Debian Linux vulnerabilities

CVE-2023-52623 [MEDIUM] CWE-22 CVE-2023-52623: In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU us In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix a suspicious RCU usage warning I received the following warning while running cthon against an ontap server running pNFS: [ 57.202521] ============================= [ 57.202522] WARNING: suspicious RCU usage [ 57.202523] 6.7.0-rc3-g2cc14f52aeb7 #41492 Not tainted [ 57.

CVE-2023-52622 [MEDIUM] CWE-770 CVE-2023-52622: In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing fai In the Linux kernel, the following vulnerability has been resolved: ext4: avoid online resizing failures due to oversized flex bg When we online resize an ext4 filesystem with a oversized flexbg_size, mkfs.ext4 -F -G 67108864 $dev -b 4096 100M mount $dev $dir resize2fs $dev 16G the following WARN_ON is triggered: WARNING: CPU: 0 PID: 427 at mm/p

CVE-2024-26644 [MEDIUM] CWE-908 CVE-2024-26644: In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem w In the Linux kernel, the following vulnerability has been resolved: btrfs: don't abort filesystem when attempting to snapshot deleted subvolume If the source file descriptor to the snapshot ioctl refers to a deleted subvolume, we get the following abort: BTRFS: Transaction aborted (error -2) WARNING: CPU: 0 PID: 833 at fs/btrfs/transaction.c:1875

CVE-2024-26645 [MEDIUM] CVE-2024-26645: In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when In the Linux kernel, the following vulnerability has been resolved: tracing: Ensure visibility when inserting an element into tracing_map Running the following two commands in parallel on a multi-processor AArch64 machine can sporadically produce an unexpected warning about duplicate histogram entries: $ while true; do echo hist:key=id.syscall:val=hitcou

CVE-2024-30205 [HIGH] CWE-494 CVE-2024-30205: In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mo In Emacs before 29.3, Org mode considers contents of remote files to be trusted. This affects Org Mode before 9.6.23.

CVE-2024-30203 [MEDIUM] CVE-2024-30203: In Emacs before 29.3, Gnus treats inline MIME contents as trusted. In Emacs before 29.3, Gnus treats inline MIME contents as trusted.

CVE-2024-29025 [MEDIUM] CWE-770 CVE-2024-29025: Netty is an asynchronous event-driven network application framework for rapid development of maintai Netty is an asynchronous event-driven network application framework for rapid development of maintainable high performance protocol servers & clients. The `HttpPostRequestDecoder` can be tricked to accumulate data. While the decoder can store items on the disk if configured so, there are no limits to the number of fields the form can have, an attach

CVE-2024-30204 [LOW] CWE-276 CVE-2024-30204: In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments. In Emacs before 29.3, LaTeX preview is enabled by default for e-mail attachments.

CVE-2024-29944 [HIGH] CWE-830 CVE-2024-29944: An attacker was able to inject an event handler into a privileged object that would allow arbitrary An attacker was able to inject an event handler into a privileged object that would allow arbitrary JavaScript execution in the parent process. Note: This vulnerability affects Desktop Firefox only, it does not affect mobile versions of Firefox. This vulnerability affects Firefox < 124.0.1 and Firefox ESR < 115.9.1.

CVE-2024-28102 [MEDIUM] CWE-770 CVE-2024-28102: JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5 JWCrypto implements JWK, JWS, and JWE specifications using python-cryptography. Prior to version 1.5.6, an attacker can cause a denial of service attack by passing in a malicious JWE Token with a high compression ratio. When the server processes this token, it will consume a lot of memory and processing time. Version 1.5.6 fixes this vulnerability b

CVE-2024-26642 [MEDIUM] CVE-2024-26642: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: disallow anonymous set with timeout flag Anonymous sets are never used with timeout from userspace, reject this. Exception to this rule is NFT_SET_EVAL to ensure legacy meters still work.

CVE-2024-26643 [MEDIUM] CWE-667 CVE-2024-26643: In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_tables: mark set as dead when unbinding anonymous set with timeout While the rhashtable set gc runs asynchronously, a race allows it to collect elements from anonymous sets with timeouts while it is being released from the commit path. Mingi Cho originally reported t

CVE-2024-2607 [HIGH] CWE-123 CVE-2024-2607: Return registers were overwritten which could have allowed an attacker to execute arbitrary code. *N Return registers were overwritten which could have allowed an attacker to execute arbitrary code. *Note:* This issue only affected Armv7-A systems. Other operating systems are unaffected. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-2614 [HIGH] CWE-787 CVE-2024-2614: Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these b Memory safety bugs present in Firefox 123, Firefox ESR 115.8, and Thunderbird 115.8. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-2608 [HIGH] CWE-680 CVE-2024-2608: `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` c `AppendEncodedAttributeValue(), ExtraSpaceNeededForAttrEncoding()` and `AppendEncodedCharacters()` could have experienced integer overflows, causing underallocation of an output buffer leading to an out of bounds write. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-2611 [MEDIUM] CVE-2024-2611: A missing delay on when pointer lock was used could have allowed a malicious page to trick a user in A missing delay on when pointer lock was used could have allowed a malicious page to trick a user into granting permissions. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2024-2609 [MEDIUM] CWE-356 CVE-2024-2609: The permission prompt input delay could expire while the window is not in focus. This makes it vulne The permission prompt input delay could expire while the window is not in focus. This makes it vulnerable to clickjacking by malicious websites. This vulnerability affects Firefox < 124, Firefox ESR < 115.10, and Thunderbird < 115.10.

CVE-2023-5388 [MEDIUM] CWE-203 CVE-2023-5388: NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack coul NSS was susceptible to a timing side-channel attack when performing RSA decryption. This attack could potentially allow an attacker to recover the private data. This vulnerability affects Firefox < 124, Firefox ESR < 115.9, and Thunderbird < 115.9.

CVE-2023-52159 [HIGH] CWE-787 CVE-2023-52159: A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote at A stack-based buffer overflow vulnerability in gross 0.9.3 through 1.x before 1.0.4 allows remote attackers to trigger a denial of service (grossd daemon crash) or potentially execute arbitrary code in grossd via crafted SMTP transaction parameters that cause an incorrect strncat for a log entry.

CVE-2023-52612 [HIGH] CWE-120 CVE-2023-52612: In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst bu In the Linux kernel, the following vulnerability has been resolved: crypto: scomp - fix req->dst buffer overflow The req->dst buffer size should be checked before copying from the scomp_scratch->dst to avoid req->dst buffer overflow problem.