Debian Linux vulnerabilities

CVE-2020-24587 [LOW] CWE-327 CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically

CVE-2020-24586 [LOW] CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary

CVE-2020-24588 [LOW] CWE-327 CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary

CVE-2021-32399 [HIGH] CWE-362 CVE-2021-32399: net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of t net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.

CVE-2021-20204 [CRITICAL] CWE-119 CVE-2021-20204: A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when proces A heap memory corruption problem (use after free) can be triggered in libgetdata v0.10.0 when processing maliciously crafted dirfile databases. This degrades the confidentiality, integrity and availability of third-party software that uses libgetdata as a library. This vulnerability may lead to arbitrary code execution or privilege escalation depe

CVE-2021-31829 [MEDIUM] CWE-863 CVE-2021-31829: kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, lea kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive

CVE-2021-3507 [MEDIUM] CWE-119 CVE-2021-3507: A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It cou A heap buffer overflow was found in the floppy disk emulator of QEMU up to 6.0.0 (including). It could occur in fdctrl_transfer_handler() in hw/block/fdc.c while processing DMA read data transfers from the floppy drive to the guest system. A privileged guest user could use this flaw to crash the QEMU process on the host resulting in DoS scenario, or p

CVE-2021-31916 [MEDIUM] CWE-787 CVE-2021-31916: An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the M An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information.

CVE-2021-31542 [HIGH] CWE-22 CVE-2021-31542: In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, In Django 2.2 before 2.2.21, 3.1 before 3.1.9, and 3.2 before 3.2.1, MultiPartParser, UploadedFile, and FieldFile allowed directory traversal via uploaded files with suitably crafted file names.

CVE-2021-20254 [MEDIUM] CWE-125 CVE-2021-20254: A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into A flaw was found in samba. The Samba smbd file server must map Windows group identities (SIDs) into unix group ids (gids). The code that performs this had a flaw that could allow it to read data beyond the end of the array in the case where a negative cache entry had been added to the mapping cache. This could cause the calling code to return those v

CVE-2021-31870 [CRITICAL] CWE-190 CVE-2021-31870: An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in An issue was discovered in klibc before 2.0.9. Multiplication in the calloc() function may result in an integer overflow and a subsequent heap buffer overflow.

CVE-2021-31873 [CRITICAL] CWE-190 CVE-2021-31873: An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an i An issue was discovered in klibc before 2.0.9. Additions in the malloc() function may result in an integer overflow and a subsequent heap buffer overflow.

CVE-2021-31872 [CRITICAL] CWE-190 CVE-2021-31872: An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio comma An issue was discovered in klibc before 2.0.9. Multiple possible integer overflows in the cpio command on 32-bit systems may result in a buffer overflow or other security impact.

CVE-2021-21232 [HIGH] CWE-416 CVE-2021-21232: Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to pote Use after free in Dev Tools in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21227 [HIGH] CWE-787 CVE-2021-21227: Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21233 [HIGH] CWE-787 CVE-2021-21233: Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote att Heap buffer overflow in ANGLE in Google Chrome on Windows prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21230 [HIGH] CWE-843 CVE-2021-21230: Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially Type confusion in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-31871 [HIGH] CWE-190 CVE-2021-31871: An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in An issue was discovered in klibc before 2.0.9. An integer overflow in the cpio command may result in a NULL pointer dereference on 64-bit systems.

CVE-2021-21231 [HIGH] CWE-787 CVE-2021-21231: Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker Insufficient data validation in V8 in Google Chrome prior to 90.0.4430.93 allowed a remote attacker to potentially exploit heap corruption via a crafted HTML page.

CVE-2021-21229 [MEDIUM] CWE-346 CVE-2021-21229: Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remot Incorrect security UI in downloads in Google Chrome on Android prior to 90.0.4430.93 allowed a remote attacker to perform domain spoofing via a crafted HTML page.