Debian Linux vulnerabilities

CVE-2022-42312 [MEDIUM] CWE-770 CVE-2022-42312: Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multipl Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how gues

CVE-2022-42311 [MEDIUM] CWE-770 CVE-2022-42311: Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multipl Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how gues

CVE-2022-42799 [MEDIUM] CWE-1021 CVE-2022-42799: The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 1 The issue was addressed with improved UI handling. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Visiting a malicious website may lead to user interface spoofing.

CVE-2022-42321 [MEDIUM] CWE-674 CVE-2022-42321: Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore: Guests can crash xenstored via exhausting the stack Xenstored is using recursion for some Xenstore operations (e.g. for deleting a sub-tree of Xenstore nodes). With sufficiently deep nesting levels this can result in stack exhaustion on xenstored, leading to a crash of xenstored.

CVE-2022-42315 [MEDIUM] CWE-770 CVE-2022-42315: Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multipl Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how gues

CVE-2022-42313 [MEDIUM] CWE-770 CVE-2022-42313: Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multipl Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how gues

CVE-2022-42318 [MEDIUM] CWE-770 CVE-2022-42318: Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multipl Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how gues

CVE-2022-42319 [MEDIUM] CWE-401 CVE-2022-42319: Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a gues Xenstore: Guests can cause Xenstore to not free temporary memory When working on a request of a guest, xenstored might need to allocate quite large amounts of memory temporarily. This memory is freed only after the request has been finished completely. A request is regarded to be finished only after the guest has read the response message of the req

CVE-2022-42824 [MEDIUM] CVE-2022-42824: A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS A logic issue was addressed with improved state management. This issue is fixed in tvOS 16.1, macOS Ventura 13, watchOS 9.1, Safari 16.1, iOS 16.1 and iPadOS 16. Processing maliciously crafted web content may disclose sensitive user information.

CVE-2022-42322 [MEDIUM] CWE-401 CVE-2022-42322: Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record rela Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working tog

CVE-2022-42324 [MEDIUM] CWE-681 CVE-2022-42324: Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precis Oxenstored 32->31 bit integer truncation issues Integers in Ocaml are 63 or 31 bits of signed precision. The Ocaml Xenbus library takes a C uint32_t out of the ring and casts it directly to an Ocaml integer. In 64-bit Ocaml builds this is fine, but in 32-bit builds, it truncates off the most significant bit, and then creates unsigned/signed confusio

CVE-2022-42314 [MEDIUM] CWE-770 CVE-2022-42314: Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multipl Xenstore: guests can let run xenstored out of memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Malicious guests can cause xenstored to allocate vast amounts of memory, eventually resulting in a Denial of Service (DoS) of xenstored. There are multiple ways how gues

CVE-2022-42323 [MEDIUM] CWE-401 CVE-2022-42323: Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record rela Xenstore: Cooperating guests can create arbitrary numbers of nodes T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Since the fix of XSA-322 any Xenstore node owned by a removed domain will be modified to be owned by Dom0. This will allow two malicious guests working tog

CVE-2022-42326 [MEDIUM] CWE-401 CVE-2022-42326: Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record Xenstore: Guests can create arbitrary number of nodes via transactions T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] In case a node has been created in a transaction and it is later deleted in the same transaction, the transaction will be terminated with an error. As t

CVE-2022-42310 [MEDIUM] CWE-459 CVE-2022-42310: Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction Xenstore: Guests can create orphaned Xenstore nodes By creating multiple nodes inside a transaction resulting in an error, a malicious guest can create orphaned nodes in the Xenstore data base, as the cleanup after the error will not remove all nodes already created. When the transaction is committed after this situation, nodes without a valid parent

CVE-2022-40617 [HIGH] CWE-400 CVE-2022-40617: strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugi strongSwan before 5.9.8 allows remote attackers to cause a denial of service in the revocation plugin by sending a crafted end-entity (and intermediate CA) certificate that contains a CRL/OCSP URL that points to a server (under the attacker's control) that doesn't properly respond but (for example) just does nothing after the initial TCP handshake, or

CVE-2022-41973 [HIGH] CWE-59 CVE-2022-41973: multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploi multipath-tools 0.7.7 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited in conjunction with CVE-2022-41974. Local users able to access /dev/shm can change symlinks in multipathd due to incorrect symlink handling, which could lead to controlled file writes outside of the /dev/shm directory. This could be used indirectly f

CVE-2022-41974 [HIGH] CVE-2022-41974: multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploi multipath-tools 0.7.0 through 0.9.x before 0.9.2 allows local users to obtain root access, as exploited alone or in conjunction with CVE-2022-41973. Local users able to write to UNIX domain sockets can bypass access controls and manipulate the multipath setup. This can lead to local privilege escalation to root. This occurs because an attacker can repeat a ke

CVE-2022-39286 [HIGH] CWE-250 CVE-2022-39286: Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior Jupyter Core is a package for the core common functionality of Jupyter projects. Jupyter Core prior to version 4.11.2 contains an arbitrary code execution vulnerability in `jupyter_core` that stems from `jupyter_core` executing untrusted files in CWD. This vulnerability allows one user to run code as another. Version 4.11.2 contains a patch for this is

CVE-2022-3705 [HIGH] CWE-119 CVE-2022-3705: A vulnerability was found in vim and classified as problematic. Affected by this issue is the functi A vulnerability was found in vim and classified as problematic. Affected by this issue is the function qf_update_buffer of the file quickfix.c of the component autocmd Handler. The manipulation leads to use after free. The attack may be launched remotely. Upgrading to version 9.0.0805 is able to address this issue. The name of the patch is d0fab10ed2a86