Debian Linux vulnerabilities

CVE-2024-0750 [HIGH] CWE-451 CVE-2024-0750: A bug in popup notifications delay calculation could have made it possible for an attacker to trick A bug in popup notifications delay calculation could have made it possible for an attacker to trick a user into granting permissions. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2024-0751 [HIGH] CWE-269 CVE-2024-0751: A malicious devtools extension could have been used to escalate privileges. This vulnerability affec A malicious devtools extension could have been used to escalate privileges. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2024-0755 [HIGH] CWE-94 CVE-2024-0755: Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these b Memory safety bugs present in Firefox 121, Firefox ESR 115.6, and Thunderbird 115.6. Some of these bugs showed evidence of memory corruption and we presume that with enough effort some of these could have been exploited to run arbitrary code. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2024-0749 [MEDIUM] CWE-346 CVE-2024-0749: A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect A phishing site could have repurposed an `about:` dialog to show phishing content with an incorrect origin in the address bar. This vulnerability affects Firefox < 122 and Thunderbird < 115.7.

CVE-2024-0747 [MEDIUM] CWE-693 CVE-2024-0747: When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Pol When a parent page loaded a child in an iframe with `unsafe-inline`, the parent Content Security Policy could have overridden the child Content Security Policy. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2024-0742 [MEDIUM] CVE-2024-0742: It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally It was possible for certain browser prompts and dialogs to be activated or dismissed unintentionally by the user due to an incorrect timestamp used to prevent input after page load. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2024-0753 [MEDIUM] CVE-2024-0753: In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerabil In specific HSTS configurations an attacker could have bypassed HSTS on a subdomain. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2024-0741 [MEDIUM] CWE-787 CVE-2024-0741: An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potent An out of bounds write in ANGLE could have allowed an attacker to corrupt memory leading to a potentially exploitable crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2024-0746 [MEDIUM] CWE-416 CVE-2024-0746: A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerabi A Linux user opening the print preview dialog could have caused the browser to crash. This vulnerability affects Firefox < 122, Firefox ESR < 115.7, and Thunderbird < 115.7.

CVE-2023-50447 [HIGH] CVE-2023-50447: Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment paramet Pillow through 10.1.0 allows PIL.ImageMath.eval Arbitrary Code Execution via the environment parameter, a different vulnerability than CVE-2022-22817 (which was about the expression parameter).

CVE-2023-6816 [CRITICAL] CWE-787 CVE-2023-6816: A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit f A flaw was found in X.Org server. Both DeviceFocusEvent and the XIQueryPointer reply contain a bit for each logical button currently down. Buttons can be arbitrarily mapped to any value up to 255, but the X.Org Server was only allocating space for the device's particular number of buttons, leading to a heap overflow if a bigger value was used.

CVE-2024-20952 [HIGH] CWE-284 CVE-2024-20952: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Security). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Diffi

CVE-2024-20918 [HIGH] CWE-284 CVE-2024-20918: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Hotspot). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21, 17.0.9, 21.0.1; Oracle GraalVM for JDK: 17.0.9, 21.0.1; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Diffic

CVE-2024-0567 [HIGH] CWE-347 CVE-2024-0567: A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain A vulnerability was found in GnuTLS, where a cockpit (which uses gnuTLS) rejects a certificate chain with distributed trust. This issue occurs when validating a certificate chain with cockpit-certificate-ensure. This flaw allows an unauthenticated, remote client or attacker to initiate a denial of service attack.

CVE-2024-20926 [MEDIUM] CWE-284 CVE-2024-20926: Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition produ Vulnerability in the Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Scripting). Supported versions that are affected are Oracle Java SE: 8u391, 8u391-perf, 11.0.21; Oracle GraalVM for JDK: 17.0.9; Oracle GraalVM Enterprise Edition: 20.3.12, 21.3.8 and 22.3.4. Difficult to exploit vulne

CVE-2023-6040 [HIGH] CWE-125 CVE-2023-6040: An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (n An out-of-bounds access vulnerability involving netfilter was reported and fixed as: f1082dd31fe4 (netfilter: nf_tables: Reject tables of unsupported family); While creating a new netfilter table, lack of a safeguard against invalid nf_tables family (pf) values within `nf_tables_newtable` function enables an attacker to achieve out-of-bounds access.

CVE-2023-51782 [HIGH] CWE-416 CVE-2023-51782: An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use An issue was discovered in the Linux kernel before 6.6.8. rose_ioctl in net/rose/af_rose.c has a use-after-free because of a rose_accept race condition.

CVE-2023-51781 [HIGH] CWE-416 CVE-2023-51781: An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a u An issue was discovered in the Linux kernel before 6.6.8. atalk_ioctl in net/appletalk/ddp.c has a use-after-free because of an atalk_recvmsg race condition.

CVE-2023-51780 [HIGH] CWE-416 CVE-2023-51780: An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use- An issue was discovered in the Linux kernel before 6.6.8. do_vcc_ioctl in net/atm/ioctl.c has a use-after-free because of a vcc_recvmsg race condition.

CVE-2023-6270 [HIGH] CWE-416 CVE-2023-6270: A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() fu A flaw was found in the ATA over Ethernet (AoE) driver in the Linux kernel. The aoecmd_cfg_pkts() function improperly updates the refcnt on `struct net_device`, and a use-after-free can be triggered by racing between the free on the struct and the access through the `skbtxq` global queue. This could lead to a denial of service condition or potential cod