Debian Linux vulnerabilities

CVE-2021-33560 [HIGH] CWE-203 CVE-2021-33560: Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponen Libgcrypt before 1.8.8 and 1.9.x before 1.9.3 mishandles ElGamal encryption because it lacks exponent blinding to address a side-channel attack against mpi_powm, and the window size is not chosen appropriately. This, for example, affects use of ElGamal in OpenPGP.

CVE-2021-22116 [HIGH] CWE-400 CVE-2021-22116: RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper RabbitMQ all versions prior to 3.8.16 are prone to a denial of service vulnerability due to improper input validation in AMQP 1.0 client connection endpoint. A malicious user can exploit the vulnerability by sending malicious AMQP messages to the target RabbitMQ instance having the AMQP 1.0 plugin enabled.

CVE-2021-26260 [MEDIUM] CVE-2021-26260: An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in v An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR. This is a different flaw from CVE-2021-23215.

CVE-2021-3564 [MEDIUM] CWE-415 CVE-2021-3564: A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was fou A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.

CVE-2021-23215 [MEDIUM] CWE-400 CVE-2021-23215: An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in v An integer overflow leading to a heap-buffer overflow was found in the DwaCompressor of OpenEXR in versions before 3.0.1. An attacker could use this flaw to crash an application compiled with OpenEXR.

CVE-2021-22222 [HIGH] CWE-835 CVE-2021-22222: Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet Infinite loop in DVB-S2-BB dissector in Wireshark 3.4.0 to 3.4.5 allows denial of service via packet injection or crafted capture file

CVE-2017-20005 [CRITICAL] CWE-190 CVE-2017-20005: NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a fi NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered by the autoindex module.

CVE-2021-28091 [HIGH] CWE-347 CVE-2021-28091: Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature. Lasso all versions prior to 2.7.0 has improper verification of a cryptographic signature.

CVE-2021-33054 [HIGH] CWE-347 CVE-2021-33054: SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML SOGo 2.x before 2.4.1 and 3.x through 5.x before 5.1.1 does not validate the signatures of any SAML assertions it receives. Any actor with network access to the deployment could impersonate users when SAML is the authentication method. (Only versions after 2.0.5a are affected.)

CVE-2015-1877 [HIGH] CWE-77 CVE-2015-1877: The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, do The open_generic_xdg_mime function in xdg-open in xdg-utils 1.1.0 rc1 in Debian, when using dash, does not properly handle local variables, which allows remote attackers to execute arbitrary commands via a crafted file.

CVE-2018-10195 [HIGH] CWE-190 CVE-2018-10195: lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect lengt lrzsz before version 0.12.21~rc can leak information to the receiving side due to an incorrect length check in the function zsdata that causes a size_t to wrap around.

CVE-2021-3546 [HIGH] CWE-787 CVE-2021-3546: An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIO_GPU_CMD_GET_CAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on the host, resulting in a denial of service condition,

CVE-2019-12067 [MEDIUM] CWE-476 CVE-2019-12067: The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NU The ahci_commit_buf function in ide/ahci.c in QEMU allows attackers to cause a denial of service (NULL dereference) when the command header 'ad->cur_cmd' is null.

CVE-2021-3468 [MEDIUM] CWE-835 CVE-2021-3468: A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the A flaw was found in avahi in versions 0.6 up to 0.8. The event used to signal the termination of the client connection on the avahi Unix socket is not correctly handled in the client_work function, allowing a local attacker to trigger an infinite loop. The highest threat from this vulnerability is to the availability of the avahi service, which become

CVE-2021-3544 [MEDIUM] CWE-401 CVE-2021-3544: Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in vers Several memory leaks were found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory (i.e., free) after effective lifetime.

CVE-2021-3545 [MEDIUM] CWE-908 CVE-2021-3545: An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gp An information disclosure vulnerability was found in the virtio vhost-user GPU device (vhost-user-gpu) of QEMU in versions up to and including 6.0. The flaw exists in virgl_cmd_get_capset_info() in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest could exploit this issue to leak memory from the

CVE-2020-22048 [MEDIUM] CWE-401 CVE-2020-22048: A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the ff_frame_pool_get function in framepool.c.

CVE-2020-22049 [MEDIUM] CWE-401 CVE-2020-22049: A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sect A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the wtvfile_open_sector function in wtvdec.c.

CVE-2020-22054 [MEDIUM] CWE-401 CVE-2020-22054: A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set funct A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the av_dict_set function in dict.c.

CVE-2020-22046 [MEDIUM] CWE-401 CVE-2020-22046: A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_ A Denial of Service vulnerability exists in FFmpeg 4.2 due to a memory leak in the avpriv_float_dsp_allocl function in libavutil/float_dsp.c.