Debian Linux vulnerabilities

CVE-2021-41229 [MEDIUM] CWE-400 CVE-2021-41229: BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cs BlueZ is a Bluetooth protocol stack for Linux. In affected versions a vulnerability exists in sdp_cstate_alloc_buf which allocates memory which will always be hung in the singly linked list of cstates and will not be freed. This will cause a memory leak over time. The data can be a very large object, which can be caused by an attacker continuously s

CVE-2021-43332 [MEDIUM] CWE-522 CVE-2021-43332: In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypt In GNU Mailman before 2.1.36, the CSRF token for the Cgi/admindb.py admindb page contains an encrypted version of the list admin password. This could potentially be cracked by a moderator via an offline brute-force attack.

CVE-2021-43331 [MEDIUM] CWE-79 CVE-2021-43331: In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbi In GNU Mailman before 2.1.36, a crafted URL to the Cgi/options.py user options page can execute arbitrary JavaScript for XSS.

CVE-2021-3907 [CRITICAL] CWE-20 CVE-2021-3907: OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a OctoRPKI does not escape a URI with a filename containing "..", this allows a repository to create a file, (ex. rsync://example.org/repo/../../etc/cron.daily/evil.roa), which would then be written to disk outside the base cache folder. This could allow for remote code execution on the host machine OctoRPKI is running on.

CVE-2021-3908 [HIGH] CWE-400 CVE-2021-3908: OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an OctoRPKI does not limit the depth of a certificate chain, allowing for a CA to create children in an ad-hoc fashion, thereby making tree traversal never end.

CVE-2021-3910 [HIGH] CWE-20 CVE-2021-3910: OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0 OctoRPKI crashes when encountering a repository that returns an invalid ROA (just an encoded NUL (\0) character).

CVE-2021-3909 [HIGH] CWE-400 CVE-2021-3909: OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take plac OctoRPKI does not limit the length of a connection, allowing for a slowloris DOS attack to take place which makes OctoRPKI wait forever. Specifically, the repository that OctoRPKI sends HTTP requests to will keep the connection open for a day before a response is returned, but does keep drip feeding new bytes to keep the connection alive.

CVE-2021-3912 [MEDIUM] CWE-400 CVE-2021-3912: OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb OctoRPKI tries to load the entire contents of a repository in memory, and in the case of a GZIP bomb, unzip it in memory, making it possible to create a repository that makes OctoRPKI run out of memory (and thus crash).

CVE-2021-3911 [MEDIUM] CWE-20 CVE-2021-3911: If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will cr If the ROA that a repository returns contains too many bits for the IP address then OctoRPKI will crash.

CVE-2021-43173 [HIGH] CWE-755 CVE-2021-43173: In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP r In NLnet Labs Routinator prior to 0.10.2, a validation run can be delayed significantly by an RRDP repository by not answering but slowly drip-feeding bytes to keep the connection alive. This can be used to effectively stall validation. While Routinator has a configurable time-out value for RRDP connections, this time-out was only applied to individua

CVE-2021-43114 [HIGH] CVE-2021-43114: FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. T FORT Validator versions prior to 1.5.2 will crash if an RPKI CA publishes an X.509 EE certificate. This will lead to RTR clients such as BGP routers to lose access to the RPKI VRP data set, effectively disabling Route Origin Validation.

CVE-2021-43174 [HIGH] CWE-1325 CVE-2021-43174: NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding NLnet Labs Routinator versions 0.9.0 up to and including 0.10.1, support the gzip transfer encoding when querying RRDP repositories. This encoding can be used by an RRDP repository to cause an out-of-memory crash in these versions of Routinator. RRDP uses XML which allows arbitrary amounts of white space in the encoded data. The gzip scheme compresses

CVE-2021-41771 [HIGH] CWE-119 CVE-2021-41771: ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 A ImportedSymbols in debug/macho (for Open or OpenFat) in Go before 1.16.10 and 1.17.x before 1.17.3 Accesses a Memory Location After the End of a Buffer, aka an out-of-bounds slice situation.

CVE-2021-35368 [CRITICAL] CVE-2021-35368: OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is af OWASP ModSecurity Core Rule Set 3.1.x before 3.1.2, 3.2.x before 3.2.1, and 3.3.x before 3.3.2 is affected by a Request Body Bypass via a trailing pathname.

CVE-2021-3928 [HIGH] CWE-457 CVE-2021-3928: vim is vulnerable to Use of Uninitialized Variable vim is vulnerable to Use of Uninitialized Variable

CVE-2021-43400 [CRITICAL] CWE-416 CVE-2021-43400: An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client d An issue was discovered in gatt-database.c in BlueZ 5.61. A use-after-free can occur when a client disconnects during D-Bus processing of a WriteValue call.

CVE-2021-43389 [MEDIUM] CWE-125 CVE-2021-43389: An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds fl An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

CVE-2021-38161 [HIGH] CWE-287 CVE-2021-38161: Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for Improper Authentication vulnerability in TLS origin verification of Apache Traffic Server allows for man in the middle attacks. This issue affects Apache Traffic Server 8.0.0 to 8.0.8.

CVE-2021-38500 [HIGH] CVE-2021-38500: Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of t Mozilla developers reported memory safety bugs present in Firefox 92 and Firefox ESR 91.1. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and

CVE-2021-38496 [HIGH] CWE-416 CVE-2021-38496: During operations on MessageTasks, a task may have been removed while it was still scheduled, result During operations on MessageTasks, a task may have been removed while it was still scheduled, resulting in memory corruption and a potentially exploitable crash. This vulnerability affects Thunderbird < 78.15, Thunderbird < 91.2, Firefox ESR < 91.2, Firefox ESR < 78.15, and Firefox < 93.