NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

curl < 7.84.0 supports "chained" HTTP compression algorithms, meaning that a serverresponse can be compressed multiple times and potentially with different algorithms. The number of acceptable "links" in this "decompression chain" was unbounded, allowing a malicious server to insert a virtually unlimited number of compression steps.The use of such a decompression chain could result in a "malloc bomb", makingcurl end up spending enormous amounts of allocated heap memory, or trying toand returning out of memory errors.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-32206
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/
• http://seclists.org/fulldisclosure/2022/Oct/28
• http://seclists.org/fulldisclosure/2022/Oct/41
• http://www.openwall.com/lists/oss-security/2023/02/15/3
• https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
• https://hackerone.com/reports/1570651
• https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/
• https://security.gentoo.org/glsa/202212-01
• https://security.netapp.com/advisory/ntap-20220915-0003/
• https://support.apple.com/kb/HT213488
• https://www.debian.org/security/2022/dsa-5197

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

An allocation of resources without limits or throttling vulnerability exists in curl <v7.88.0 based on the "chained" HTTP compression algorithms, meaning that a server response can be compressed multiple times and potentially with differentalgorithms. The number of acceptable "links" in this "decompression chain" wascapped, but the cap was implemented on a per-header basis allowing a maliciousserver to insert a virtually unlimited number of compression steps simply byusing many headers. The use of such a decompression chain could result in a "malloc bomb", making curl end up spending enormous amounts of allocated heap memory, or trying to and returning out of memory errors.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u7 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-23916
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/
• https://hackerone.com/reports/1826048
• https://lists.debian.org/debian-lts-announce/2023/02/msg00035.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BQKE6TXYDHOTFHLTBZ5X73GTKI7II5KO/
• https://security.gentoo.org/glsa/202310-12
• https://security.netapp.com/advisory/ntap-20230309-0006/
• https://www.debian.org/security/2023/dsa-5365

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A cleartext transmission of sensitive information vulnerability exists in curl <v7.88.0 that could cause HSTS functionality to behave incorrectly when multiple URLs are requested in parallel. Using its HSTS support, curl can be instructed to use HTTPS instead of using an insecure clear-text HTTP step even when HTTP is provided in the URL. This HSTS mechanism would however surprisingly fail when multiple transfers are done in parallel as the HSTS cache file gets overwritten by the most recentlycompleted transfer. A later HTTP-only transfer to the earlier host name would then not get upgraded properly to HSTS.

Remediation

There is no fixed version for Debian:11 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2023-23915
• https://hackerone.com/reports/1874716
• https://hackerone.com/reports/1826048
• https://security.gentoo.org/glsa/202310-12
• https://security.netapp.com/advisory/ntap-20230309-0006/

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

This flaw allows a malicious HTTP server to set "super cookies" in curl that are then passed back to more origins than what is otherwise allowed or possible. This allows a site to set cookies that then would get sent to different and unrelated sites and domains.

It could do this by exploiting a mixed case flaw in curl's function that verifies a given cookie domain against the Public Suffix List (PSL). For example a cookie could be set with domain=co.UK when the URL used a lower case hostname curl.co.uk, even though co.uk is listed as a PSL domain.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u11 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-46218
• https://curl.se/docs/CVE-2023-46218.html
• https://hackerone.com/reports/2212193
• https://lists.debian.org/debian-lts-announce/2023/12/msg00015.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/3ZX3VW67N4ACRAPMV2QS2LVYGD7H2MVE/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/
• https://security.netapp.com/advisory/ntap-20240125-0007/
• https://www.debian.org/security/2023/dsa-5587

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

When curl is asked to use HSTS, the expiry time for a subdomain might overwrite a parent domain's cache entry, making it end sooner or later than otherwise intended.

This affects curl using applications that enable HSTS and use URLs with the insecure HTTP:// scheme and perform transfers with hosts like x.example.com as well as example.com where the first host is a subdomain of the second host.

(The HSTS cache either needs to have been populated manually or there needs to have been previous HTTPS accesses done as the cache needs to have entries for the domains involved to trigger this problem.)

When x.example.com responds with Strict-Transport-Security: headers, this bug can make the subdomain's expiry timeout bleed over and get set for the parent domain example.com in curl's HSTS cache.

The result of a triggered bug is that HTTP accesses to example.com get converted to HTTPS for a different period of time than what was asked for by the origin server. If example.com for example stops supporting HTTPS at its expiry time, curl might then fail to access http://example.com until the (wrongly set) timeout expires. This bug can also expire the parent's entry earlier, thus making curl inadvertently switch back to insecure HTTP earlier than otherwise intended.

Remediation

There is no fixed version for Debian:11 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2024-9681
• https://curl.se/docs/CVE-2024-9681.html
• https://curl.se/docs/CVE-2024-9681.json
• https://hackerone.com/reports/2764830
• http://www.openwall.com/lists/oss-security/2024/11/06/2
• https://security.netapp.com/advisory/ntap-20241213-0006/

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A insufficiently protected credentials vulnerability in fixed in curl 7.83.0 might leak authentication or cookie header data on HTTP redirects to the same host but another port number.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-27776
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/
• https://hackerone.com/reports/1547048
• https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7N5ZBWLNNPZKFK7Q4KEHGCJ2YELQEUJP/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/DKKOQXPYLMBSEVDHFS32BPBR3ZQJKY5B/
• https://security.gentoo.org/glsa/202212-01
• https://security.netapp.com/advisory/ntap-20220609-0008/
• https://www.debian.org/security/2022/dsa-5197

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

libcurl's ASN1 parser code has the GTime2str() function, used for parsing an ASN.1 Generalized Time field. If given an syntactically incorrect field, the parser might end up using -1 for the length of the time fraction, leading to a strlen() getting performed on a pointer to a heap buffer area that is not (purposely) null terminated.

This flaw most likely leads to a crash, but can also lead to heap contents getting returned to the application when CURLINFO_CERTINFO is used.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u13 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2024-7264
• https://curl.se/docs/CVE-2024-7264.html
• https://curl.se/docs/CVE-2024-7264.json
• https://hackerone.com/reports/2629968
• http://www.openwall.com/lists/oss-security/2024/07/31/1
• https://github.com/curl/curl/commit/27959ecce75cdb2809c0bdb3286e60e08fadb519
• https://security.netapp.com/advisory/ntap-20240828-0008/

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnutls28 package and not the gnutls28 package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A NULL pointer dereference flaw was found in the GnuTLS software in _gnutls_figure_common_ciphersuite().

Remediation

Upgrade Debian:11 gnutls28 to version 3.7.1-5+deb11u8 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2025-6395
• https://access.redhat.com/security/cve/CVE-2025-6395
• https://bugzilla.redhat.com/show_bug.cgi?id=2376755

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs because _xdr_kadm5_principal_ent_rec does not validate the relationship between n_key_data and the key_data array count.

Remediation

Upgrade Debian:11 krb5 to version 1.18.3-6+deb11u4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-36054
• https://github.com/krb5/krb5/commit/ef08b09c9459551aabbe7924fb176f1583053cdd
• https://github.com/krb5/krb5/compare/krb5-1.20.1-final...krb5-1.20.2-final
• https://github.com/krb5/krb5/compare/krb5-1.21-final...krb5-1.21.1-final
• https://lists.debian.org/debian-lts-announce/2023/10/msg00031.html
• https://security.netapp.com/advisory/ntap-20230908-0004/
• https://web.mit.edu/kerberos/www/advisories/

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

Issue summary: Processing some specially crafted ASN.1 object identifiers or data containing them may be very slow.

Impact summary: Applications that use OBJ_obj2txt() directly, or use any of the OpenSSL subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS with no message size limit may experience notable to very long delays when processing those messages, which may lead to a Denial of Service.

An OBJECT IDENTIFIER is composed of a series of numbers - sub-identifiers - most of which have no size limit. OBJ_obj2txt() may be used to translate an ASN.1 OBJECT IDENTIFIER given in DER encoding form (using the OpenSSL type ASN1_OBJECT) to its canonical numeric text form, which are the sub-identifiers of the OBJECT IDENTIFIER in decimal form, separated by periods.

When one of the sub-identifiers in the OBJECT IDENTIFIER is very large (these are sizes that are seen as absurdly large, taking up tens or hundreds of KiBs), the translation to a decimal number in text may take a very long time. The time complexity is O(n^2) with 'n' being the size of the sub-identifiers in bytes (*).

With OpenSSL 3.0, support to fetch cryptographic algorithms using names / identifiers in string form was introduced. This includes using OBJECT IDENTIFIERs in canonical numeric text form as identifiers for fetching algorithms.

Such OBJECT IDENTIFIERs may be received through the ASN.1 structure AlgorithmIdentifier, which is commonly used in multiple protocols to specify what cryptographic algorithm should be used to sign or verify, encrypt or decrypt, or digest passed data.

Applications that call OBJ_obj2txt() directly with untrusted data are affected, with any version of OpenSSL. If the use is for the mere purpose of display, the severity is considered low.

In OpenSSL 3.0 and newer, this affects the subsystems OCSP, PKCS7/SMIME, CMS, CMP/CRMF or TS. It also impacts anything that processes X.509 certificates, including simple things like verifying its signature.

The impact on TLS is relatively low, because all versions of OpenSSL have a 100KiB limit on the peer's certificate chain. Additionally, this only impacts clients, or servers that have explicitly enabled client authentication.

In OpenSSL 1.1.1 and 1.0.2, this only affects displaying diverse objects, such as X.509 certificates. This is assumed to not happen in such a way that it would cause a Denial of Service, so these versions are considered not affected by this issue in such a way that it would be cause for concern, and the severity is therefore considered low.

Remediation

Upgrade Debian:11 openssl to version 1.1.1n-0+deb11u5 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-2650
• http://www.openwall.com/lists/oss-security/2023/05/30/1
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=423a2bc737a908ad0c77bda470b2b59dc879936b
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=853c5e56ee0b8650c73140816bb8b91d6163422c
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9e209944b35cf82368071f160a744b6178f9b098
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db779b0e10b047f2585615e0b8f2acdf21f8544a
• https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
• https://psirt.global.sonicwall.com/vuln-detail/SNWLID-2023-0009
• https://security.gentoo.org/glsa/202402-08
• https://security.netapp.com/advisory/ntap-20230703-0001/
• https://security.netapp.com/advisory/ntap-20231027-0009/
• https://www.debian.org/security/2023/dsa-5417
• https://www.openssl.org/news/secadv/20230530.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

An authentication bypass vulnerability exists in libcurl <8.0.0 in the FTP connection reuse feature that can result in wrong credentials being used during subsequent transfers. Previously created connections are kept in a connection pool for reuse if they match the current setup. However, certain FTP settings such as CURLOPT_FTP_ACCOUNT, CURLOPT_FTP_ALTERNATIVE_TO_USER, CURLOPT_FTP_SSL_CCC, and CURLOPT_USE_SSL were not included in the configuration match checks, causing them to match too easily. This could lead to libcurl using the wrong credentials when performing a transfer, potentially allowing unauthorized access to sensitive information.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u8 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-27535
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
• https://hackerone.com/reports/1892780
• https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
• https://security.gentoo.org/glsa/202310-12
• https://security.netapp.com/advisory/ntap-20230420-0010/

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

An authentication bypass vulnerability exists libcurl <8.0.0 in the connection reuse feature which can reuse previously established connections with incorrect user permissions due to a failure to check for changes in the CURLOPT_GSSAPI_DELEGATION option. This vulnerability affects krb5/kerberos/negotiate/GSSAPI transfers and could potentially result in unauthorized access to sensitive information. The safest option is to not reuse connections if the CURLOPT_GSSAPI_DELEGATION option has been changed.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u8 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-27536
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
• https://hackerone.com/reports/1895135
• https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
• https://security.gentoo.org/glsa/202310-12
• https://security.netapp.com/advisory/ntap-20230420-0010/

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with xn-- and should not be allowed to pattern match, but the wildcard check in curl could still check for x*, which would match even though the IDN name most likely contained nothing even resembling an x.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u9 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-28321
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/
• http://seclists.org/fulldisclosure/2023/Jul/47
• http://seclists.org/fulldisclosure/2023/Jul/48
• http://seclists.org/fulldisclosure/2023/Jul/52
• https://hackerone.com/reports/1950627
• https://lists.debian.org/debian-lts-announce/2023/10/msg00016.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F4I75RDGX5ULSSCBE5BF3P5I5SFO7ULQ/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Z2LIWHWKOVH24COGGBCVOWDXXIUPKOMK/
• https://security.gentoo.org/glsa/202310-12
• https://security.netapp.com/advisory/ntap-20230609-0009/
• https://support.apple.com/kb/HT213843
• https://support.apple.com/kb/HT213844
• https://support.apple.com/kb/HT213845

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

When curl >= 7.20.0 and <= 7.78.0 connects to an IMAP or POP3 server to retrieve data using STARTTLS to upgrade to TLS security, the server can respond and send back multiple responses at once that curl caches. curl would then upgrade to TLS but not flush the in-queue of cached responses but instead continue using and trustingthe responses it got before the TLS handshake as if they were authenticated.Using this flaw, it allows a Man-In-The-Middle attacker to first inject the fake responses, then pass-through the TLS traffic from the legitimate server and trick curl into sending data back to the user thinking the attacker's injected data comes from the TLS-protected server.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2021-22947
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/
• https://hackerone.com/reports/1334763
• https://www.oracle.com/security-alerts/cpuoct2021.html
• https://lists.debian.org/debian-lts-announce/2021/09/msg00022.html
• http://seclists.org/fulldisclosure/2022/Mar/29
• https://cert-portal.siemens.com/productcert/pdf/ssa-389290.pdf
• https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
• https://security.gentoo.org/glsa/202212-01
• https://security.netapp.com/advisory/ntap-20211029-0003/
• https://support.apple.com/kb/HT213183
• https://www.debian.org/security/2022/dsa-5197
• https://www.oracle.com/security-alerts/cpuapr2022.html
• https://www.oracle.com/security-alerts/cpujan2022.html
• https://www.oracle.com/security-alerts/cpujul2022.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/APOAK4X73EJTAPTSVT7IRVDMUWVXNWGD/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RWLEC6YVEM2HWUBX67SDGPSY4CQB72OE/

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

When curl < 7.84.0 does FTP transfers secured by krb5, it handles message verification failures wrongly. This flaw makes it possible for a Man-In-The-Middle attack to go unnoticed and even allows it to inject data to the client.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-32208
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/
• http://seclists.org/fulldisclosure/2022/Oct/28
• http://seclists.org/fulldisclosure/2022/Oct/41
• https://hackerone.com/reports/1590071
• https://lists.debian.org/debian-lts-announce/2022/08/msg00017.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/
• https://security.gentoo.org/glsa/202212-01
• https://security.netapp.com/advisory/ntap-20220915-0003/
• https://support.apple.com/kb/HT213488
• https://www.debian.org/security/2022/dsa-5197

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A use after free vulnerability exists in curl <7.87.0. Curl can be asked to tunnel virtually all protocols it supports through an HTTP proxy. HTTP proxies can (and often do) deny such tunnel operations. When getting denied to tunnel the specific protocols SMB or TELNET, curl would use a heap-allocated struct after it had been freed, in its transfer shutdown code path.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u5 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-43552
• http://seclists.org/fulldisclosure/2023/Mar/17
• https://hackerone.com/reports/1764858
• https://security.gentoo.org/glsa/202310-12
• https://security.netapp.com/advisory/ntap-20230214-0002/
• https://support.apple.com/kb/HT213670

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo function is called and the hosts database in /etc/nsswitch.conf is configured with SUCCESS=continue or SUCCESS=merge.

Remediation

There is no fixed version for Debian:11 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2023-4813
• http://www.openwall.com/lists/oss-security/2023/10/03/8
• https://security.netapp.com/advisory/ntap-20231110-0003/
• https://access.redhat.com/errata/RHBA-2024:2413
• https://access.redhat.com/errata/RHSA-2023:5453
• https://access.redhat.com/errata/RHSA-2023:5455
• https://access.redhat.com/errata/RHSA-2023:7409
• https://access.redhat.com/security/cve/CVE-2023-4813
• https://bugzilla.redhat.com/show_bug.cgi?id=2237798

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnutls28 package and not the gnutls28 package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A vulnerability was found that the response times to malformed ciphertexts in RSA-PSK ClientKeyExchange differ from response times of ciphertexts with correct PKCS#1 v1.5 padding.

Remediation

Upgrade Debian:11 gnutls28 to version 3.7.1-5+deb11u4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-5981
• http://www.openwall.com/lists/oss-security/2024/01/19/3
• https://access.redhat.com/errata/RHSA-2024:0155
• https://access.redhat.com/errata/RHSA-2024:0319
• https://access.redhat.com/errata/RHSA-2024:0399
• https://access.redhat.com/errata/RHSA-2024:0451
• https://access.redhat.com/errata/RHSA-2024:0533
• https://access.redhat.com/errata/RHSA-2024:1383
• https://access.redhat.com/errata/RHSA-2024:2094
• https://access.redhat.com/security/cve/CVE-2023-5981
• https://bugzilla.redhat.com/show_bug.cgi?id=2248445
• https://gnutls.org/security-new.html#GNUTLS-SA-2023-10-23
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7ZEIOLORQ7N6WRPFXZSYDL2MC4LP7VFV/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/GNXKVR5YNUEBNHAHM5GSYKBZX4W2HMN2/

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A vulnerability in the MIT Kerberos implementation allows GSSAPI-protected messages using RC4-HMAC-MD5 to be spoofed due to weaknesses in the MD5 checksum design. If RC4 is preferred over stronger encryption types, an attacker could exploit MD5 collisions to forge message integrity codes. This may lead to unauthorized message tampering.

Remediation

Upgrade Debian:11 krb5 to version 1.18.3-6+deb11u7 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2025-3576
• https://access.redhat.com/security/cve/CVE-2025-3576
• https://bugzilla.redhat.com/show_bug.cgi?id=2359465
• https://lists.debian.org/debian-lts-announce/2025/05/msg00047.html
• https://access.redhat.com/errata/RHSA-2025:8411
• https://access.redhat.com/errata/RHSA-2025:9418
• https://access.redhat.com/errata/RHSA-2025:9430
• https://access.redhat.com/errata/RHSA-2025:11487
• https://web.mit.edu/kerberos/krb5-1.22/krb5-1.22.html
• https://access.redhat.com/errata/RHSA-2025:13664
• https://access.redhat.com/errata/RHSA-2025:13777
• https://access.redhat.com/errata/RHSA-2025:15000
• https://access.redhat.com/errata/RHSA-2025:15002
• https://access.redhat.com/errata/RHSA-2025:15004
• https://access.redhat.com/errata/RHSA-2025:15001
• https://access.redhat.com/errata/RHSA-2025:15003

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A timing based side channel exists in the OpenSSL RSA Decryption implementation which could be sufficient to recover a plaintext across a network in a Bleichenbacher style attack. To achieve a successful decryption an attacker would have to be able to send a very large number of trial messages for decryption. The vulnerability affects all RSA padding modes: PKCS#1 v1.5, RSA-OEAP and RSASVE.

For example, in a TLS connection, RSA is commonly used by a client to send an encrypted pre-master secret to the server. An attacker that had observed a genuine connection between a client and a server could use this flaw to send trial messages to the server and record the time taken to process them. After a sufficiently large number of messages the attacker could recover the pre-master secret used for the original connection and thus be able to decrypt the application data sent over that connection.

Remediation

Upgrade Debian:11 openssl to version 1.1.1n-0+deb11u4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-4304
• https://security.gentoo.org/glsa/202402-08
• https://www.openssl.org/news/secadv/20230207.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A vulnerability was found in systemd-resolved. This issue may allow systemd-resolved to accept records of DNSSEC-signed domains even when they have no signature, allowing man-in-the-middles (or the upstream DNS resolver) to manipulate records.

Remediation

Upgrade Debian:11 systemd to version 247.3-7+deb11u6 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-7008
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4GMDEG5PKONWNHOEYSUDRT6JEOISRMN2/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/QHNBXGKJWISJETTTDTZKTBFIBJUOSLKL/
• https://access.redhat.com/errata/RHSA-2024:2463
• https://access.redhat.com/errata/RHSA-2024:3203
• https://access.redhat.com/security/cve/CVE-2023-7008
• https://bugzilla.redhat.com/show_bug.cgi?id=2222261
• https://bugzilla.redhat.com/show_bug.cgi?id=2222672
• https://github.com/systemd/systemd/issues/25676
• https://security.netapp.com/advisory/ntap-20241122-0004/

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

An insufficiently protected credentials vulnerability exists in curl 4.9 to and include curl 7.82.0 are affected that could allow an attacker to extract credentials when follows HTTP(S) redirects is used with authentication could leak credentials to other services that exist on different protocols or port numbers.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-27774
• https://hackerone.com/reports/1543773
• https://lists.debian.org/debian-lts-announce/2023/01/msg00028.html
• https://security.gentoo.org/glsa/202212-01
• https://security.netapp.com/advisory/ntap-20220609-0008/
• https://www.debian.org/security/2022/dsa-5197

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

An authentication bypass vulnerability exists in libcurl prior to v8.0.0 where it reuses a previously established SSH connection despite the fact that an SSH option was modified, which should have prevented reuse. libcurl maintains a pool of previously used connections to reuse them for subsequent transfers if the configurations match. However, two SSH settings were omitted from the configuration check, allowing them to match easily, potentially leading to the reuse of an inappropriate connection.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u8 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-27538
• https://curl.se/docs/CVE-2023-27538.html
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/36NBD5YLJXXEDZLDGNFCERWRYJQ6LAQW/
• https://hackerone.com/reports/1898475
• https://lists.debian.org/debian-lts-announce/2023/04/msg00025.html
• https://security.gentoo.org/glsa/202310-12
• https://security.netapp.com/advisory/ntap-20230420-0010/

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

Issue summary: Processing a maliciously formatted PKCS12 file may lead OpenSSL to crash leading to a potential Denial of Service attack

Impact summary: Applications loading files in the PKCS12 format from untrusted sources might terminate abruptly.

A file in PKCS12 format can contain certificates and keys and may come from an untrusted source. The PKCS12 specification allows certain fields to be NULL, but OpenSSL does not correctly check for this case. This can lead to a NULL pointer dereference that results in OpenSSL crashing. If an application processes PKCS12 files from an untrusted source using the OpenSSL APIs then that application will be vulnerable to this issue.

OpenSSL APIs that are vulnerable to this are: PKCS12_parse(), PKCS12_unpack_p7data(), PKCS12_unpack_p7encdata(), PKCS12_unpack_authsafes() and PKCS12_newpass().

We have also fixed a similar issue in SMIME_write_PKCS7(). However since this function is related to writing data we do not consider it security significant.

The FIPS modules in 3.2, 3.1 and 3.0 are not affected by this issue.

Remediation

Upgrade Debian:11 openssl to version 1.1.1w-0+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2024-0727
• http://www.openwall.com/lists/oss-security/2024/03/11/1
• https://security.netapp.com/advisory/ntap-20240208-0006/
• https://github.com/openssl/openssl/commit/09df4395b5071217b76dc7d3d2e630eb8c5a79c2
• https://github.com/openssl/openssl/commit/775acfdbd0c6af9ac855f34969cdab0c0c90844a
• https://github.com/openssl/openssl/commit/d135eeab8a5dbf72b3da5240bab9ddb7678dbd2c
• https://github.openssl.org/openssl/extended-releases/commit/03b3941d60c4bce58fab69a0c22377ab439bc0e8
• https://github.openssl.org/openssl/extended-releases/commit/aebaa5883e31122b404e450732dc833dc9dee539
• https://www.openssl.org/news/secadv/20240125.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A flaw was found in shadow-utils. When asking for a new password, shadow-utils asks the password twice. If the password fails on the second attempt, shadow-utils fails in cleaning the buffer used to store the first entry. This may allow an attacker with enough access to retrieve the password from the memory.

Remediation

Upgrade Debian:11 shadow to version 1:4.8.1-1+deb11u1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-4641
• https://access.redhat.com/errata/RHSA-2023:6632
• https://access.redhat.com/errata/RHSA-2023:7112
• https://access.redhat.com/errata/RHSA-2024:0417
• https://access.redhat.com/errata/RHSA-2024:2577
• https://access.redhat.com/security/cve/CVE-2023-4641
• https://bugzilla.redhat.com/show_bug.cgi?id=2215945

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A vulnerability was found in systemd. This security flaw can cause a local information leak due to systemd-coredump not respecting the fs.suid_dumpable kernel setting.

Remediation

Upgrade Debian:11 systemd to version 247.3-7+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-4415
• https://security.netapp.com/advisory/ntap-20230216-0010/
• https://github.com/systemd/systemd/commit/b7641425659243c09473cd8fb3aef2c0d4a3eb9c
• https://www.openwall.com/lists/oss-security/2022/12/21/3

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

An off-by-one Error issue was discovered in Systemd in format_timespan() function of time-util.c. An attacker could supply specific values for time and accuracy that leads to buffer overrun in format_timespan(), leading to a Denial of Service.

Remediation

Upgrade Debian:11 systemd to version 247.3-7+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-3821
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/
• https://bugzilla.redhat.com/show_bug.cgi?id=2139327
• https://github.com/systemd/systemd/commit/9102c625a673a3246d7e73d8737f3494446bad4e
• https://github.com/systemd/systemd/issues/23928
• https://github.com/systemd/systemd/pull/23933
• https://lists.debian.org/debian-lts-announce/2023/06/msg00036.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/RVBQC2VLSDVQAPJTEMTREXDL4HYLXG2P/
• https://security.gentoo.org/glsa/202305-15

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

GNU Tar through 1.34 has a one-byte out-of-bounds read that results in use of uninitialized memory for a conditional jump. Exploitation to change the flow of control has not been demonstrated. The issue occurs in from_header in list.c via a V7 archive in which mtime has approximately 11 whitespace characters.

Remediation

Upgrade Debian:11 tar to version 1.34+dfsg-1+deb11u1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-48303
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CRY7VEL4AIG3GLIEVCTOXRZNSVYDYYUD/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/X5VQYCO52Z7GAVCLRYUITN7KXHLRZQS4/
• https://savannah.gnu.org/bugs/?62387
• https://savannah.gnu.org/patch/?10307

NVD Description

Note: Versions mentioned in the description apply only to the upstream unzip package and not the unzip package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

Remediation

Upgrade Debian:11 unzip to version 6.0-26+deb11u1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-0530
• http://seclists.org/fulldisclosure/2022/May/33
• http://seclists.org/fulldisclosure/2022/May/35
• http://seclists.org/fulldisclosure/2022/May/38
• https://bugzilla.redhat.com/show_bug.cgi?id=2051395
• https://github.com/ByteHackr/unzip_poc
• https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html
• https://security.gentoo.org/glsa/202310-17
• https://support.apple.com/kb/HT213255
• https://support.apple.com/kb/HT213256
• https://support.apple.com/kb/HT213257
• https://www.debian.org/security/2022/dsa-5202

NVD Description

Note: Versions mentioned in the description apply only to the upstream unzip package and not the unzip package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A flaw was found in Unzip. The vulnerability occurs during the conversion of a wide string to a local string that leads to a heap of out-of-bound write. This flaw allows an attacker to input a specially crafted zip file, leading to a crash or code execution.

Remediation

Upgrade Debian:11 unzip to version 6.0-26+deb11u1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-0529
• https://bugzilla.redhat.com/show_bug.cgi?id=2051402
• https://bugzilla.redhat.com/show_bug.cgi?id=2051395
• https://github.com/ByteHackr/unzip_poc
• https://lists.debian.org/debian-lts-announce/2022/09/msg00028.html
• https://security.gentoo.org/glsa/202310-17
• https://www.debian.org/security/2022/dsa-5202

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

When saving HSTS data to an excessively long file name, curl could end up removing all contents, making subsequent requests using that file unaware of the HSTS status they should otherwise use.

Remediation

There is no fixed version for Debian:11 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2023-46219
• https://curl.se/docs/CVE-2023-46219.html
• https://hackerone.com/reports/2236133
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/UOGXU25FMMT2X6UUITQ7EZZYMJ42YWWD/
• https://security.netapp.com/advisory/ntap-20240119-0007/
• https://www.debian.org/security/2023/dsa-5587

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnutls28 package and not the gnutls28 package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A flaw was found in GnuTLS, which relies on libtasn1 for ASN.1 data processing. Due to an inefficient algorithm in libtasn1, decoding certain DER-encoded certificate data can take excessive time, leading to increased resource consumption. This flaw allows a remote attacker to send a specially crafted certificate, causing GnuTLS to become unresponsive or slow, resulting in a denial-of-service condition.

Remediation

Upgrade Debian:11 gnutls28 to version 3.7.1-5+deb11u7 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2024-12243
• https://access.redhat.com/security/cve/CVE-2024-12243
• https://bugzilla.redhat.com/show_bug.cgi?id=2344615
• https://gitlab.com/gnutls/libtasn1/-/issues/52
• https://lists.debian.org/debian-lts-announce/2025/02/msg00027.html
• https://access.redhat.com/errata/RHSA-2025:4051
• https://access.redhat.com/errata/RHSA-2025:7076
• https://access.redhat.com/errata/RHSA-2025:8020
• https://security.netapp.com/advisory/ntap-20250523-0002/
• https://access.redhat.com/errata/RHSA-2025:8385

NVD Description

Note: Versions mentioned in the description apply only to the upstream libtasn1-6 package and not the libtasn1-6 package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A flaw in libtasn1 causes inefficient handling of specific certificate data. When processing a large number of elements in a certificate, libtasn1 takes much longer than expected, which can slow down or even crash the system. This flaw allows an attacker to send a specially crafted certificate, causing a denial of service attack.

Remediation

Upgrade Debian:11 libtasn1-6 to version 4.16.0-2+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2024-12133
• https://access.redhat.com/security/cve/CVE-2024-12133
• https://bugzilla.redhat.com/show_bug.cgi?id=2344611
• https://gitlab.com/gnutls/libtasn1/-/issues/52
• http://www.openwall.com/lists/oss-security/2025/02/06/6
• https://lists.debian.org/debian-lts-announce/2025/02/msg00025.html
• https://access.redhat.com/errata/RHSA-2025:4049
• https://access.redhat.com/errata/RHSA-2025:7077
• https://access.redhat.com/errata/RHSA-2025:8021
• https://security.netapp.com/advisory/ntap-20250523-0003/
• https://access.redhat.com/errata/RHSA-2025:8385

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

Issue summary: Checking excessively long DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.

The function DH_check() performs various checks on DH parameters. After fixing CVE-2023-3446 it was discovered that a large q parameter value can also trigger an overly long computation during some of these checks. A correct q value, if present, cannot be larger than the modulus p parameter, thus it is unnecessary to perform these checks if q is larger than p.

An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack.

The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().

Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the "-check" option.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

Remediation

Upgrade Debian:11 openssl to version 1.1.1v-0~deb11u1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-3817
• http://seclists.org/fulldisclosure/2023/Jul/43
• http://www.openwall.com/lists/oss-security/2023/07/31/1
• http://www.openwall.com/lists/oss-security/2023/09/22/11
• http://www.openwall.com/lists/oss-security/2023/09/22/9
• http://www.openwall.com/lists/oss-security/2023/11/06/2
• https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html
• https://security.gentoo.org/glsa/202402-08
• https://security.netapp.com/advisory/ntap-20230818-0014/
• https://security.netapp.com/advisory/ntap-20231027-0008/
• https://security.netapp.com/advisory/ntap-20240621-0006/
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=6a1eb62c29db6cb5eec707f9338aee00f44e26f5
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=869ad69aadd985c7b8ca6f4e5dd0eb274c9f3644
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9002fd07327a91f35ba6c1307e71fa6fd4409b7f
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=91ddeba0f2269b017dc06c46c993a788974b1aa5
• https://www.openssl.org/news/secadv/20230731.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

Applications that use a non-default option when verifying certificates may be vulnerable to an attack from a malicious CA to circumvent certain checks.

Invalid certificate policies in leaf certificates are silently ignored by OpenSSL and other certificate policy checks are skipped for that certificate. A malicious CA could use this to deliberately assert invalid certificate policies in order to circumvent policy checking on the certificate altogether.

Policy processing is disabled by default but can be enabled by passing the -policy' argument to the command line utilities or by calling the X509_VERIFY_PARAM_set1_policies()' function.

Remediation

Upgrade Debian:11 openssl to version 1.1.1n-0+deb11u5 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-0465
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=10325176f3d3e98c6e2b3bf5ab1e3b334de6947a
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1dd43e0709fece299b15208f36cc7c76209ba0bb
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=b013765abfa80036dc779dd0e50602c57bb3bf95
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=facfb1ab745646e97a1920977ae4a9965ea61d5c
• https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
• https://security.gentoo.org/glsa/202402-08
• https://security.netapp.com/advisory/ntap-20230414-0001/
• https://www.debian.org/security/2023/dsa-5417
• https://www.openssl.org/news/secadv/20230328.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

The function X509_VERIFY_PARAM_add0_policy() is documented to implicitly enable the certificate policy check when doing certificate verification. However the implementation of the function does not enable the check which allows certificates with invalid or incorrect policies to pass the certificate verification.

As suddenly enabling the policy check could break existing deployments it was decided to keep the existing behavior of the X509_VERIFY_PARAM_add0_policy() function.

Instead the applications that require OpenSSL to perform certificate policy check need to use X509_VERIFY_PARAM_set1_policies() or explicitly enable the policy check by calling X509_VERIFY_PARAM_set_flags() with the X509_V_FLAG_POLICY_CHECK flag argument.

Certificate policy checks are disabled by default in OpenSSL and are not commonly used by applications.

Remediation

Upgrade Debian:11 openssl to version 1.1.1n-0+deb11u5 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-0466
• http://www.openwall.com/lists/oss-security/2023/09/28/4
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=0d16b7e99aafc0b4a6d729eec65a411a7e025f0a
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=51e8a84ce742db0f6c70510d0159dad8f7825908
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=73398dea26de9899fb4baa94098ad0a61f435c72
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc814a30fc4f0bc54fcea7d9a7462f5457aab061
• https://lists.debian.org/debian-lts-announce/2023/06/msg00011.html
• https://security.gentoo.org/glsa/202402-08
• https://security.netapp.com/advisory/ntap-20230414-0001/
• https://www.debian.org/security/2023/dsa-5417
• https://www.openssl.org/news/secadv/20230328.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

Issue summary: Generating excessively long X9.42 DH keys or checking excessively long X9.42 DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_generate_key() to generate an X9.42 DH key may experience long delays. Likewise, applications that use DH_check_pub_key(), DH_check_pub_key_ex() or EVP_PKEY_public_check() to check an X9.42 DH key or X9.42 DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.

While DH_check() performs all the necessary checks (as of CVE-2023-3817), DH_check_pub_key() doesn't make any of these checks, and is therefore vulnerable for excessively large P and Q parameters.

Likewise, while DH_generate_key() performs a check for an excessively large P, it doesn't check for an excessively large Q.

An application that calls DH_generate_key() or DH_check_pub_key() and supplies a key or parameters obtained from an untrusted source could be vulnerable to a Denial of Service attack.

DH_generate_key() and DH_check_pub_key() are also called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_pub_key_ex(), EVP_PKEY_public_check(), and EVP_PKEY_generate().

Also vulnerable are the OpenSSL pkey command line application when using the "-pubcheck" option, as well as the OpenSSL genpkey command line application.

The OpenSSL SSL/TLS implementation is not affected by this issue.

The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

Remediation

Upgrade Debian:11 openssl to version 1.1.1w-0+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-5678
• http://www.openwall.com/lists/oss-security/2023/11/06/2
• http://www.openwall.com/lists/oss-security/2024/03/11/1
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=34efaef6c103d636ab507a0cc34dca4d3aecc055
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=710fee740904b6290fef0dd5536fbcedbc38ff0c
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=db925ae2e65d0d925adef429afc37f75bd1c2017
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=ddeb4b6c6d527e54ce9a99cba785c0f7776e54b6
• https://security.netapp.com/advisory/ntap-20231130-0010/
• https://www.openssl.org/news/secadv/20231106.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

Issue summary: Checking excessively long DH keys or parameters may be very slow.

Impact summary: Applications that use the functions DH_check(), DH_check_ex() or EVP_PKEY_param_check() to check a DH key or DH parameters may experience long delays. Where the key or parameters that are being checked have been obtained from an untrusted source this may lead to a Denial of Service.

The function DH_check() performs various checks on DH parameters. One of those checks confirms that the modulus ('p' parameter) is not too large. Trying to use a very large modulus is slow and OpenSSL will not normally use a modulus which is over 10,000 bits in length.

However the DH_check() function checks numerous aspects of the key or parameters that have been supplied. Some of those checks use the supplied modulus value even if it has already been found to be too large.

An application that calls DH_check() and supplies a key or parameters obtained from an untrusted source could be vulernable to a Denial of Service attack.

The function DH_check() is itself called by a number of other OpenSSL functions. An application calling any of those other functions may similarly be affected. The other functions affected by this are DH_check_ex() and EVP_PKEY_param_check().

Also vulnerable are the OpenSSL dhparam and pkeyparam command line applications when using the '-check' option.

The OpenSSL SSL/TLS implementation is not affected by this issue. The OpenSSL 3.0 and 3.1 FIPS providers are not affected by this issue.

Remediation

Upgrade Debian:11 openssl to version 1.1.1v-0~deb11u1 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2023-3446
• http://www.openwall.com/lists/oss-security/2023/07/19/4
• http://www.openwall.com/lists/oss-security/2023/07/19/5
• http://www.openwall.com/lists/oss-security/2023/07/19/6
• http://www.openwall.com/lists/oss-security/2023/07/31/1
• http://www.openwall.com/lists/oss-security/2024/05/16/1
• https://lists.debian.org/debian-lts-announce/2023/08/msg00019.html
• https://security.gentoo.org/glsa/202402-08
• https://security.netapp.com/advisory/ntap-20230803-0011/
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=1fa20cf2f506113c761777127a38bce5068740eb
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=8780a896543a654e757db1b9396383f9d8095528
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=9a0a4d3c1e7138915563c0df4fe6a3f9377b839c
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=fc9867c1e03c22ebf56943be205202e576aabf23
• https://www.openssl.org/news/secadv/20230719.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream openssl package and not the openssl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data that was preexisting in the memory that wasn't written. In the special case of "in place" encryption, sixteen bytes of the plaintext would be revealed. Since OpenSSL does not support OCB based cipher suites for TLS and DTLS, they are both unaffected. Fixed in OpenSSL 3.0.5 (Affected 3.0.0-3.0.4). Fixed in OpenSSL 1.1.1q (Affected 1.1.1-1.1.1p).

Remediation

Upgrade Debian:11 openssl to version 1.1.1n-0+deb11u4 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-2097
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=919925673d6c9cfed3c1085497f5dfbbed5fc431
• https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=a98f339ddd7e8f487d6e0088d4a9a42324885a93
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/
• https://cert-portal.siemens.com/productcert/pdf/ssa-332410.pdf
• https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=919925673d6c9cfed3c1085497f5dfbbed5fc431
• https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=a98f339ddd7e8f487d6e0088d4a9a42324885a93
• https://lists.debian.org/debian-lts-announce/2023/02/msg00019.html
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/R6CK57NBQFTPUMXAPJURCGXUYT76NQAK/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V6567JERRHHJW2GNGJGKDRNHR7SNPZK7/
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/VCMNWKERPBKOEBNL7CLTTX3ZZCZLH7XA/
• https://security.gentoo.org/glsa/202210-02
• https://security.netapp.com/advisory/ntap-20220715-0011/
• https://security.netapp.com/advisory/ntap-20230420-0008/
• https://security.netapp.com/advisory/ntap-20240621-0006/
• https://www.debian.org/security/2023/dsa-5343
• https://www.openssl.org/news/secadv/20220705.txt

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A vulnerability was found in systemd-coredump. This flaw allows an attacker to force a SUID process to crash and replace it with a non-SUID binary to access the original's privileged process coredump, allowing the attacker to read sensitive data, such as /etc/shadow content, loaded by the original process.

A SUID binary or process has a special type of permission, which allows the process to run with the file owner's permissions, regardless of the user executing the binary. This allows the process to access more restricted data than unprivileged users or processes would be able to. An attacker can leverage this flaw by forcing a SUID process to crash and force the Linux kernel to recycle the process PID before systemd-coredump can analyze the /proc/pid/auxv file. If the attacker wins the race condition, they gain access to the original's SUID process coredump file. They can read sensitive content loaded into memory by the original binary, affecting data confidentiality.

Remediation

Upgrade Debian:11 systemd to version 247.3-7+deb11u7 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2025-4598
• https://access.redhat.com/security/cve/CVE-2025-4598
• https://bugzilla.redhat.com/show_bug.cgi?id=2369242
• https://www.openwall.com/lists/oss-security/2025/05/29/3
• http://www.openwall.com/lists/oss-security/2025/06/05/1
• http://www.openwall.com/lists/oss-security/2025/06/05/3
• https://blogs.oracle.com/linux/post/analysis-of-cve-2025-4598
• https://ciq.com/blog/the-real-danger-of-systemd-coredump-cve-2025-4598/
• https://www.openwall.com/lists/oss-security/2025/08/18/3

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:11 relevant fixed versions and status.

A malicious server can serve excessive amounts of Set-Cookie: headers in a HTTP response to curl and curl < 7.84.0 stores all of them. A sufficiently large amount of (big) cookies make subsequent HTTP requests to this, or other servers to which the cookies match, create requests that become larger than the threshold that curl uses internally to avoid sending crazy large requests (1048576 bytes) and instead returns an error.This denial state might remain for as long as the same cookies are kept, match and haven't expired. Due to cookie matching rules, a server on foo.example.com can set cookies that also would match for bar.example.com, making it it possible for a "sister server" to effectively cause a denial of service for a sibling site on the same second level domain using this method.

Remediation

Upgrade Debian:11 curl to version 7.74.0-1.3+deb11u2 or higher.

References

• https://security-tracker.debian.org/tracker/CVE-2022-32205
• https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/
• http://seclists.org/fulldisclosure/2022/Oct/28
• http://seclists.org/fulldisclosure/2022/Oct/41
• https://cert-portal.siemens.com/productcert/pdf/ssa-333517.pdf
• https://hackerone.com/reports/1569946
• https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BEV6BR4MTI3CEWK2YU2HQZUW5FAS3FEY/
• https://security.gentoo.org/glsa/202212-01
• https://security.netapp.com/advisory/ntap-20220915-0003/
• https://support.apple.com/kb/HT213488
• https://www.debian.org/security/2022/dsa-5197