian Linux vulnerabilities

CVE-2021-4160 [MEDIUM] CVE-2021-4160: There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are There is a carry propagation bug in the MIPS32 and MIPS64 squaring procedure. Many EC algorithms are affected, including some of the TLS 1.3 default curves. Impact was not analyzed in detail, because the pre-requisites for attack are considered unlikely and include reusing private keys. Analysis suggests that attacks against RSA and DSA as a result of this de

CVE-2022-21723 [CRITICAL] CWE-125 CVE-2022-21723: PJSIP is a free and open source multimedia communication library written in C language implementing PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In versions 2.11.1 and prior, parsing an incoming SIP message that contains a malformed multipart can potentially cause out-of-bound read access. This issue affects all PJSIP users

CVE-2022-21722 [CRITICAL] CWE-125 CVE-2022-21722: PJSIP is a free and open source multimedia communication library written in C language implementing PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In version 2.11.1 and prior, there are various cases where it is possible that certain incoming RTP/RTCP packets can potentially cause out-of-bound read access. This issue affects a

CVE-2022-23181 [HIGH] CVE-2022-23181: The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomc The fix for bug CVE-2020-9484 introduced a time of check, time of use vulnerability into Apache Tomcat 10.1.0-M1 to 10.1.0-M8, 10.0.0-M5 to 10.0.14, 9.0.35 to 9.0.56 and 8.5.55 to 8.5.73 that allowed a local attacker to perform actions with the privileges of the user that the Tomcat process is using. This issue is only exploitable when Tomcat is configured to

CVE-2022-23959 [CRITICAL] CWE-444 CVE-2022-23959: In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Var In Varnish Cache before 6.6.2 and 7.x before 7.0.2, Varnish Cache 6.0 LTS before 6.0.10, and and Varnish Enterprise (Cache Plus) 4.1.x before 4.1.11r6 and 6.0.x before 6.0.9r4, request smuggling can occur for HTTP/1 connections.

CVE-2022-0368 [HIGH] CWE-125 CVE-2022-0368: Out-of-bounds Read in GitHub repository vim/vim prior to 8.2. Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

CVE-2022-0359 [HIGH] CWE-122 CVE-2022-0359: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

CVE-2021-22600 [HIGH] CWE-415 CVE-2021-22600: A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user th A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service. We recommend upgrading kernel past the effected versions or rebuilding past ec6af094ea28f0f2dda1a6a33b14cd57e36a9755

CVE-2022-0361 [HIGH] CWE-122 CVE-2022-0361: Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2. Heap-based Buffer Overflow in GitHub repository vim/vim prior to 8.2.

CVE-2022-23990 [HIGH] CWE-190 CVE-2022-23990: Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function. Expat (aka libexpat) before 2.4.4 has an integer overflow in the doProlog function.

CVE-2021-22570 [MEDIUM] CWE-476 CVE-2021-22570: Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, Nullptr dereference when a null char is present in a proto symbol. The symbol is parsed incorrectly, leading to an unchecked call into the proto file's name during generation of the resulting error message. Since the symbol is incorrectly parsed, the file is nullptr. We recommend upgrading to version 3.15.0 or greater.

CVE-2021-3850 [CRITICAL] CWE-305 CVE-2021-3850: Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21. Authentication Bypass by Primary Weakness in GitHub repository adodb/adodb prior to 5.20.21.

CVE-2021-45341 [HIGH] CWE-120 CVE-2021-45341: A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older A buffer overflow vulnerability in CDataMoji of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.

CVE-2021-45342 [HIGH] CWE-120 CVE-2021-45342: A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older A buffer overflow vulnerability in CDataList of the jwwlib component of LibreCAD 2.2.0-rc3 and older allows an attacker to achieve Remote Code Execution using a crafted JWW document.

CVE-2021-45845 [HIGH] CWE-78 CVE-2021-45845: The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an atta The Path Sanity Check script of FreeCAD 0.19 is vulnerable to OS command injection, allowing an attacker to execute arbitrary commands via a crafted FCStd document.

CVE-2022-23033 [HIGH] CWE-404 CVE-2022-23033: arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more ent arm: guest_physmap_remove_page not removing the p2m mappings The functions to remove one or more entries from a guest p2m pagetable on Arm (p2m_remove_mapping, guest_physmap_remove_page, and p2m_set_entry with mfn set to INVALID_MFN) do not actually clear the pagetable entry if the entry doesn't have the valid bit set. It is possible to have a valid p

CVE-2021-45844 [HIGH] CWE-78 CVE-2021-45844: Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker t Improper sanitization in the invocation of ODA File Converter from FreeCAD 0.19 allows an attacker to inject OS commands via a crafted filename.

CVE-2022-0351 [HIGH] CWE-786 CVE-2022-0351: Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2. Access of Memory Location Before Start of Buffer in GitHub repository vim/vim prior to 8.2.

CVE-2022-23034 [MEDIUM] CWE-191 CVE-2022-23034: A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduc A PV guest could DoS Xen while unmapping a grant To address XSA-380, reference counting was introduced for grant mappings for the case where a PV guest would have the IOMMU enabled. PV guests can request two forms of mappings. When both are in use for any individual mapping, unmapping of such a mapping can be requested in two steps. The reference co

CVE-2021-45343 [MEDIUM] CWE-476 CVE-2021-45343: In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker t In LibreCAD 2.2.0, a NULL pointer dereference in the HATCH handling of libdxfrw allows an attacker to crash the application using a crafted DXF document.