[Git][security-tracker-team/security-tracker][master] automatic update
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Mon Jan 20 08:12:03 GMT 2025
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
c093366d by security tracker role at 2025-01-20T08:11:56+00:00
automatic update
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -1,199 +1,233 @@
-CVE-2025-21654 [ovl: support encoding fid from inode with no alias]
+CVE-2025-0590 (Improper permission settings for mobile applications (com.transsion.ca ...)
+ TODO: check
+CVE-2025-0586 (The a+HRD from aEnrich Technology has an Insecure Deserialization vuln ...)
+ TODO: check
+CVE-2025-0585 (The a+HRD from aEnrich Technology has a SQL Injection vulnerability, a ...)
+ TODO: check
+CVE-2025-0584 (The a+HRD from aEnrich Technology has a Server-side Request Forgery, a ...)
+ TODO: check
+CVE-2025-0583 (The a+HRD from aEnrich Technology has a Reflected Cross-site Scripting ...)
+ TODO: check
+CVE-2025-0582 (A vulnerability classified as critical was found in itsourcecode Farm ...)
+ TODO: check
+CVE-2025-0581 (A vulnerability classified as problematic has been found in CampCodes ...)
+ TODO: check
+CVE-2025-0580 (A vulnerability was found in Shiprocket Module 3 on OpenCart. It has b ...)
+ TODO: check
+CVE-2025-0579 (A vulnerability was found in Shiprocket Module 3/4 on OpenCart. It has ...)
+ TODO: check
+CVE-2025-0578 (A vulnerability was found in Facile Sistemas Cloud Apps up to 20250107 ...)
+ TODO: check
+CVE-2025-0576 (A vulnerability was found in Mobotix M15 4.3.4.83 and classified as pr ...)
+ TODO: check
+CVE-2025-0575 (A vulnerability has been found in Union Bank of India Vyom 8.0.34 on A ...)
+ TODO: check
+CVE-2024-41783 (IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, ...)
+ TODO: check
+CVE-2024-41743 (IBM TXSeries for Multiplatforms 10.1 could allow a remote attacker to ...)
+ TODO: check
+CVE-2024-41742 (IBM TXSeries for Multiplatforms 10.1 is vulnerable to a denial of serv ...)
+ TODO: check
+CVE-2024-38337 (IBM Sterling Secure Proxy 6.0.0.0, 6.0.0.1, 6.0.0.2, 6.0.0.3, 6.1.0.0, ...)
+ TODO: check
+CVE-2024-13524 (A vulnerability has been found in obsproject OBS Studio up to 30.0.2 o ...)
+ TODO: check
+CVE-2025-21654 (In the Linux kernel, the following vulnerability has been resolved: o ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c45beebfde34aa71afbc48b2c54cdda623515037 (6.13-rc7)
-CVE-2025-21653 [net_sched: cls_flow: validate TCA_FLOW_RSHIFT attribute]
+CVE-2025-21653 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/a039e54397c6a75b713b9ce7894a62e06956aa92 (6.13-rc7)
-CVE-2025-21652 [ipvlan: Fix use-after-free in ipvlan_get_iflink().]
+CVE-2025-21652 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cb358ff94154774d031159b018adf45e17673941 (6.13-rc7)
-CVE-2025-21651 [net: hns3: don't auto enable misc vector]
+CVE-2025-21651 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/98b1e3b27734139c76295754b6c317aa4df6d32e (6.13-rc7)
-CVE-2025-21650 [net: hns3: fixed hclge_fetch_pf_reg accesses bar space out of bounds issue]
+CVE-2025-21650 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7997ddd46c54408bcba5e37fe18b4d832e45d4d4 (6.13-rc7)
-CVE-2025-21649 [net: hns3: fix kernel crash when 1588 is sent on HIP08 devices]
+CVE-2025-21649 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9741e72b2286de8b38de9db685588ac421a95c87 (6.13-rc7)
-CVE-2025-21648 [netfilter: conntrack: clamp maximum hashtable size to INT_MAX]
+CVE-2025-21648 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/b541ba7d1f5a5b7b3e2e22dc9e40e18a7d6dbc13 (6.13-rc7)
-CVE-2025-21647 [sched: sch_cake: add bounds checks to host bulk flow fairness counts]
+CVE-2025-21647 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/737d4d91d35b5f7fa5bb442651472277318b0bfd (6.13-rc7)
-CVE-2025-21646 [afs: Fix the maximum cell name length]
+CVE-2025-21646 (In the Linux kernel, the following vulnerability has been resolved: a ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/8fd56ad6e7c90ac2bddb0741c6b248c8c5d56ac8 (6.13-rc7)
-CVE-2025-21645 [platform/x86/amd/pmc: Only disable IRQ1 wakeup where i8042 actually enabled it]
+CVE-2025-21645 (In the Linux kernel, the following vulnerability has been resolved: p ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/dd410d784402c5775f66faf8b624e85e41c38aaf (6.13-rc7)
-CVE-2025-21644 [drm/xe: Fix tlb invalidation when wedging]
+CVE-2025-21644 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/9ab4981552930a9c45682d62424ba610edc3992d (6.13-rc7)
-CVE-2025-21643 [netfs: Fix kernel async DIO]
+CVE-2025-21643 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/3f6bc9e3ab9b127171d39f9ac6eca1abb693b731 (6.13-rc7)
-CVE-2025-21642 [mptcp: sysctl: sched: avoid using current->nsproxy]
+CVE-2025-21642 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/d38e26e36206ae3d544d496513212ae931d1da0a (6.13-rc7)
-CVE-2025-21641 [mptcp: sysctl: blackhole timeout: avoid using current->nsproxy]
+CVE-2025-21641 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/92cf7a51bdae24a32c592adcdd59a773ae149289 (6.13-rc7)
-CVE-2025-21640 [sctp: sysctl: cookie_hmac_alg: avoid using current->nsproxy]
+CVE-2025-21640 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/ea62dd1383913b5999f3d16ae99d411f41b528d4 (6.13-rc7)
-CVE-2025-21639 [sctp: sysctl: rto_min/max: avoid using current->nsproxy]
+CVE-2025-21639 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/9fc17b76fc70763780aa78b38fcf4742384044a5 (6.13-rc7)
-CVE-2025-21638 [sctp: sysctl: auth_enable: avoid using current->nsproxy]
+CVE-2025-21638 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/15649fd5415eda664ef35780c2013adeb5d9c695 (6.13-rc7)
-CVE-2025-21637 [sctp: sysctl: udp_port: avoid using current->nsproxy]
+CVE-2025-21637 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/c10377bbc1972d858eaf0ab366a311b39f8ef1b6 (6.13-rc7)
-CVE-2025-21636 [sctp: sysctl: plpmtud_probe_interval: avoid using current->nsproxy]
+CVE-2025-21636 (In the Linux kernel, the following vulnerability has been resolved: s ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/6259d2484d0ceff42245d1f09cc8cb6ee72d847a (6.13-rc7)
-CVE-2025-21635 [rds: sysctl: rds_tcp_{rcv,snd}buf: avoid using current->nsproxy]
+CVE-2025-21635 (In the Linux kernel, the following vulnerability has been resolved: r ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/7f5611cbc4871c7fb1ad36c2e5a9edad63dca95c (6.13-rc7)
-CVE-2025-21634 [cgroup/cpuset: remove kernfs active break]
+CVE-2025-21634 (In the Linux kernel, the following vulnerability has been resolved: c ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/3cb97a927fffe443e1e7e8eddbfebfdb062e86ed (6.13-rc7)
-CVE-2025-21633 [io_uring/sqpoll: zero sqd->thread on tctx errors]
+CVE-2025-21633 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4b7cfa8b6c28a9fa22b86894166a1a34f6d630ba (6.13-rc7)
-CVE-2025-21632 [x86/fpu: Ensure shadow stack is active before "getting" registers]
+CVE-2025-21632 (In the Linux kernel, the following vulnerability has been resolved: x ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a9d9c33132d49329ada647e4514d210d15e31d81 (6.13-rc7)
-CVE-2025-21631 [block, bfq: fix waker_bfqq UAF after bfq_split_bfqq()]
+CVE-2025-21631 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/fcede1f0a043ccefe9bc6ad57f12718e42f63f1d (6.13-rc7)
-CVE-2024-57929 [dm array: fix releasing a faulty array block twice in dm_array_cursor_end]
+CVE-2024-57929 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/f2893c0804d86230ffb8f1c8703fdbb18648abc8 (6.13-rc7)
-CVE-2024-57928 [netfs: Fix enomem handling in buffered reads]
+CVE-2024-57928 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/105549d09a539a876b7c3330ab52d8aceedad358 (6.13-rc7)
-CVE-2024-57927 [nfs: Fix oops in nfs_netfs_init_request() when copying to cache]
+CVE-2024-57927 (In the Linux kernel, the following vulnerability has been resolved: n ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/86ad1a58f6a9453f49e06ef957a40a8dac00a13f (6.13-rc7)
-CVE-2024-57926 [drm/mediatek: Set private->all_drm_private[i]->drm to NULL if mtk_drm_bind returns err]
+CVE-2024-57926 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/36684e9d88a2e2401ae26715a2e217cb4295cea7 (6.13-rc7)
-CVE-2024-57925 [ksmbd: fix a missing return value check bug]
+CVE-2024-57925 (In the Linux kernel, the following vulnerability has been resolved: k ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/4c16e1cadcbcaf3c82d5fc310fbd34d0f5d0db7c (6.13-rc7)
-CVE-2024-57924 [fs: relax assertions on failure to encode file handles]
+CVE-2024-57924 (In the Linux kernel, the following vulnerability has been resolved: f ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/974e3fe0ac61de85015bbe5a4990cf4127b304b2 (6.13-rc7)
-CVE-2024-57923 [btrfs: zlib: fix avail_in bytes for s390 zlib HW compression path]
+CVE-2024-57923 (In the Linux kernel, the following vulnerability has been resolved: b ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/0ee4736c003daded513de0ff112d4a1e9c85bbab (6.13-rc7)
-CVE-2024-57922 [drm/amd/display: Add check for granularity in dml ceil/floor helpers]
+CVE-2024-57922 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/0881fbc4fd62e00a2b8e102725f76d10351b2ea8 (6.13-rc7)
-CVE-2024-57921 [drm/amdgpu: Add a lock when accessing the buddy trim function]
+CVE-2024-57921 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/75c8b703e5bded1e33b08fb09b829e7c2c1ed50a (6.13-rc7)
-CVE-2024-57920 [drm/amdkfd: wq_release signals dma_fence only when available]
+CVE-2024-57920 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/a993d319aebb7cce8a10c6e685344b7c2ad5c4c2 (6.13-rc7)
-CVE-2024-57919 [drm/amd/display: fix divide error in DM plane scale calcs]
+CVE-2024-57919 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/5225fd2a26211d012533acf98a6ad3f983885817 (6.13-rc7)
-CVE-2024-57918 [drm/amd/display: fix page fault due to max surface definition mismatch]
+CVE-2024-57918 (In the Linux kernel, the following vulnerability has been resolved: d ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/7de8d5c90be9ad9f6575e818a674801db2ada794 (6.13-rc7)
-CVE-2024-57917 [topology: Keep the cpumask unchanged when printing cpumap]
+CVE-2024-57917 (In the Linux kernel, the following vulnerability has been resolved: t ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/cbd399f78e23ad4492c174fc5e6b3676dba74a52 (6.13-rc7)
-CVE-2024-57916 [misc: microchip: pci1xxxx: Resolve kernel panic during GPIO IRQ handling]
+CVE-2024-57916 (In the Linux kernel, the following vulnerability has been resolved: m ...)
- linux 6.12.10-1
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/194f9f94a5169547d682e9bbcc5ae6d18a564735 (6.13-rc7)
-CVE-2024-57915 [usb: gadget: u_serial: Disable ep before setting port to null to fix the crash caused by port being null]
+CVE-2024-57915 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/13014969cbf07f18d62ceea40bd8ca8ec9d36cec (6.13-rc7)
-CVE-2024-57914 [usb: typec: tcpci: fix NULL pointer issue on shared irq case]
+CVE-2024-57914 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/862a9c0f68487fd6ced15622d9cdcec48f8b5aaa (6.13-rc7)
-CVE-2024-57913 [usb: gadget: f_fs: Remove WARN_ON in functionfs_bind]
+CVE-2024-57913 (In the Linux kernel, the following vulnerability has been resolved: u ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/dfc51e48bca475bbee984e90f33fdc537ce09699 (6.13-rc7)
-CVE-2024-57912 [iio: pressure: zpa2326: fix information leak in triggered buffer]
+CVE-2024-57912 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/6007d10c5262f6f71479627c1216899ea7f09073 (6.13-rc7)
-CVE-2024-57911 [iio: dummy: iio_simply_dummy_buffer: fix information leak in triggered buffer]
+CVE-2024-57911 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/333be433ee908a53f283beb95585dfc14c8ffb46 (6.13-rc7)
-CVE-2024-57910 [iio: light: vcnl4035: fix information leak in triggered buffer]
+CVE-2024-57910 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/47b43e53c0a0edf5578d5d12f5fc71c019649279 (6.13-rc7)
-CVE-2024-57909 [iio: light: bh1745: fix information leak in triggered buffer]
+CVE-2024-57909 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/b62fbe3b8eedd3cf3c9ad0b7cb9f72c3f40815f0 (6.13-rc7)
-CVE-2024-57908 [iio: imu: kmx61: fix information leak in triggered buffer]
+CVE-2024-57908 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/6ae053113f6a226a2303caa4936a4c37f3bfff7b (6.13-rc7)
-CVE-2024-57907 [iio: adc: rockchip_saradc: fix information leak in triggered buffer]
+CVE-2024-57907 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/38724591364e1e3b278b4053f102b49ea06ee17c (6.13-rc7)
-CVE-2024-57906 [iio: adc: ti-ads8688: fix information leak in triggered buffer]
+CVE-2024-57906 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/2a7377ccfd940cd6e9201756aff1e7852c266e69 (6.13-rc7)
-CVE-2024-57905 [iio: adc: ti-ads1119: fix information leak in triggered buffer]
+CVE-2024-57905 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
[bookworm] - linux <not-affected> (Vulnerable code not present)
[bullseye] - linux <not-affected> (Vulnerable code not present)
NOTE: https://git.kernel.org/linus/75f339d3ecd38cb1ce05357d647189d4a7f7ed08 (6.13-rc7)
-CVE-2024-57904 [iio: adc: at91: call input_free_device() on allocated iio_dev]
+CVE-2024-57904 (In the Linux kernel, the following vulnerability has been resolved: i ...)
- linux 6.12.10-1
NOTE: https://git.kernel.org/linus/de6a73bad1743e9e81ea5a24c178c67429ff510b (6.13-rc7)
CVE-2025-0567 (A vulnerability classified as problematic was found in Epic Games Laun ...)
@@ -4806,6 +4840,7 @@ CVE-2024-12430 (An attacker who successfully exploited these vulnerabilities cou
CVE-2024-12429 (An attacker who successfully exploited these vulnerabilities could gra ...)
NOT-FOR-US: ABB
CVE-2024-12426 (Exposure of Environmental Variables and arbitrary INI file values to a ...)
+ {DSA-5846-1 DLA-4020-1}
- libreoffice 4:24.8.4-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2024-12426
NOTE: [1/2] https://gerrit.libreoffice.org/c/core/+/176797
@@ -4815,6 +4850,7 @@ CVE-2024-12426 (Exposure of Environmental Variables and arbitrary INI file value
NOTE: Fixed by commit [1/2] https://github.com/LibreOffice/core/commit/a22d185ef7d141676e8a4db15471bfe6d283cb8c (distro/cib/libreoffice-6-4)
NOTE: Fixed by commit [2/2] https://github.com/LibreOffice/core/commit/4915889ab56bc946264c257391ba6eeedfdfad95 (distro/cib/libreoffice-6-4)
CVE-2024-12425 (Improper Limitation of a Pathname to a Restricted Directory ('Path Tra ...)
+ {DSA-5846-1 DLA-4020-1}
- libreoffice 4:24.8.4-1
NOTE: https://www.libreoffice.org/about-us/security/advisories/cve-2024-12425
NOTE: https://gerrit.libreoffice.org/c/core/+/176236
@@ -37536,6 +37572,7 @@ CVE-2024-8461 (A vulnerability, which was classified as problematic, was found i
CVE-2024-8460 (A vulnerability, which was classified as problematic, has been found i ...)
NOT-FOR-US: D-Link
CVE-2024-8445 (The fix for CVE-2024-2199 in 389-ds-base was insufficient to cover all ...)
+ {DLA-4021-1}
- 389-ds-base <unfixed> (bug #1082852)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2310110
NOTE: CVE exists because of an insufficent/incomplete fix for CVE-2024-2199
@@ -57224,6 +57261,7 @@ CVE-2024-6108 (A vulnerability was found in Genexis Tilgin Home Gateway 322_AS05
CVE-2024-5967 (A vulnerability was found in Keycloak. The LDAP testing endpoint allow ...)
NOT-FOR-US: Keycloak
CVE-2024-5953 (A denial of service vulnerability was found in the 389-ds-base LDAP se ...)
+ {DLA-4021-1}
- 389-ds-base 3.1.1+dfsg1-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2292104
NOTE: https://github.com/389ds/389-ds-base/commit/9e6cefb1f37740f3ce180f272ee0653d65b878d9 (389-ds-base-3.1.1)
@@ -62781,6 +62819,7 @@ CVE-2024-4429 (Cross-Site Request Forgery vulnerabilityhas been discovered in Op
CVE-2024-3969 (XML External Entity injection vulnerability foundin OpenText\u2122 iMa ...)
NOT-FOR-US: OpenText iManager
CVE-2024-3657 (A flaw was found in 389-ds-base. A specially-crafted LDAP query can po ...)
+ {DLA-4021-1}
- 389-ds-base 3.1.1+dfsg1-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2274401
NOTE: https://github.com/389ds/389-ds-base/commit/b1e9acf39d1e1b752e8b4b469f32e17c743ad6f9 (389-ds-base-3.1.1)
@@ -62878,6 +62917,7 @@ CVE-2024-30164 (Amazon AWS Client VPN has a buffer overflow that could potential
CVE-2024-2451 (Improper fingerprint validation in the TeamViewer Client (Full & Host) ...)
NOT-FOR-US: TeamViewer
CVE-2024-2199 (A denial of service vulnerability was found in 389-ds-base ldap server ...)
+ {DLA-4021-1}
- 389-ds-base 3.1.1+dfsg1-1 (bug #1072531)
[bookworm] - 389-ds-base <no-dsa> (Minor issue)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2267976
@@ -113429,6 +113469,7 @@ CVE-2023-42366 (A heap-buffer-overflow was discovered in BusyBox v.1.36.1 in the
[buster] - busybox <postponed> (Minor issue)
NOTE: https://bugs.busybox.net/show_bug.cgi?id=15874
CVE-2023-42365 (A use-after-free vulnerability was discovered in BusyBox v.1.36.1 via ...)
+ {DLA-4019-1}
- busybox 1:1.37.0-1 (bug #1059052)
[bookworm] - busybox <postponed> (Minor issue, revisit when fixed upstream)
[buster] - busybox <no-dsa> (Minor issue)
@@ -113437,6 +113478,7 @@ CVE-2023-42365 (A use-after-free vulnerability was discovered in BusyBox v.1.36.
NOTE: Regression: https://bugs.busybox.net/show_bug.cgi?id=15871#c6
NOTE: Fixed by: https://git.busybox.net/busybox/commit/editors/awk.c?id=38335df9e9f45378c3407defd38b5b610578bdda (1_37_0)
CVE-2023-42364 (A use-after-free vulnerability in BusyBox v.1.36.1 allows attackers to ...)
+ {DLA-4019-1}
- busybox 1:1.37.0-1 (bug #1059051)
[bookworm] - busybox <postponed> (Minor issue, revisit when fixed upstream)
[buster] - busybox <no-dsa> (Minor issue)
@@ -170156,6 +170198,7 @@ CVE-2022-48176 (Netgear routers R7000P before v1.3.3.154, R6900P before v1.3.3.1
CVE-2022-48175 (Rukovoditel v3.2.1 was discovered to contain a remote code execution ( ...)
NOT-FOR-US: Rukovoditel
CVE-2022-48174 (There is a stack overflow vulnerability in ash.c:6030 in busybox befor ...)
+ {DLA-4019-1}
- busybox 1:1.37.0-1 (bug #1059049)
[bookworm] - busybox <postponed> (Minor issue, revisit when fixed upstream)
[buster] - busybox <no-dsa> (Minor issue)
@@ -202860,7 +202903,7 @@ CVE-2022-38369 (Apache IoTDB version 0.13.0 is vulnerable by session id attack.
CVE-2022-2851
RESERVED
CVE-2022-2850 (A flaw was found In 389-ds-base. When the Content Synchronization plug ...)
- {DLA-3399-1}
+ {DLA-4021-1 DLA-3399-1}
- 389-ds-base 2.3.1-1 (bug #1018054)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2118691
NOTE: https://github.com/389ds/389-ds-base/issues/4711#issuecomment-1205100979
@@ -234702,7 +234745,7 @@ CVE-2022-0998 (An integer overflow flaw was found in the Linux kernel\u2019s vir
CVE-2022-0997 (Improper file permissions in the CommandPost, Collector, and Sensor co ...)
NOT-FOR-US: Fidelis
CVE-2022-0996 (A vulnerability was found in the 389 Directory Server that allows expi ...)
- {DLA-3399-1}
+ {DLA-4021-1 DLA-3399-1}
- 389-ds-base 2.0.15-1
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2064769
NOTE: https://github.com/389ds/389-ds-base/issues/5221
@@ -235824,7 +235867,7 @@ CVE-2022-0920 (The Salon booking system Free and Pro WordPress plugins before 7.
CVE-2022-0919 (The Salon booking system Free and pro WordPress plugins before 7.6.3 d ...)
NOT-FOR-US: WordPress plugin
CVE-2022-0918 (A vulnerability was discovered in the 389 Directory Server that allows ...)
- {DLA-3399-1}
+ {DLA-4021-1 DLA-3399-1}
- 389-ds-base 2.0.15-1.1 (bug #1016445)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2055815
NOTE: https://github.com/389ds/389-ds-base/issues/5242
@@ -255998,7 +256041,7 @@ CVE-2021-4093 (A flaw was found in the KVM's AMD code for supporting the Secure
CVE-2021-4092 (yetiforcecrm is vulnerable to Cross-Site Request Forgery (CSRF))
NOT-FOR-US: yetiforcecrm
CVE-2021-4091 (A double-free was found in the way 389-ds-base handles virtual attribu ...)
- {DLA-3399-1}
+ {DLA-4021-1 DLA-3399-1}
- 389-ds-base 2.0.15-1
[stretch] - 389-ds-base <not-affected> (Vulnerable code introduced later)
NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2030307
@@ -266280,16 +266323,19 @@ CVE-2021-42387 (Heap out-of-bounds read in Clickhouse's LZ4 compression codec wh
NOTE: https://github.com/ClickHouse/ClickHouse/pull/27136
NOTE: https://jfrog.com/blog/7-rce-and-dos-vulnerabilities-found-in-clickhouse-dbms/
CVE-2021-42386 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
CVE-2021-42385 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
CVE-2021-42384 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
@@ -266301,26 +266347,31 @@ CVE-2021-42383 (A use-after-free in Busybox's awk applet leads to denial of serv
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
CVE-2021-42382 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
CVE-2021-42381 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
CVE-2021-42380 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
CVE-2021-42379 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
CVE-2021-42378 (A use-after-free in Busybox's awk applet leads to denial of service an ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (bug #999567)
[buster] - busybox <no-dsa> (Minor issue)
[stretch] - busybox <postponed> (Minor issue, requires passing arbitrary awk program, no identified patch)
@@ -266339,6 +266390,7 @@ CVE-2021-42375 (An incorrect handling of a special element in Busybox's ash appl
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
NOTE: Crash in CLI tool, no security impact
CVE-2021-42374 (An out-of-bounds heap read in Busybox's unlzma applet leads to informa ...)
+ {DLA-4019-1}
- busybox 1:1.35.0-1 (unimportant; bug #999567)
[stretch] - busybox <not-affected> (Vulnerable code introduced later)
NOTE: https://jfrog.com/blog/unboxing-busybox-14-new-vulnerabilities-uncovered-by-claroty-and-jfrog/
@@ -280946,7 +280998,7 @@ CVE-2021-36769 (A reordering issue exists in Telegram before 7.8.1 for Android,
CVE-2021-36768
RESERVED
CVE-2021-3652 (A flaw was found in 389-ds-base. If an asterisk is imported as passwor ...)
- {DLA-3399-1}
+ {DLA-4021-1 DLA-3399-1}
- 389-ds-base 1.4.4.17-1 (bug #991405)
[stretch] - 389-ds-base <no-dsa> (Minor issue)
NOTE: https://github.com/389ds/389-ds-base/issues/4817
@@ -301519,7 +301571,7 @@ CVE-2021-28833 (Increments Qiita::Markdown before 0.34.0 allows XSS via a crafte
CVE-2021-28832 (VSCodeVim before 1.19.0 allows attackers to execute arbitrary code via ...)
NOT-FOR-US: VSCodeVim
CVE-2021-28831 (decompress_gunzip.c in BusyBox through 1.32.1 mishandles the error bit ...)
- {DLA-2614-1}
+ {DLA-4019-1 DLA-2614-1}
- busybox 1:1.35.0-1 (bug #985674)
[buster] - busybox <no-dsa> (Minor issue)
NOTE: https://git.busybox.net/busybox/commit/?id=f25d254dfd4243698c31a4f3153d4ac72aa9e9bd
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c093366d62563c8b8133a9a59a7291df53e9501c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/c093366d62563c8b8133a9a59a7291df53e9501c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20250120/894487c2/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list