Debian Linux vulnerabilities

CVE-2022-3629 [LOW] CWE-401 CVE-2022-3629: A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability a A vulnerability was found in Linux Kernel. It has been declared as problematic. This vulnerability affects the function vsock_connect of the file net/vmw_vsock/af_vsock.c. The manipulation leads to memory leak. The complexity of an attack is rather high. The exploitation appears to be difficult. It is recommended to apply a patch to fix this issue. VDB-2

CVE-2022-3623 [HIGH] CWE-362 CVE-2022-3623: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vul A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function follow_page_pte of the file mm/gup.c of the component BPF. The manipulation leads to race condition. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211921 was assign

CVE-2022-3621 [MEDIUM] CWE-404 CVE-2022-3621: A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the fu A vulnerability was found in Linux Kernel. It has been classified as problematic. Affected is the function nilfs_bmap_lookup_at_level of the file fs/nilfs2/inode.c of the component nilfs2. The manipulation leads to null pointer dereference. It is possible to launch the attack remotely. It is recommended to apply a patch to fix this issue. The identifi

CVE-2022-39260 [HIGH] CWE-122 CVE-2022-39260: Git is an open source, scalable, distributed revision control system. `git shell` is a restricted lo Git is an open source, scalable, distributed revision control system. `git shell` is a restricted login shell that can be used to implement Git's push/pull functionality via SSH. In versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4, the function that splits the command arguments into an array improperly uses an `int`

CVE-2022-41741 [HIGH] CWE-787 CVE-2022-41741: NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to corrupt NGINX worker memory, resulting in its termination or potential other impact using a spec

CVE-2022-41742 [HIGH] CWE-787 CVE-2022-41742: NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngx_http_mp4_module that might allow a local attacker to cause a worker process crash, or might result in worker process memory disclosure by using a spe

CVE-2022-39253 [MEDIUM] CWE-200 CVE-2022-39253: Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31 Git is an open source, scalable, distributed revision control system. Versions prior to 2.30.6, 2.31.5, 2.32.4, 2.33.5, 2.34.5, 2.35.5, 2.36.3, and 2.37.4 are subject to exposure of sensitive information to a malicious actor. When performing a local clone (where the source and target of the clone are on the same volume), Git copies the contents of t

CVE-2022-3586 [MEDIUM] CWE-416 CVE-2022-3586: A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sc A flaw was found in the Linux kernel’s networking code. A use-after-free was found in the way the sch_sfb enqueue function used the socket buffer (SKB) cb field after the same SKB had been enqueued (and freed) into a child qdisc. This flaw allows a local, unprivileged user to crash the system, causing a denial of service.

CVE-2022-3594 [MEDIUM] CWE-404 CVE-2022-3594: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vul A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function intr_callback of the file drivers/net/usb/r8152.c of the component BPF. The manipulation leads to logging of excessive data. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The associ

CVE-2022-3564 [HIGH] CWE-119 CVE-2022-3564: A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is A vulnerability classified as critical was found in Linux Kernel. Affected by this vulnerability is the function l2cap_reassemble_sdu of the file net/bluetooth/l2cap_core.c of the component Bluetooth. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-2110

CVE-2022-3550 [HIGH] CWE-119 CVE-2022-3550: A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is A vulnerability classified as critical was found in X.org Server. Affected by this vulnerability is the function _GetCountedString of the file xkb/xkb.c. The manipulation leads to buffer overflow. It is recommended to apply a patch to fix this issue. The associated identifier of this vulnerability is VDB-211051.

CVE-2022-3545 [HIGH] CWE-119 CVE-2022-3545: A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerab A vulnerability has been found in Linux Kernel and classified as critical. Affected by this vulnerability is the function area_cache_get of the file drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c of the component IPsec. The manipulation leads to use after free. It is recommended to apply a patch to fix this issue. The identifier VDB-211045 was

CVE-2022-3517 [HIGH] CWE-400 CVE-2022-3517: A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of A vulnerability was found in the minimatch package. This flaw allows a Regular Expression Denial of Service (ReDoS) when calling the braceExpand function with specific arguments, resulting in a Denial of Service.

CVE-2022-41751 [HIGH] CWE-78 CVE-2022-41751: Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename Jhead 3.06.0.1 allows attackers to execute arbitrary OS commands by placing them in a JPEG filename and then using the regeneration -rgt50 option.

CVE-2022-3551 [MEDIUM] CWE-404 CVE-2022-3551: A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by th A vulnerability, which was classified as problematic, has been found in X.org Server. Affected by this issue is the function ProcXkbGetKbdByName of the file xkb/xkb.c. The manipulation leads to memory leak. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-211052.

CVE-2022-3524 [MEDIUM] CWE-404 CVE-2022-3524: A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vul A vulnerability was found in Linux Kernel. It has been declared as problematic. Affected by this vulnerability is the function ipv6_renew_options of the component IPv6 Handler. The manipulation leads to memory leak. The attack can be launched remotely. It is recommended to apply a patch to fix this issue. The identifier VDB-211021 was assigned to this

CVE-2022-3521 [LOW] CWE-362 CVE-2022-3521: A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability aff A vulnerability has been found in Linux Kernel and classified as problematic. This vulnerability affects the function kcm_tx_work of the file net/kcm/kcmsock.c of the component kcm. The manipulation leads to race condition. It is recommended to apply a patch to fix this issue. VDB-211018 is the identifier assigned to this vulnerability.

CVE-2022-42720 [HIGH] CWE-416 CVE-2022-42720: Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 thr Various refcounting bugs in the multi-BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to trigger use-after-free conditions to potentially execute code.

CVE-2022-41674 [HIGH] CWE-787 CVE-2022-41674: An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames cou An issue was discovered in the Linux kernel before 5.19.16. Attackers able to inject WLAN frames could cause a buffer overflow in the ieee80211_bss_info_update function in net/mac80211/scan.c.

CVE-2022-42721 [MEDIUM] CWE-835 CVE-2022-42721: A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x b A list management bug in BSS handling in the mac80211 stack in the Linux kernel 5.1 through 5.19.x before 5.19.16 could be used by local attackers (able to inject WLAN frames) to corrupt a linked list and, in turn, potentially execute code.