Debian Linux vulnerabilities

CVE-2021-26676 [MEDIUM] CVE-2021-26676: gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack inf gdhcp in ConnMan before 1.39 could be used by network-adjacent attackers to leak sensitive stack information, allowing further exploitation of bugs in gdhcp.

CVE-2021-26910 [HIGH] CWE-367 CVE-2021-26910: Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a Firejail before 0.9.64.4 allows attackers to bypass intended access restrictions because there is a TOCTOU race condition between a stat operation and an OverlayFS mount operation.

CVE-2021-21290 [MEDIUM] CWE-378 CVE-2021-21290: Netty is an open-source, asynchronous event-driven network application framework for rapid developme Netty is an open-source, asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. In Netty before version 4.1.59.Final there is a vulnerability on Unix-like systems involving an insecure temp file. When netty's multipart decoders are used local information disclosure c

CVE-2021-20176 [MEDIUM] CWE-369 CVE-2021-20176: A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an A divide-by-zero flaw was found in ImageMagick 6.9.11-57 and 7.0.10-57 in gem.c. This flaw allows an attacker who submits a crafted file that is processed by ImageMagick to trigger undefined behavior through a division by zero. The highest threat from this vulnerability is to system availability.

CVE-2021-21289 [HIGH] CWE-78 CVE-2021-21289: Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize fro Mechanize is an open-source ruby library that makes automated web interaction easy. In Mechanize from version 2.0.0 and before version 2.7.7 there is a command injection vulnerability. Affected versions of mechanize allow for OS commands to be injected using several classes' methods which implicitly use Ruby's Kernel.open method. Exploitation is possib

CVE-2021-21284 [MEDIUM] CWE-22 CVE-2021-21284: In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap opt In Docker before versions 9.03.15, 20.10.3 there is a vulnerability involving the --userns-remap option in which access to remapped root allows privilege escalation to real root. When using "--userns-remap", if the root user in the remapped namespace has access to the host filesystem they can modify files under "/var/lib/docker/" that cause writing f

CVE-2021-21285 [MEDIUM] CWE-400 CVE-2021-21285: In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionall In Docker before versions 9.03.15, 20.10.3 there is a vulnerability in which pulling an intentionally malformed Docker image manifest crashes the dockerd daemon. Versions 20.10.3 and 19.03.15 contain patches that prevent the daemon from crashing.

CVE-2021-3348 [HIGH] CWE-362 CVE-2021-3348: nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-af nbd_add_socket in drivers/block/nbd.c in the Linux kernel through 5.10.12 has an ndb_queue_rq use-after-free that could be triggered by local attackers (with access to the nbd device) via an I/O request at a certain point during device setup, aka CID-b98e762e3d71.

CVE-2020-17380 [MEDIUM] CWE-787 CVE-2020-17380: A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. A heap-based buffer overflow was found in QEMU through 5.0.0 in the SDHCI device emulation support. It could occur while doing a multi block SDMA transfer via the sdhci_sdma_transfer_multi_blocks() routine in hw/sd/sdhci.c. A guest user or process could use this flaw to crash the QEMU process on the host, resulting in a denial of service condition, o

CVE-2021-3347 [HIGH] CWE-416 CVE-2021-3347: An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-afte An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

CVE-2021-26117 [HIGH] CWE-287 CVE-2021-26117: The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server The optional ActiveMQ LDAP login module can be configured to use anonymous access to the LDAP server. In this case, for Apache ActiveMQ Artemis prior to version 2.16.0 and Apache ActiveMQ prior to versions 5.16.1 and 5.15.14, the anonymous context is used to verify a valid users password in error, resulting in no check on the password.

CVE-2021-3326 [HIGH] CWE-617 CVE-2021-3326: The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing inval The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid input sequences in the ISO-2022-JP-3 encoding, fails an assertion in the code path and aborts the program, potentially resulting in a denial of service.

CVE-2020-36227 [HIGH] CWE-835 CVE-2020-36227: A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel A flaw was discovered in OpenLDAP before 2.4.57 leading to an infinite loop in slapd with the cancel_extop Cancel operation, resulting in denial of service.

CVE-2020-36230 [HIGH] CWE-617 CVE-2020-36230: A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.50 A flaw was discovered in OpenLDAP before 2.4.57 leading in an assertion failure in slapd in the X.509 DN parsing in decode.c ber_next_element, resulting in denial of service.

CVE-2020-36223 [HIGH] CWE-125 CVE-2020-36223: A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter A flaw was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Values Return Filter control handling, resulting in denial of service (double free and out-of-bounds read).

CVE-2021-3156 [HIGH] CWE-193 CVE-2021-3156: Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, wh Sudo before 1.9.5p2 contains an off-by-one error that can result in a heap-based buffer overflow, which allows privilege escalation to root via "sudoedit -s" and a command-line argument that ends with a single backslash character.

CVE-2020-27814 [HIGH] CWE-122 CVE-2020-27814: A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker A heap-buffer overflow was found in the way openjpeg2 handled certain PNG format files. An attacker could use this flaw to cause an application crash or in some cases execute arbitrary code with the permission of the user running such an application.

CVE-2020-36228 [HIGH] CWE-191 CVE-2020-36228: An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certif An integer underflow was discovered in OpenLDAP before 2.4.57 leading to a slapd crash in the Certificate List Exact Assertion processing, resulting in denial of service.

CVE-2020-36225 [HIGH] CWE-415 CVE-2020-36225: A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the sasl A flaw was discovered in OpenLDAP before 2.4.57 leading to a double free and slapd crash in the saslAuthzTo processing, resulting in denial of service.

CVE-2020-36229 [HIGH] CWE-843 CVE-2020-36229: A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X. A flaw was discovered in ldap_X509dn2bv in OpenLDAP before 2.4.57 leading to a slapd crash in the X.509 DN parsing in ad_keystring, resulting in denial of service.