Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Debian_linux
(Debian)| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-31 | CVE-2022-1354 | A heap buffer overflow flaw was found in Libtiffs' tiffinfo.c in TIFFReadRawDataStriped() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffinfo tool, triggering a heap buffer overflow issue and causing a crash that leads to a denial of service. | Debian_linux, Fedora, Libtiff, Ontap_select_deploy_administration_utility, Enterprise_linux | 5.5 | ||
| 2022-08-31 | CVE-2022-1355 | A stack buffer overflow flaw was found in Libtiffs' tiffcp.c in main() function. This flaw allows an attacker to pass a crafted TIFF file to the tiffcp tool, triggering a stack buffer overflow issue, possibly corrupting the memory, and causing a crash that leads to a denial of service. | Debian_linux, Fedora, Libtiff, Ontap_select_deploy_administration_utility, Enterprise_linux | 6.1 | ||
| 2022-08-31 | CVE-2022-2132 | A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. | Debian_linux, Data_plane_development_kit, Fedora, Enterprise_linux, Enterprise_linux_fast_datapath, Openshift_container_platform, Openstack_platform, Virtualization | 8.6 | ||
| 2022-08-31 | CVE-2022-2153 | A flaw was found in the Linux kernel’s KVM when attempting to set a SynIC IRQ. This issue makes it possible for a misbehaving VMM to write to SYNIC/STIMER MSRs, causing a NULL pointer dereference. This flaw allows an unprivileged local attacker on the host to issue specific ioctl calls, causing a kernel oops condition that results in a denial of service. | Debian_linux, Fedora, Linux_kernel, Enterprise_linux | 5.5 | ||
| 2022-08-31 | CVE-2022-2519 | There is a double free or corruption in rotateImage() at tiffcrop.c:8839 found in libtiff 4.4.0rc1 | Debian_linux, Libtiff | 6.5 | ||
| 2022-08-31 | CVE-2022-2520 | A flaw was found in libtiff 4.4.0rc1. There is a sysmalloc assertion fail in rotateImage() at tiffcrop.c:8621 that can cause program crash when reading a crafted input. | Debian_linux, Libtiff | 6.5 | ||
| 2022-08-31 | CVE-2022-2521 | It was found in libtiff 4.4.0rc1 that there is an invalid pointer free operation in TIFFClose() at tif_close.c:131 called by tiffcrop.c:2522 that can cause a program crash and denial of service while processing crafted input. | Debian_linux, Libtiff | 6.5 | ||
| 2022-08-31 | CVE-2022-3028 | A race condition was found in the Linux kernel's IP framework for transforming packets (XFRM subsystem) when multiple calls to xfrm_probe_algs occurred simultaneously. This flaw could allow a local attacker to potentially trigger an out-of-bounds write or leak kernel heap memory by performing an out-of-bounds read and copying it into a socket. | Debian_linux, Fedora, Linux_kernel | 7.0 | ||
| 2022-09-01 | CVE-2020-35530 | In LibRaw, there is an out-of-bounds write vulnerability within the "new_node()" function (libraw\src\x3f\x3f_utils_patched.cpp) that can be triggered via a crafted X3F file. | Debian_linux, Libraw | 5.5 | ||
| 2022-09-01 | CVE-2020-35531 | In LibRaw, an out-of-bounds read vulnerability exists within the get_huffman_diff() function (libraw\src\x3f\x3f_utils_patched.cpp) when reading data from an image file. | Debian_linux, Libraw | 5.5 |