Debian Linux vulnerabilities

CVE-2021-28694 [MEDIUM] CVE-2021-28694: IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text exp IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these a

CVE-2021-28695 [MEDIUM] CVE-2021-28695: IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text exp IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these a

CVE-2021-28699 [MEDIUM] CVE-2021-28699: inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant at inadequate grant-v2 status frames array bounds check The v2 grant table interface separates grant attributes from grant status. That is, when operating in this mode, a guest has two tables. As a result, guests also need to be able to retrieve the addresses that the new status tracking table can be accessed through. For 32-bit guests on x86, translation of r

CVE-2021-28696 [MEDIUM] CVE-2021-28696: IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text exp IOMMU page mapping issues on x86 T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Both AMD and Intel allow ACPI tables to specify regions of memory which should be left untranslated, which typically means these addresses should pass the translation phase unaltered. While these a

CVE-2021-21850 [HIGH] CWE-680 CVE-2021-21850: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “trun” FOURCC code due to unchecked arithmetic resulting in a heap-based buffer overflow that

CVE-2021-21840 [HIGH] CWE-680 CVE-2021-21840: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input used to process an atom using the “saio” FOURCC code cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory co

CVE-2021-21841 [HIGH] CWE-680 CVE-2021-21841: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when reading an atom using the 'sbgp' FOURCC code can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory c

CVE-2021-3713 [HIGH] CWE-787 CVE-2021-3713: An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in ver An out-of-bounds write flaw was found in the UAS (USB Attached SCSI) device emulation of QEMU in versions prior to 6.2.0-rc0. The device uses the guest supplied stream number unchecked, which can lead to out-of-bounds access to the UASDevice->data3 and UASDevice->status3 fields. A malicious guest user could use this flaw to crash QEMU or potentially ach

CVE-2021-21842 [HIGH] CWE-680 CVE-2021-21842: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when processing an atom using the 'ssix' FOURCC code, due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memo

CVE-2021-21849 [HIGH] CWE-680 CVE-2021-21849: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input can cause an integer overflow when the library encounters an atom using the “tfra” FOURCC code due to unchecked arithmetic resulting in a heap-based buffer overflow that

CVE-2021-21834 [HIGH] CWE-680 CVE-2021-21834: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input when decoding the atom for the “co64” FOURCC can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corrup

CVE-2021-21836 [HIGH] CWE-680 CVE-2021-21836: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. A specially crafted MPEG-4 input using the “ctts” FOURCC code can cause an integer overflow due to unchecked arithmetic resulting in a heap-based buffer overflow that causes memory corruption. An attacke

CVE-2021-21848 [HIGH] CWE-680 CVE-2021-21848: An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the An exploitable integer overflow vulnerability exists within the MPEG-4 decoding functionality of the GPAC Project on Advanced Content library v1.0.1. The library will actually reuse the parser for atoms with the “stsz” FOURCC code when parsing atoms that use the “stz2” FOURCC code and can cause an integer overflow due to unchecked arithmetic resulting

CVE-2021-3605 [MEDIUM] CWE-119 CVE-2021-3605: There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who There's a flaw in OpenEXR's rleUncompress functionality in versions prior to 3.0.5. An attacker who is able to submit a crafted file to an application linked with OpenEXR could cause an out-of-bounds read. The greatest risk from this flaw is to application availability.

CVE-2021-3711 [CRITICAL] CWE-120 CVE-2021-3711: In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_ In order to decrypt SM2 encrypted data an application is expected to call the API function EVP_PKEY_decrypt(). Typically an application will call this function twice. The first time, on entry, the "out" parameter can be NULL and, on exit, the "outlen" parameter is populated with the buffer size required to hold the decrypted plaintext. The applicati

CVE-2021-30953 [HIGH] CWE-125 CVE-2021-30953: An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, An out-of-bounds read was addressed with improved bounds checking. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2021-3712 [HIGH] CWE-125 CVE-2021-3712: ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a ASN.1 strings are represented internally within OpenSSL as an ASN1_STRING structure which contains a buffer holding the string data and a field holding the buffer length. This contrasts with normal C strings which are repesented as a buffer for the string data which is terminated with a NUL (0) byte. Although not a strict requirement, ASN.1 strings that

CVE-2021-30984 [HIGH] CWE-362 CVE-2021-30984: A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS A race condition was addressed with improved state handling. This issue is fixed in tvOS 15.2, macOS Monterey 12.1, Safari 15.2, iOS 15.2 and iPadOS 15.2, watchOS 8.3. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2021-30851 [HIGH] CWE-787 CVE-2021-30851: A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari A memory corruption vulnerability was addressed with improved locking. This issue is fixed in Safari 15, tvOS 15, watchOS 8, iOS 15 and iPadOS 15. Processing maliciously crafted web content may lead to code execution.

CVE-2021-38714 [HIGH] CWE-190 CVE-2021-38714: In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code In Plib through 1.85, there is an integer overflow vulnerability that could result in arbitrary code execution. The vulnerability is found in ssgLoadTGA() function in src/ssg/ssgLoadTGA.cxx file.