Debian Linux vulnerabilities

CVE-2021-38012 [HIGH] CWE-843 CVE-2021-38012: Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially Type confusion in V8 in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-4065 [HIGH] CWE-416 CVE-2021-4065: Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to poten Use after free in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-38020 [MEDIUM] CVE-2021-38020: Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 Insufficient policy enforcement in contacts picker in Google Chrome on Android prior to 96.0.4664.45 allowed a remote attacker to spoof the contents of the Omnibox (URL bar) via a crafted HTML page.

CVE-2021-38021 [MEDIUM] CVE-2021-38021: Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote att Inappropriate implementation in referrer in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to bypass navigation restrictions via a crafted HTML page.

CVE-2021-4068 [MEDIUM] CWE-116 CVE-2021-4068: Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote Insufficient data validation in new tab page in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2021-38019 [MEDIUM] CWE-670 CVE-2021-38019: Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote atta Insufficient policy enforcement in CORS in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2021-4054 [MEDIUM] CVE-2021-4054: Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker t Incorrect security UI in autofill in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

CVE-2021-38022 [MEDIUM] CVE-2021-38022: Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a r Inappropriate implementation in WebAuthentication in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2021-38018 [MEDIUM] CVE-2021-38018: Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote a Inappropriate implementation in navigation in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to perform domain spoofing via a crafted HTML page.

CVE-2021-38010 [MEDIUM] CVE-2021-38010: Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a rem Inappropriate implementation in service workers in Google Chrome prior to 96.0.4664.45 allowed a remote attacker who had compromised the renderer process to bypass site isolation via a crafted HTML page.

CVE-2021-4059 [MEDIUM] CWE-20 CVE-2021-4059: Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attac Insufficient data validation in loader in Google Chrome prior to 96.0.4664.93 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2021-38009 [MEDIUM] CWE-203 CVE-2021-38009: Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attack Inappropriate implementation in cache in Google Chrome prior to 96.0.4664.45 allowed a remote attacker to leak cross-origin data via a crafted HTML page.

CVE-2021-40394 [CRITICAL] CWE-787 CVE-2021-40394: An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functio An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-40393 [CRITICAL] CWE-119 CVE-2021-40393: An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functio An out-of-bounds write vulnerability exists in the RS-274X aperture macro variables handling functionality of Gerbv 2.7.0 and dev (commit b5f1eacd) and the forked version of Gerbv (commit 71493260). A specially-crafted gerber file can lead to code execution. An attacker can provide a malicious file to trigger this vulnerability.

CVE-2021-37706 [CRITICAL] CWE-191 CVE-2021-37706: PJSIP is a free and open source multimedia communication library written in C language implementing PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming STUN message contains an ERROR-CODE attribute, the header length is not checked before performing a subtraction operation, potentially resulting

CVE-2021-44733 [HIGH] CWE-362 CVE-2021-44733: A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5. A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.

CVE-2021-43804 [HIGH] CWE-125 CVE-2021-43804: PJSIP is a free and open source multimedia communication library written in C language implementing PJSIP is a free and open source multimedia communication library written in C language implementing standard based protocols such as SIP, SDP, RTP, STUN, TURN, and ICE. In affected versions if the incoming RTCP BYE message contains a reason's length, this declared length is not checked against the actual received packet size, potentially resulting in a

CVE-2021-44790 [CRITICAL] CWE-787 CVE-2021-44790: A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:pars A carefully crafted request body can cause a buffer overflow in the mod_lua multipart parser (r:parsebody() called from Lua scripts). The Apache httpd team is not aware of an exploit for the vulnerabilty though it might be possible to craft one. This issue affects Apache HTTP Server 2.4.51 and earlier.

CVE-2021-44732 [CRITICAL] CWE-415 CVE-2021-44732: Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an m Mbed TLS before 3.0.1 has a double free in certain out-of-memory conditions, as demonstrated by an mbedtls_ssl_set_session() failure.

CVE-2021-44224 [HIGH] CWE-476 CVE-2021-44224: A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL A crafted URI sent to httpd configured as a forward proxy (ProxyRequests on) can cause a crash (NULL pointer dereference) or, for configurations mixing forward and reverse proxy declarations, can allow for requests to be directed to a declared Unix Domain Socket endpoint (Server Side Request Forgery). This issue affects Apache HTTP Server 2.4.7 up to