Debian Linux vulnerabilities

CVE-2021-1844 [HIGH] CWE-787 CVE-2021-1844: A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 A memory corruption issue was addressed with improved validation. This issue is fixed in iOS 14.4.1 and iPadOS 14.4.1, Safari 14.0.3 (v. 14610.4.3.1.7 and 15610.4.3.1.7), watchOS 7.3.2, macOS Big Sur 11.2.3. Processing maliciously crafted web content may lead to arbitrary code execution.

CVE-2021-30002 [MEDIUM] CWE-401 CVE-2021-30002: An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercop An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.

CVE-2020-10001 [MEDIUM] CWE-20 CVE-2020-10001: An input validation issue was addressed with improved memory handling. This issue is fixed in macOS An input validation issue was addressed with improved memory handling. This issue is fixed in macOS Big Sur 11.1, Security Update 2020-001 Catalina, Security Update 2020-007 Mojave. A malicious application may be able to read restricted memory.

CVE-2021-20296 [MEDIUM] CWE-476 CVE-2021-20296: A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attac A flaw was found in OpenEXR in versions before 3.0.0-beta. A crafted input file supplied by an attacker, that is processed by the Dwa decompression functionality of OpenEXR's IlmImf library, could cause a NULL pointer dereference. The highest threat from this vulnerability is to system availability.

CVE-2021-22876 [MEDIUM] CWE-359 CVE-2021-22876: curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to curl 7.1.1 to and including 7.75.0 is vulnerable to an "Exposure of Private Personal Information to an Unauthorized Actor" by leaking credentials in the HTTP Referer: header. libcurl does not strip off user credentials from the URL when automatically populating the Referer: HTTP request header field in outgoing HTTP requests, and therefore risks leak

CVE-2021-22890 [LOW] CWE-300 CVE-2021-22890: curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MI curl 7.63.0 to and including 7.75.0 includes vulnerability that allows a malicious HTTPS proxy to MITM a connection due to bad handling of TLS 1.3 session tickets. When using a HTTPS proxy and TLS 1.3, libcurl can confuse session tickets arriving from the HTTPS proxy but work as if they arrived from the remote server and then wrongly "short-cut" the ho

CVE-2021-3478 [MEDIUM] CWE-400 CVE-2021-3478: There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An atta There's a flaw in OpenEXR's scanline input file functionality in versions before 3.0.0-beta. An attacker able to submit a crafted file to be processed by OpenEXR could consume excessive system memory. The greatest impact of this flaw is to system availability.

CVE-2021-3479 [MEDIUM] CWE-400 CVE-2021-3479: There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker wh There's a flaw in OpenEXR's Scanline API functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger excessive consumption of memory, resulting in an impact to system availability.

CVE-2021-3477 [MEDIUM] CWE-190 CVE-2021-3477: There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An att There's a flaw in OpenEXR's deep tile sample size calculations in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to be processed by OpenEXR could trigger an integer overflow, subsequently leading to an out-of-bounds read. The greatest risk of this flaw is to application availability.

CVE-2021-29376 [HIGH] CVE-2021-29376: ircII before 20210314 allows remote attackers to cause a denial of service (segmentation fault and c ircII before 20210314 allows remote attackers to cause a denial of service (segmentation fault and client crash, disconnecting the victim from an IRC server) via a crafted CTCP UTC message.

CVE-2021-29647 [MEDIUM] CWE-909 CVE-2021-29647: An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows a An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.

CVE-2021-3474 [MEDIUM] CWE-190 CVE-2021-3474: There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by O There's a flaw in OpenEXR in versions before 3.0.0-beta. A crafted input file that is processed by OpenEXR could cause a shift overflow in the FastHufDecoder, potentially leading to problems with application availability.

CVE-2021-3475 [MEDIUM] CWE-190 CVE-2021-3475: There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file There is a flaw in OpenEXR in versions before 3.0.0-beta. An attacker who can submit a crafted file to be processed by OpenEXR could cause an integer overflow, potentially leading to problems with application availability.

CVE-2021-21409 [MEDIUM] CWE-444 CVE-2021-21409: Netty is an open-source, asynchronous event-driven network application framework for rapid developme Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty (io.netty:netty-codec-http2) before version 4.1.61.Final there is a vulnerability that enables request smuggling. The content-length header is not correctly validated if the requ

CVE-2021-3476 [MEDIUM] CWE-190 CVE-2021-3476: A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An atta A flaw was found in OpenEXR's B44 uncompression functionality in versions before 3.0.0-beta. An attacker who is able to submit a crafted file to OpenEXR could trigger shift overflows, potentially affecting application availability.

CVE-2021-29650 [MEDIUM] CVE-2021-29650: An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.

CVE-2021-23358 [HIGH] CWE-94 CVE-2021-23358: The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerabl The package underscore from 1.13.0-0 and before 1.13.0-2, from 1.3.2 and before 1.12.1 are vulnerable to Arbitrary Code Injection via the template function, particularly when a variable property is passed as an argument as it is not sanitized.

CVE-2021-29264 [MEDIUM] CVE-2021-29264: An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar. An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.

CVE-2021-29265 [MEDIUM] CWE-362 CVE-2021-29265: An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/s An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70.

CVE-2020-1946 [CRITICAL] CWE-78 CVE-2020-1946: In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to r In Apache SpamAssassin before 3.4.5, malicious rule configuration (.cf) files can be configured to run system commands without any output or errors. With this, exploits can be injected in a number of scenarios. In addition to upgrading to SA version 3.4.5, users should only use update channels or 3rd party .cf files from trusted places.