NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass stack guard protection. The component is: nptl. The attack vector is: Exploit stack buffer overflow vulnerability and use this bypass vulnerability to bypass stack guard. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010022
• https://sourceware.org/bugzilla/show_bug.cgi?id=22850
• https://sourceware.org/bugzilla/show_bug.cgi?id=22850#c3
• https://ubuntu.com/security/CVE-2019-1010022

NVD Description

Note: Versions mentioned in the description apply only to the upstream tar package and not the tar package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Tar 1.15.1 does not properly warn the user when extracting setuid or setgid files, which may allow local users or remote attackers to gain privileges.

Remediation

There is no fixed version for Debian:13 tar.

References

• https://security-tracker.debian.org/tracker/CVE-2005-2541
• http://marc.info/?l=bugtraq&m=112327628230258&w=2
• https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c@%3Cissues.guacamole.apache.org%3E
• https://lists.apache.org/thread.html/rc713534b10f9daeee2e0990239fa407e2118e4aa9e88a7041177497c%40%3Cissues.guacamole.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Re-mapping current loaded library with malicious ELF file. The impact is: In worst case attacker may evaluate privileges. The component is: libld. The attack vector is: Attacker sends 2 ELF files to victim and asks to run ldd on it. ldd execute code. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010023
• https://support.f5.com/csp/article/K11932200?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=22851
• http://www.securityfocus.com/bid/109167
• https://ubuntu.com/security/CVE-2019-1010023
• https://support.f5.com/csp/article/K11932200?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils up to 2.44. It has been rated as critical. Affected by this issue is the function elf_gc_sweep of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. Upgrading to version 2.45 is able to address this issue. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-5244
• https://sourceware.org/bugzilla/attachment.cgi?id=16010
• https://sourceware.org/bugzilla/show_bug.cgi?id=32858
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=d1458933830456e54223d9fc61f0d9b3a19256f5
• https://vuldb.com/?ctiid.310346
• https://vuldb.com/?id.310346
• https://vuldb.com/?submit.584634
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as critical has been found in GNU Binutils up to 2.44. This affects the function debug_type_samep of the file /binutils/debug.c of the component objdump. The manipulation leads to memory corruption. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-5245
• https://sourceware.org/bugzilla/attachment.cgi?id=16004
• https://sourceware.org/bugzilla/show_bug.cgi?id=32829
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6c3458a8b7ee7d39f070c7b2350851cb2110c65a
• https://vuldb.com/?ctiid.310347
• https://vuldb.com/?id.310347
• https://vuldb.com/?submit.584635
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability, which was classified as problematic, has been found in GNU Binutils 2.45. Affected by this issue is the function bfd_elf_set_group_contents of the file bfd/elf.c. The manipulation leads to out-of-bounds write. It is possible to launch the attack on the local host. The exploit has been disclosed to the public and may be used. The name of the patch is 41461010eb7c79fee7a9d5f6209accdaac66cc6b. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-7546
• https://sourceware.org/bugzilla/attachment.cgi?id=16118
• https://sourceware.org/bugzilla/show_bug.cgi?id=33050#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=41461010eb7c79fee7a9d5f6209accdaac66cc6b
• https://vuldb.com/?ctiid.316244
• https://vuldb.com/?id.316244
• https://vuldb.com/?submit.614375
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=33050

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as problematic was found in GNU Binutils 2.45. Affected by this vulnerability is the function copy_section of the file binutils/objcopy.c. The manipulation leads to heap-based buffer overflow. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The patch is named 08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-7545
• https://sourceware.org/bugzilla/attachment.cgi?id=16117
• https://sourceware.org/bugzilla/show_bug.cgi?id=33049
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=08c3cbe5926e4d355b5cb70bbec2b1eeb40c2944
• https://vuldb.com/?ctiid.316243
• https://vuldb.com/?id.316243
• https://vuldb.com/?submit.614355
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=33049#c1

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.45. The affected element is the function elf_swap_shdr in the library bfd/elfcode.h of the component Linker. The manipulation leads to heap-based buffer overflow. The attack must be carried out locally. The exploit has been disclosed to the public and may be used. The identifier of the patch is 9ca499644a21ceb3f946d1c179c38a83be084490. To fix this issue, it is recommended to deploy a patch. The code maintainer replied with "[f]ixed for 2.46".

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11083
• https://sourceware.org/bugzilla/attachment.cgi?id=16353
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=9ca499644a21ceb3f946d1c179c38a83be084490
• https://vuldb.com/?ctiid.326124
• https://vuldb.com/?id.326124
• https://vuldb.com/?submit.661277
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=33457
• https://sourceware.org/bugzilla/show_bug.cgi?id=33457#c1

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw has been found in GNU Binutils 2.45. Impacted is the function _bfd_elf_parse_eh_frame of the file bfd/elf-eh-frame.c of the component Linker. Executing manipulation can lead to heap-based buffer overflow. The attack is restricted to local execution. The exploit has been published and may be used. This patch is called ea1a0737c7692737a644af0486b71e4a392cbca8. A patch should be applied to remediate this issue. The code maintainer replied with "[f]ixed for 2.46".

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11082
• https://sourceware.org/bugzilla/attachment.cgi?id=16358
• https://sourceware.org/bugzilla/show_bug.cgi?id=33464
• https://sourceware.org/bugzilla/show_bug.cgi?id=33464#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ea1a0737c7692737a644af0486b71e4a392cbca8
• https://vuldb.com/?ctiid.326123
• https://vuldb.com/?id.326123
• https://vuldb.com/?submit.661276
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The Apache HTTP Server, when accessed through a TCP connection with a large window size, allows remote attackers to cause a denial of service (network bandwidth consumption) via a Range header that specifies multiple copies of the same fragment. NOTE: the severity of this issue has been disputed by third parties, who state that the large window size required by the attack is not normally supported or configured by the server, or that a DDoS-style attack would accomplish the same goal

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2007-0086
• http://www.securityfocus.com/archive/1/455833/100/0/threaded
• http://www.securityfocus.com/archive/1/455879/100/0/threaded
• http://www.securityfocus.com/archive/1/455882/100/0/threaded
• http://www.securityfocus.com/archive/1/455920/100/0/threaded
• http://osvdb.org/33456

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(\227|)(\1\1|t1|\\2537)+' in grep.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2018-20796
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
• https://debbugs.gnu.org/cgi/bugreport.cgi?bug=34141
• https://lists.gnu.org/archive/html/bug-gnulib/2019-01/msg00108.html
• https://security.netapp.com/advisory/ntap-20190315-0002/
• http://www.securityfocus.com/bid/107160
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20796
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In the GNU C Library (aka glibc or libc6) through 2.29, check_dst_limits_calc_pos_1 in posix/regexec.c has Uncontrolled Recursion, as demonstrated by '(|)(\1\1)*' in grep, a different issue than CVE-2018-20796. NOTE: the software maintainer disputes that this is a vulnerability because the behavior occurs only with a crafted pattern

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-9192
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=24269
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2019-9192
• https://support.f5.com/csp/article/K26346590?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream jansson package and not the jansson package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in Jansson through 2.13.1. Due to a parsing error in json_loads, there's an out-of-bounds read-access bug. NOTE: the vendor reports that this only occurs when a programmer fails to follow the API specification

Remediation

There is no fixed version for Debian:13 jansson.

References

• https://security-tracker.debian.org/tracker/CVE-2020-36325
• https://github.com/akheron/jansson/issues/548

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in MIT Kerberos 5 (aka krb5) through 1.16. There is a variable "dbentry->n_key_data" in kadmin/dbutil/dump.c that can store 16-bit data but unknowingly the developer has assigned a "u4" variable to it, which is for 32-bit data. An attacker can use this vulnerability to affect other artifacts of the database as we know that a Kerberos database dump file contains trusted data.

Remediation

There is no fixed version for Debian:13 krb5.

References

• https://security-tracker.debian.org/tracker/CVE-2018-5709
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5709
• https://github.com/poojamnit/Kerberos-V5-1.16-Vulnerabilities/tree/master/Integer%20Overflow
• https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772@%3Cdev.mina.apache.org%3E
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-5709
• https://lists.apache.org/thread.html/rf9fa47ab66495c78bb4120b0754dd9531ca2ff0430f6685ac9b07772%40%3Cdev.mina.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The nss_parse_ciphers function in libraries/libldap/tls_m.c in OpenLDAP does not properly parse OpenSSL-style multi-keyword mode cipher strings, which might cause a weaker than intended cipher to be used and allow remote attackers to have unspecified impact via unknown vectors.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2015-3276
• http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
• https://bugzilla.redhat.com/show_bug.cgi?id=1238322
• http://rhn.redhat.com/errata/RHSA-2015-2131.html
• http://www.securitytracker.com/id/1034221
• https://access.redhat.com/errata/RHSA-2015:2131
• https://access.redhat.com/security/cve/CVE-2015-3276

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

contrib/slapd-modules/nops/nops.c in OpenLDAP through 2.4.45, when both the nops module and the memberof overlay are enabled, attempts to free a buffer that was allocated on the stack, which allows remote attackers to cause a denial of service (slapd crash) via a member MODDN operation.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2017-17740
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-17740
• http://www.openldap.org/its/index.cgi/Incoming?id=8759
• http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00053.html
• http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00058.html
• https://kc.mcafee.com/corporate/index?page=content&id=SB10365
• https://www.oracle.com/security-alerts/cpuapr2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A double free exists in the another_hunk function in pch.c in GNU patch through 2.7.6.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2018-6952
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6952
• https://security.gentoo.org/glsa/201904-17
• https://savannah.gnu.org/bugs/index.php?53133
• https://access.redhat.com/errata/RHSA-2019:2033
• http://www.securityfocus.com/bid/103047
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6952

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in GNU patch through 2.7.6. There is a segmentation fault, associated with a NULL pointer dereference, leading to a denial of service in the intuit_diff_type function in pch.c, aka a "mangled rename" issue.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2018-6951
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-6951
• https://security.gentoo.org/glsa/201904-17
• https://git.savannah.gnu.org/cgit/patch.git/commit/?id=f290f48a621867084884bfff87f8093c15195e6a
• https://savannah.gnu.org/bugs/index.php?53132
• http://www.securityfocus.com/bid/103044
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-6951
• https://usn.ubuntu.com/3624-1/

NVD Description

Note: Versions mentioned in the description apply only to the upstream m4 package and not the m4 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The (1) maketemp and (2) mkstemp builtin functions in GNU m4 before 1.4.11 do not quote their output when a file is created, which might allow context-dependent attackers to trigger a macro expansion, leading to unspecified use of an incorrect filename.

Remediation

There is no fixed version for Debian:13 m4.

References

• https://security-tracker.debian.org/tracker/CVE-2008-1687
• http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
• http://www.vupen.com/english/advisories/2008/1151/references
• http://xforce.iss.net/xforce/xfdb/41706
• http://www.openwall.com/lists/oss-security/2008/04/07/1
• http://www.openwall.com/lists/oss-security/2008/04/07/12
• http://www.openwall.com/lists/oss-security/2008/04/07/3
• http://www.openwall.com/lists/oss-security/2008/04/07/4
• http://secunia.com/advisories/29671
• http://secunia.com/advisories/29729
• http://www.securityfocus.com/bid/28688
• https://exchange.xforce.ibmcloud.com/vulnerabilities/41706

NVD Description

Note: Versions mentioned in the description apply only to the upstream m4 package and not the m4 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Unspecified vulnerability in GNU m4 before 1.4.11 might allow context-dependent attackers to execute arbitrary code, related to improper handling of filenames specified with the -F option. NOTE: it is not clear when this issue crosses privilege boundaries.

Remediation

There is no fixed version for Debian:13 m4.

References

• https://security-tracker.debian.org/tracker/CVE-2008-1688
• http://osvdb.org/44272
• http://slackware.com/security/viewer.php?l=slackware-security&y=2008&m=slackware-security.510612
• http://www.vupen.com/english/advisories/2008/1151/references
• http://xforce.iss.net/xforce/xfdb/41704
• http://www.openwall.com/lists/oss-security/2008/04/07/1
• http://www.openwall.com/lists/oss-security/2008/04/07/3
• http://secunia.com/advisories/29671
• http://secunia.com/advisories/29729
• http://www.securityfocus.com/bid/28688
• https://exchange.xforce.ibmcloud.com/vulnerabilities/41704

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A heap-based buffer over-read exists in the function d_expression_1 in cp-demangle.c in GNU libiberty, as distributed in GNU Binutils 2.31.1. A crafted input can cause segmentation faults, leading to denial-of-service, as demonstrated by c++filt.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2018-20712
• https://support.f5.com/csp/article/K38336243
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-20712
• https://gcc.gnu.org/bugzilla/show_bug.cgi?id=88629
• https://sourceware.org/bugzilla/show_bug.cgi?id=24043
• http://www.securityfocus.com/bid/106563
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20712

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in GNU libiberty, as distributed in GNU Binutils 2.36. It is a stack-overflow issue in demangle_type in rust-demangle.c.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2021-32256
• https://bugs.launchpad.net/ubuntu/+source/binutils/+bug/1927070
• https://security.netapp.com/advisory/ntap-20230824-0013/

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Apache httpd 2.0.59 and 2.2.4, with the Prefork MPM module, allows local users to cause a denial of service via certain code sequences executed in a worker process that (1) stop request processing by killing all worker processes and preventing creation of replacements or (2) hang the system by forcing the master process to fork an arbitrarily large number of worker processes. NOTE: This might be an inherent design limitation of Apache with respect to worker processes in hosted environments.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2007-3303
• http://www.securityfocus.com/archive/1/469899/100/0/threaded
• http://www.securityfocus.com/archive/1/471832/100/0/threaded
• http://security.psnc.pl/files/apache_report.pdf
• http://osvdb.org/37050
• http://www.securityfocus.com/bid/24215
• http://securityreason.com/securityalert/2814

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

initscripts in rPath Linux 1 sets insecure permissions for the /var/log/btmp file, which allows local users to obtain sensitive information regarding authentication attempts. NOTE: because sshd detects the insecure permissions and does not log certain events, this also prevents sshd from logging failed authentication attempts by remote attackers.

Remediation

There is no fixed version for Debian:13 shadow.

References

• https://security-tracker.debian.org/tracker/CVE-2007-5686
• http://www.securityfocus.com/archive/1/482129/100/100/threaded
• http://www.securityfocus.com/archive/1/482857/100/0/threaded
• https://issues.rpath.com/browse/RPL-1825
• http://secunia.com/advisories/27215
• http://www.securityfocus.com/bid/26048
• http://www.vupen.com/english/advisories/2007/3474

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in util-linux. This vulnerability allows a heap buffer overread when processing 256-byte usernames, specifically within the setpwnam() function, affecting SUID (Set User ID) login-utils utilities writing to the password database.

Remediation

There is no fixed version for Debian:13 util-linux.

References

• https://security-tracker.debian.org/tracker/CVE-2025-14104
• https://access.redhat.com/security/cve/CVE-2025-14104
• https://bugzilla.redhat.com/show_bug.cgi?id=2419369

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as problematic was found in GNU Binutils 2.43/2.44. Affected by this vulnerability is the function bfd_set_format of the file format.c. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. Upgrading to version 2.45 is able to address this issue. The identifier of the patch is 8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1153
• https://sourceware.org/bugzilla/show_bug.cgi?id=32603
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=8d97c1a53f3dc9fd8e1ccdb039b8a33d50133150
• https://vuldb.com/?ctiid.295057
• https://vuldb.com/?id.295057
• https://vuldb.com/?submit.489991
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250404-0005/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. Affected by this vulnerability is the function bfd_putl64 of the file libbfd.c of the component ld. The manipulation leads to memory corruption. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The identifier of the patch is 75086e9de1707281172cc77f178e7949a4414ed0. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1178
• https://sourceware.org/bugzilla/attachment.cgi?id=15914
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=75086e9de1707281172cc77f178e7949a4414ed0
• https://vuldb.com/?ctiid.295081
• https://vuldb.com/?id.295081
• https://vuldb.com/?submit.495369
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250411-0008/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32638

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The C++ symbol demangler routine in cplus-dem.c in libiberty, as distributed in GNU Binutils 2.29, allows remote attackers to cause a denial of service (excessive memory allocation and application crash) via a crafted file, as demonstrated by a call from the Binary File Descriptor (BFD) library (aka libbfd).

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2017-13716
• https://sourceware.org/bugzilla/show_bug.cgi?id=22009
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-13716

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.43/2.44 and classified as problematic. Affected by this vulnerability is the function display_info of the file binutils/bucomm.c of the component objdump. The manipulation leads to memory leak. An attack has to be approached locally. The exploit has been disclosed to the public and may be used. The patch is named ba6ad3a18cb26b79e0e3b84c39f707535bbc344d. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-3198
• https://sourceware.org/bugzilla/show_bug.cgi?id=32716#c0
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=ba6ad3a18cb26b79e0e3b84c39f707535bbc344d
• https://vuldb.com/?ctiid.303151
• https://vuldb.com/?id.303151
• https://vuldb.com/?submit.545773
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32716

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was detected in GNU Binutils 2.45. This issue affects the function dump_dwarf_section of the file binutils/objdump.c. Performing manipulation results in out-of-bounds read. The attack is only possible with local access. The exploit is now public and may be used. The patch is named f87a66db645caf8cc0e6fc87b0c28c78a38af59b. It is suggested to install a patch to address this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11081
• https://github.com/user-attachments/files/20623354/hdf5_crash_3.txt
• https://sourceware.org/bugzilla/show_bug.cgi?id=33406
• https://sourceware.org/bugzilla/show_bug.cgi?id=33406#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f87a66db645caf8cc0e6fc87b0c28c78a38af59b
• https://vuldb.com/?ctiid.326122
• https://vuldb.com/?id.326122
• https://vuldb.com/?submit.661275
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was determined in GNU Binutils 2.45. The affected element is the function elf_x86_64_relocate_section of the file elf64-x86-64.c of the component Linker. This manipulation causes heap-based buffer overflow. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Patch name: 6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0. To fix this issue, it is recommended to deploy a patch.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11495
• https://sourceware.org/bugzilla/attachment.cgi?id=16393
• https://sourceware.org/bugzilla/show_bug.cgi?id=33502
• https://sourceware.org/bugzilla/show_bug.cgi?id=33502#c3
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=6b21c8b2ecfef5c95142cbc2c32f185cb1c26ab0
• https://vuldb.com/?ctiid.327620
• https://vuldb.com/?id.327620
• https://vuldb.com/?submit.668290
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.45. Impacted is the function _bfd_x86_elf_late_size_sections of the file bfd/elfxx-x86.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. The patch is identified as b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a. A patch should be applied to remediate this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11494
• https://sourceware.org/bugzilla/attachment.cgi?id=16389
• https://sourceware.org/bugzilla/show_bug.cgi?id=33499
• https://sourceware.org/bugzilla/show_bug.cgi?id=33499#c2
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b6ac5a8a5b82f0ae6a4642c8d7149b325f4cc60a
• https://vuldb.com/?ctiid.327619
• https://vuldb.com/?id.327619
• https://vuldb.com/?submit.668281
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A weakness has been identified in GNU Binutils 2.45. The affected element is the function vfinfo of the file ldmisc.c. Executing manipulation can lead to out-of-bounds read. The attack can only be executed locally. The exploit has been made available to the public and could be exploited. This patch is called 16357. It is best practice to apply a patch to resolve this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11840
• https://sourceware.org/bugzilla/attachment.cgi?id=16351
• https://sourceware.org/bugzilla/attachment.cgi?id=16357
• https://sourceware.org/bugzilla/show_bug.cgi?id=33455
• https://vuldb.com/?ctiid.328775
• https://vuldb.com/?id.328775
• https://vuldb.com/?submit.661281
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was determined in GNU Binutils 2.45. Affected by this vulnerability is the function get_link_hash_entry of the file bfd/elflink.c of the component Linker. This manipulation causes out-of-bounds read. The attack can only be executed locally. The exploit has been publicly disclosed and may be utilized. Upgrading to version 2.46 addresses this issue. Patch name: aeaaa9af6359c8e394ce9cf24911fec4f4d23703. It is advisable to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11414
• https://sourceware.org/bugzilla/attachment.cgi?id=16361
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=aeaaa9af6359c8e394ce9cf24911fec4f4d23703
• https://vuldb.com/?ctiid.327350
• https://vuldb.com/?id.327350
• https://vuldb.com/?submit.665591
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=33450

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.45. Affected is the function elf_link_add_object_symbols of the file bfd/elflink.c of the component Linker. The manipulation results in out-of-bounds read. The attack needs to be approached locally. The exploit has been made public and could be used. Upgrading to version 2.46 is able to address this issue. The patch is identified as 72efdf166aa0ed72ecc69fc2349af6591a7a19c0. Upgrading the affected component is advised.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11413
• https://sourceware.org/bugzilla/attachment.cgi?id=16362
• https://sourceware.org/bugzilla/show_bug.cgi?id=33456#c10
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=72efdf166aa0ed72ecc69fc2349af6591a7a19c0
• https://vuldb.com/?ctiid.327349
• https://vuldb.com/?id.327349
• https://vuldb.com/?submit.665587
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=33452

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.45. This impacts the function bfd_elf_gc_record_vtentry of the file bfd/elflink.c of the component Linker. The manipulation leads to out-of-bounds read. Local access is required to approach this attack. The exploit has been disclosed to the public and may be used. The identifier of the patch is 047435dd988a3975d40c6626a8f739a0b2e154bc. To fix this issue, it is recommended to deploy a patch.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11412
• https://sourceware.org/bugzilla/attachment.cgi?id=16378
• https://sourceware.org/bugzilla/show_bug.cgi?id=33452#c8
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=047435dd988a3975d40c6626a8f739a0b2e154bc
• https://vuldb.com/?ctiid.327348
• https://vuldb.com/?id.327348
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=33452

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The demangle_template function in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.31.1, contains an integer overflow vulnerability (for "Create an array for saving the template argument values") that can trigger a heap-based buffer overflow, as demonstrated by nm.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2018-20673
• https://sourceware.org/bugzilla/show_bug.cgi?id=24039
• http://www.securityfocus.com/bid/106454
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-20673

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A security flaw has been discovered in GNU Binutils 2.45. Impacted is the function tg_tag_type of the file prdbg.c. Performing manipulation results in unchecked return value. The attack needs to be approached locally. The exploit has been released to the public and may be exploited.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-11839
• https://sourceware.org/bugzilla/attachment.cgi?id=16344
• https://vuldb.com/?ctiid.328774
• https://vuldb.com/?id.328774
• https://vuldb.com/?submit.661279
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=33448

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in cplus-dem.c in GNU libiberty, as distributed in GNU Binutils 2.30. Stack Exhaustion occurs in the C++ demangling functions provided by libiberty, and there are recursive stack frames: demangle_template_value_parm, demangle_integral_value, and demangle_expression.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2018-9996
• https://gcc.gnu.org/bugzilla/show_bug.cgi?id=85304
• http://www.securityfocus.com/bid/103733
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-9996

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In libexpat through 2.7.3, a crafted file with an approximate size of 2 MiB can lead to dozens of seconds of processing time.

Remediation

There is no fixed version for Debian:13 expat.

References

• https://security-tracker.debian.org/tracker/CVE-2025-66382
• https://github.com/libexpat/libexpat/issues/1076
• http://www.openwall.com/lists/oss-security/2025/12/02/1

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An Invalid Pointer vulnerability exists in GNU patch 2.7 via the another_hunk function, which causes a Denial of Service.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2021-45261
• https://savannah.gnu.org/bugs/?61685

NVD Description

Note: Versions mentioned in the description apply only to the upstream re2c package and not the re2c package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

re2c before 2.0 has uncontrolled recursion that causes stack consumption in find_fixed_tags.

Remediation

There is no fixed version for Debian:13 re2c.

References

• https://security-tracker.debian.org/tracker/CVE-2018-21232
• https://github.com/skvadrik/re2c/issues/219
• https://www.openwall.com/lists/oss-security/2020/04/27/2
• http://www.openwall.com/lists/oss-security/2020/05/14/4
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2018-21232

NVD Description

Note: Versions mentioned in the description apply only to the upstream util-linux package and not the util-linux package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in the util-linux chfn and chsh utilities when compiled with Readline support. The Readline library uses an "INPUTRC" environment variable to get a path to the library config file. When the library cannot parse the specified file, it prints an error message containing data from the file. This flaw allows an unprivileged user to read root-owned files, potentially leading to privilege escalation. This flaw affects util-linux versions prior to 2.37.4.

Remediation

There is no fixed version for Debian:13 util-linux.

References

• https://security-tracker.debian.org/tracker/CVE-2022-0563
• https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w@ws.net.home/T/#u
• https://lore.kernel.org/util-linux/20220214110609.msiwlm457ngoic6w%40ws.net.home/T/#u
• https://security.gentoo.org/glsa/202401-08
• https://security.netapp.com/advisory/ntap-20220331-0002/

NVD Description

Note: Versions mentioned in the description apply only to the upstream patch package and not the patch package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Directory traversal vulnerability in util.c in GNU patch 2.6.1 and earlier allows user-assisted remote attackers to create or overwrite arbitrary files via a filename that is specified with a .. (dot dot) or full pathname, a related issue to CVE-2010-1679.

Remediation

There is no fixed version for Debian:13 patch.

References

• https://security-tracker.debian.org/tracker/CVE-2010-4651
• http://support.apple.com/kb/HT4723
• http://lists.apple.com/archives/security-announce/2011//Jun/msg00000.html
• http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055241.html
• http://lists.fedoraproject.org/pipermail/package-announce/2011-March/055246.html
• http://git.savannah.gnu.org/cgit/patch.git/commit/?id=685a78b6052f4df6eac6d625a545cfb54a6ac0e1
• http://lists.gnu.org/archive/html/bug-patch/2010-12/msg00000.html
• http://www.vupen.com/english/advisories/2011/0600
• http://openwall.com/lists/oss-security/2011/01/05/10
• http://openwall.com/lists/oss-security/2011/01/06/19
• http://openwall.com/lists/oss-security/2011/01/06/20
• http://openwall.com/lists/oss-security/2011/01/06/21
• https://bugzilla.redhat.com/show_bug.cgi?id=667529
• http://secunia.com/advisories/43663
• http://secunia.com/advisories/43677
• http://www.securityfocus.com/bid/46768
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2010-4651

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The mod_php module for the Apache HTTP Server allows local users with write access to PHP scripts to send signals to the server's process group and use the server's file descriptors, as demonstrated by sending a STOP signal, then intercepting incoming connections on the server's TCP port. NOTE: the PHP developer has disputed this vulnerability, saying "The opened file descriptors are opened by Apache. It is the job of Apache to protect them ... Not a bug in PHP.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2003-1307
• http://www.securityfocus.com/archive/1/348368
• http://www.securityfocus.com/archive/1/449234/100/0/threaded
• http://www.securityfocus.com/archive/1/449298/100/0/threaded
• http://bugs.php.net/38915
• http://hackerdom.ru/~dimmo/phpexpl.c
• http://www.securityfocus.com/bid/9302

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

suexec in Apache HTTP Server (httpd) 2.2.3 does not verify combinations of user and group IDs on the command line, which might allow local users to leverage other vulnerabilities to create arbitrary UID/GID owned files if /proc is mounted. NOTE: the researcher, who is reliable, claims that the vendor disputes the issue because "the attacks described rely on an insecure server configuration" in which the user "has write access to the document root." In addition, because this is dependent on other vulnerabilities, perhaps this is resultant and should not be included in CVE.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2007-1743
• http://marc.info/?l=apache-httpd-dev&m=117511568709063&w=2
• http://marc.info/?l=apache-httpd-dev&m=117511834512138&w=2
• http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=511
• http://www.securitytracker.com/id?1017904

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU Binutils 2.43 and classified as problematic. Affected by this vulnerability is the function __sanitizer::internal_strlen of the file binutils/nm.c of the component nm. The manipulation of the argument const leads to buffer overflow. The attack can be launched remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1147
• https://sourceware.org/bugzilla/attachment.cgi?id=15881
• https://sourceware.org/bugzilla/show_bug.cgi?id=32556
• https://vuldb.com/?ctiid.295051
• https://vuldb.com/?id.295051
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250404-0003/
• https://vuldb.com/?submit.485254

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may bypass ASLR using cache of thread stack and heap. The component is: glibc. NOTE: Upstream comments indicate "this is being treated as a non-security bug and no real threat.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010024
• https://support.f5.com/csp/article/K06046097
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=22852
• http://www.securityfocus.com/bid/109162
• https://ubuntu.com/security/CVE-2019-1010024
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

GNU Libc current is affected by: Mitigation bypass. The impact is: Attacker may guess the heap addresses of pthread_created thread. The component is: glibc. NOTE: the vendor's position is "ASLR bypass itself is not a vulnerability.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2019-1010025
• https://support.f5.com/csp/article/K06046097
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&utm_medium=RSS
• https://sourceware.org/bugzilla/show_bug.cgi?id=22853
• https://ubuntu.com/security/CVE-2019-1010025
• https://support.f5.com/csp/article/K06046097?utm_source=f5support&amp%3Butm_medium=RSS

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify the contents of past events in a sealed log file and then adjust the file such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2023-31439
• https://github.com/kastel-security/Journald
• https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf
• https://github.com/systemd/systemd/pull/28885
• https://github.com/systemd/systemd/releases

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can truncate a sealed log file and then resume log sealing such that checking the integrity shows no error, despite modifications. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2023-31438
• https://github.com/kastel-security/Journald
• https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf
• https://github.com/systemd/systemd/pull/28886
• https://github.com/systemd/systemd/releases

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An issue was discovered in systemd 253. An attacker can modify a sealed log file such that, in some views, not all existing and sealed log messages are displayed. NOTE: the vendor reportedly sent "a reply denying that any of the finding was a security vulnerability."

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2023-31437
• https://github.com/kastel-security/Journald
• https://github.com/kastel-security/Journald/blob/main/journald-publication.pdf
• https://github.com/systemd/systemd/releases

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43 and classified as critical. This issue affects the function _bfd_elf_gc_mark_rsec of the file elflink.c of the component ld. The manipulation leads to heap-based buffer overflow. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. The patch is named f9978defb6fab0bd8583942d97c112b0932ac814. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1176
• https://sourceware.org/bugzilla/attachment.cgi?id=15913
• https://sourceware.org/bugzilla/show_bug.cgi?id=32636
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=f9978defb6fab0bd8583942d97c112b0932ac814
• https://vuldb.com/?ctiid.295079
• https://vuldb.com/?id.295079
• https://vuldb.com/?submit.495329
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250411-0007/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as critical was found in GNU Binutils 2.43. This vulnerability affects the function _bfd_elf_gc_mark_rsec of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. The name of the patch is 931494c9a89558acb36a03a340c01726545eef24. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1181
• https://sourceware.org/bugzilla/attachment.cgi?id=15918
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=931494c9a89558acb36a03a340c01726545eef24
• https://vuldb.com/?ctiid.295084
• https://vuldb.com/?id.295084
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250425-0007/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32643
• https://vuldb.com/?submit.495402

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability, which was classified as critical, was found in GNU Binutils 2.43. Affected is the function bfd_elf_reloc_symbol_deleted_p of the file bfd/elflink.c of the component ld. The manipulation leads to memory corruption. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. The patch is identified as b425859021d17adf62f06fb904797cf8642986ad. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1182
• https://sourceware.org/bugzilla/attachment.cgi?id=15919
• https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=b425859021d17adf62f06fb904797cf8642986ad
• https://vuldb.com/?ctiid.295086
• https://vuldb.com/?id.295086
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32644
• https://vuldb.com/?submit.495407

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

In GNU Coreutils through 8.29, chown-core.c in chown and chgrp does not prevent replacement of a plain file with a symlink during use of the POSIX "-R -L" options, which allows local users to modify the ownership of arbitrary files by leveraging a race condition.

Remediation

There is no fixed version for Debian:13 coreutils.

References

• https://security-tracker.debian.org/tracker/CVE-2017-18018
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-18018
• http://lists.gnu.org/archive/html/coreutils/2017-12/msg00045.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

slapd in OpenLDAP 2.4.45 and earlier creates a PID file after dropping privileges to a non-root account, which might allow local users to kill arbitrary processes by leveraging access to this non-root account for PID file modification before a root script executes a "kill cat /pathname" command, as demonstrated by openldap-initscript.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2017-14159
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14159
• http://www.openldap.org/its/index.cgi?findid=8703
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2017-14159
• https://www.oracle.com/security-alerts/cpuapr2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream coreutils package and not the coreutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A flaw was found in GNU Coreutils. The sort utility's begfield() function is vulnerable to a heap buffer under-read. The program may access memory outside the allocated buffer if a user runs a crafted command using the traditional key format. A malicious input could lead to a crash or leak sensitive data.

Remediation

There is no fixed version for Debian:13 coreutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-5278
• https://access.redhat.com/security/cve/CVE-2025-5278
• https://bugzilla.redhat.com/show_bug.cgi?id=2368764
• http://www.openwall.com/lists/oss-security/2025/05/27/2
• http://www.openwall.com/lists/oss-security/2025/05/29/1
• https://cgit.git.savannah.gnu.org/cgit/coreutils.git/tree/NEWS?id=8c9602e3a145e9596dc1a63c6ed67865814b6633#n14
• http://www.openwall.com/lists/oss-security/2025/05/29/2
• https://cgit.git.savannah.gnu.org/cgit/coreutils.git/commit/?id=8c9602e3a145e9596dc1a63c6ed67865814b6633

NVD Description

Note: Versions mentioned in the description apply only to the upstream systemd package and not the systemd package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

systemd, when updating file permissions, allows local users to change the permissions and SELinux security contexts for arbitrary files via a symlink attack on unspecified files.

Remediation

There is no fixed version for Debian:13 systemd.

References

• https://security-tracker.debian.org/tracker/CVE-2013-4392
• http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=725357
• http://www.openwall.com/lists/oss-security/2013/10/01/9
• https://bugzilla.redhat.com/show_bug.cgi?id=859060

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, uses a logging format that does not identify whether a dotted quad represents an unresolved IP address, which allows remote attackers to spoof IP addresses via crafted DNS responses containing numerical top-level domains, as demonstrated by a forged 123.123.123.123 domain name, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2003-1580
• http://www.securityfocus.com/archive/1/313867

NVD Description

Note: Versions mentioned in the description apply only to the upstream glibc package and not the glibc package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The glob implementation in the GNU C Library (aka glibc or libc6) allows remote authenticated users to cause a denial of service (CPU and memory consumption) via crafted glob expressions that do not match any pathnames, as demonstrated by glob expressions in STAT commands to an FTP daemon, a different vulnerability than CVE-2010-2632.

Remediation

There is no fixed version for Debian:13 glibc.

References

• https://security-tracker.debian.org/tracker/CVE-2010-4756
• http://cxib.net/stuff/glob-0day.c
• http://securityreason.com/achievement_securityalert/89
• http://securityreason.com/exploitalert/9223
• https://bugzilla.redhat.com/show_bug.cgi?id=681681
• https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4756
• https://security.netapp.com/advisory/ntap-20241108-0002/

NVD Description

Note: Versions mentioned in the description apply only to the upstream gnutls28 package and not the gnutls28 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The SSL protocol, as used in certain configurations in Microsoft Windows and Microsoft Internet Explorer, Mozilla Firefox, Google Chrome, Opera, and other products, encrypts data by using CBC mode with chained initialization vectors, which allows man-in-the-middle attackers to obtain plaintext HTTP headers via a blockwise chosen-boundary attack (BCBA) on an HTTPS session, in conjunction with JavaScript code that uses (1) the HTML5 WebSocket API, (2) the Java URLConnection API, or (3) the Silverlight WebClient API, aka a "BEAST" attack.

Remediation

There is no fixed version for Debian:13 gnutls28.

References

• https://security-tracker.debian.org/tracker/CVE-2011-3389
• http://lists.apple.com/archives/Security-announce/2011//Oct/msg00001.html
• http://lists.apple.com/archives/Security-announce/2011//Oct/msg00002.html
• http://support.apple.com/kb/HT4999
• http://support.apple.com/kb/HT5001
• http://support.apple.com/kb/HT5130
• http://support.apple.com/kb/HT5281
• http://support.apple.com/kb/HT5501
• http://support.apple.com/kb/HT6150
• http://lists.apple.com/archives/security-announce/2012/Feb/msg00000.html
• http://lists.apple.com/archives/security-announce/2012/Jul/msg00001.html
• http://lists.apple.com/archives/security-announce/2012/May/msg00001.html
• http://lists.apple.com/archives/security-announce/2012/Sep/msg00004.html
• http://lists.apple.com/archives/security-announce/2013/Oct/msg00004.html
• http://www.us-cert.gov/cas/techalerts/TA12-010A.html
• http://www.kb.cert.org/vuls/id/864643
• http://googlechromereleases.blogspot.com/2011/10/chrome-stable-release.html
• http://blog.mozilla.com/security/2011/09/27/attack-against-tls-protected-communications/
• http://blogs.technet.com/b/msrc/archive/2011/09/26/microsoft-releases-security-advisory-2588513.aspx
• http://blogs.technet.com/b/srd/archive/2011/09/26/is-ssl-broken-more-about-security-advisory-2588513.aspx
• http://curl.haxx.se/docs/adv_20120124B.html
• http://downloads.asterisk.org/pub/security/AST-2016-001.html
• http://my.opera.com/securitygroup/blog/2011/09/28/the-beast-ssl-tls-issue
• https://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_fetchmail
• https://bugzilla.novell.com/show_bug.cgi?id=719047
• https://cert-portal.siemens.com/productcert/pdf/ssa-556833.pdf
• http://technet.microsoft.com/security/advisory/2588513
• http://www.apcmedia.com/salestools/SJHN-7RKGNM/SJHN-7RKGNM_R4_EN.pdf
• http://www.ibm.com/developerworks/java/jdk/alerts/
• http://www.imperialviolet.org/2011/09/23/chromeandbeast.html
• http://www.opera.com/docs/changelogs/mac/1151/
• http://www.opera.com/docs/changelogs/mac/1160/
• http://www.opera.com/docs/changelogs/unix/1151/
• http://www.opera.com/docs/changelogs/unix/1160/
• http://www.opera.com/docs/changelogs/windows/1151/
• http://www.opera.com/docs/changelogs/windows/1160/
• http://www.opera.com/support/kb/view/1004/
• http://www.debian.org/security/2012/dsa-2398
• http://security.gentoo.org/glsa/glsa-201203-02.xml
• http://security.gentoo.org/glsa/glsa-201406-32.xml
• https://h20564.www2.hp.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c03839862
• http://marc.info/?l=bugtraq&m=132750579901589&w=2
• http://marc.info/?l=bugtraq&m=132872385320240&w=2
• http://marc.info/?l=bugtraq&m=133365109612558&w=2
• http://marc.info/?l=bugtraq&m=133728004526190&w=2
• http://marc.info/?l=bugtraq&m=134254866602253&w=2
• http://marc.info/?l=bugtraq&m=134254957702612&w=2
• http://ekoparty.org/2011/juliano-rizzo.php
• http://eprint.iacr.org/2004/111
• http://eprint.iacr.org/2006/136
• http://isc.sans.edu/diary/SSL+TLS+part+3+/11635
• https://ics-cert.us-cert.gov/advisories/ICSMA-18-058-02
• http://vnhacker.blogspot.com/2011/09/beast.html
• http://www.educatedguesswork.org/2011/09/security_impact_of_the_rizzodu.html
• http://www.insecure.cl/Beast-SSL.rar
• https://docs.microsoft.com/en-us/security-updates/securitybulletins/2012/ms12-006
• http://technet.microsoft.com/security/bulletin/MS12-006
• http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00049.html
• http://lists.opensuse.org/opensuse-security-announce/2012-01/msg00051.html
• http://lists.opensuse.org/opensuse-security-announce/2012-05/msg00009.html
• http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html
• http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html
• http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html
• http://osvdb.org/74829
• https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A14752
• https://bugzilla.redhat.com/show_bug.cgi?id=737506
• http://rhn.redhat.com/errata/RHSA-2012-0508.html
• http://rhn.redhat.com/errata/RHSA-2013-1455.html
• http://secunia.com/advisories/45791
• http://secunia.com/advisories/47998
• http://secunia.com/advisories/48256
• http://secunia.com/advisories/48692
• http://secunia.com/advisories/48915
• http://secunia.com/advisories/48948
• http://secunia.com/advisories/49198
• http://secunia.com/advisories/55322
• http://secunia.com/advisories/55350
• http://secunia.com/advisories/55351
• http://www.securityfocus.com/bid/49388
• http://www.securityfocus.com/bid/49778
• http://www.securitytracker.com/id?1025997
• http://www.securitytracker.com/id?1026103
• http://www.securitytracker.com/id?1026704
• http://www.securitytracker.com/id/1029190
• http://lists.opensuse.org/opensuse-security-announce/2020-01/msg00040.html
• https://hermes.opensuse.org/messages/13154861
• https://hermes.opensuse.org/messages/13155432
• http://people.ubuntu.com/~ubuntu-security/cve/CVE-2011-3389
• http://www.ubuntu.com/usn/USN-1263-1
• http://www.mandriva.com/security/advisories?name=MDVSA-2012:058
• http://www.redhat.com/support/errata/RHSA-2011-1384.html
• http://www.redhat.com/support/errata/RHSA-2012-0006.html
• https://github.com/mpgn/BEAST-PoC

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A Memory Leak vulnerability exists in SQLite Project SQLite3 3.35.1 and 3.37.0 via maliciously crafted SQL Queries (made via editing the Database File), it is possible to query a record, and leak subsequent bytes of memory that extend beyond the record, which could let a malicious user obtain sensitive information. NOTE: The developer disputes this as a vulnerability stating that If you give SQLite a corrupted database file and submit a query against the database, it might read parts of the database that you did not intend or expect.

Remediation

There is no fixed version for Debian:13 sqlite3.

References

• https://security-tracker.debian.org/tracker/CVE-2021-45346
• https://github.com/guyinatuxedo/sqlite3_record_leaking
• https://security.netapp.com/advisory/ntap-20220303-0001/
• https://sqlite.org/forum/forumpost/056d557c2f8c452ed5
• https://sqlite.org/forum/forumpost/53de8864ba114bf6
• https://www.sqlite.org/cves.html#status_of_recent_sqlite_cves

NVD Description

Note: Versions mentioned in the description apply only to the upstream openldap package and not the openldap package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libldap in certain third-party OpenLDAP packages has a certificate-validation flaw when the third-party package is asserting RFC6125 support. It considers CN even when there is a non-matching subjectAltName (SAN). This is fixed in, for example, openldap-2.4.46-10.el8 in Red Hat Enterprise Linux.

Remediation

There is no fixed version for Debian:13 openldap.

References

• https://security-tracker.debian.org/tracker/CVE-2020-15719
• https://access.redhat.com/errata/RHBA-2019:3674
• https://bugs.openldap.org/show_bug.cgi?id=9266
• https://bugzilla.redhat.com/show_bug.cgi?id=1740070
• http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00033.html
• http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00059.html
• https://kc.mcafee.com/corporate/index?page=content&id=SB10365
• https://www.oracle.com/security-alerts/cpuapr2022.html

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

mod_usertrack in Apache 1.3.11 through 1.3.20 generates session ID's using predictable information including host IP address, system time and server process ID, which allows local users to obtain session ID's and bypass authentication when these session ID's are used for authentication.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2001-1534
• http://cert.uni-stuttgart.de/archive/bugtraq/2001/11/msg00084.html
• http://www.securityfocus.com/bid/3521
• http://www.iss.net/security_center/static/7494.php

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

CRLF injection vulnerability in the mod_negotiation module in the Apache HTTP Server 2.2.6 and earlier in the 2.2.x series, 2.0.61 and earlier in the 2.0.x series, and 1.3.39 and earlier in the 1.3.x series allows remote authenticated users to inject arbitrary HTTP headers and conduct HTTP response splitting attacks by uploading a file with a multi-line name containing HTTP header sequences and a file extension, which leads to injection within a (1) "406 Not Acceptable" or (2) "300 Multiple Choices" HTTP response when the extension is omitted in a request for the file.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2008-0456
• https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53@%3Ccvs.httpd.apache.org%3E
• http://support.apple.com/kb/HT3549
• http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
• http://www.securityfocus.com/archive/1/486847/100/0/threaded
• http://www.us-cert.gov/cas/techalerts/TA09-133A.html
• http://security.gentoo.org/glsa/glsa-200803-19.xml
• http://www.mindedsecurity.com/MSA01150108.html
• https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9@%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b@%3Ccvs.httpd.apache.org%3E
• http://rhn.redhat.com/errata/RHSA-2013-0130.html
• http://securitytracker.com/id?1019256
• http://secunia.com/advisories/29348
• http://secunia.com/advisories/35074
• http://www.securityfocus.com/bid/27409
• http://securityreason.com/securityalert/3575
• http://www.vupen.com/english/advisories/2009/1297
• https://exchange.xforce.ibmcloud.com/vulnerabilities/39893
• https://lists.apache.org/thread.html/8d63cb8e9100f28a99429b4328e4e7cebce861d5772ac9863ba2ae6f%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/f7f95ac1cd9895db2714fa3ebaa0b94d0c6df360f742a40951384a53%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r57608dc51b79102f3952ae06f54d5277b649c86d6533dcd6a7d201f7%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r75cbe9ea3e2114e4271bbeca7aff96117b50c1b6eb7c4772b0337c1f%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r7dd6be4dc38148704f2edafb44a8712abaa3a2be120d6c3314d55919%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r84d043c2115176958562133d96d851495d712aa49da155d81f6733be%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9ea3538f229874c80a10af473856a81fbf5f694cd7f471cc679ba70b%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/r9f93cf6dde308d42a9c807784e8102600d0397f5f834890708bf6920%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rc4c53a0d57b2771ecd4b965010580db355e38137c8711311ee1073a8%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rdca61ae990660bacb682295f2a09d34612b7bb5f457577fe17f4d064%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rf6449464fd8b7437704c55f88361b66f12d5b5f90bcce66af4be4ba9%40%3Ccvs.httpd.apache.org%3E
• https://lists.apache.org/thread.html/rfbaf647d52c1cb843e726a0933f156366a806cead84fbd430951591b%40%3Ccvs.httpd.apache.org%3E

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

The Apache HTTP Server 2.0.44, when DNS resolution is enabled for client IP addresses, allows remote attackers to inject arbitrary text into log files via an HTTP request in conjunction with a crafted DNS response, as demonstrated by injecting XSS sequences, related to an "Inverse Lookup Log Corruption (ILLC)" issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2003-1581
• http://www.securityfocus.com/archive/1/313867

NVD Description

Note: Versions mentioned in the description apply only to the upstream apt package and not the apt package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

It was found that apt-key in apt, all versions, do not correctly validate gpg keys with the master keyring, leading to a potential man-in-the-middle attack.

Remediation

There is no fixed version for Debian:13 apt.

References

• https://security-tracker.debian.org/tracker/CVE-2011-3374
• https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=642480
• https://people.canonical.com/~ubuntu-security/cve/2011/CVE-2011-3374.html
• https://seclists.org/fulldisclosure/2011/Sep/221
• https://snyk.io/vuln/SNYK-LINUX-APT-116518
• https://ubuntu.com/security/CVE-2011-3374
• https://access.redhat.com/security/cve/cve-2011-3374

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as problematic has been found in GNU Binutils 2.43. Affected is the function xstrdup of the file xstrdup.c of the component ld. The manipulation leads to memory leak. It is possible to launch the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1152
• https://sourceware.org/bugzilla/attachment.cgi?id=15887
• https://sourceware.org/bugzilla/show_bug.cgi?id=32576
• https://vuldb.com/?ctiid.295056
• https://vuldb.com/?id.295056
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.44 and classified as problematic. This issue affects the function process_debug_info of the file binutils/dwarf.c of the component DWARF Section Handler. The manipulation leads to memory leak. Attacking locally is a requirement. The identifier of the patch is e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-8225
• https://gitlab.com/gnutools/binutils-gdb/-/commit/e51fdff7d2e538c0e5accdd65649ac68e6e0ddd4
• https://vuldb.com/?ctiid.317813
• https://vuldb.com/?id.317813
• https://vuldb.com/?submit.621883
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream libxml2 package and not the libxml2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in libxml2 up to 2.14.5. It has been declared as problematic. This vulnerability affects the function xmlParseSGMLCatalog of the component xmlcatalog. The manipulation leads to uncontrolled recursion. Attacking locally is a requirement. The exploit has been disclosed to the public and may be used. The real existence of this vulnerability is still doubted at the moment. The code maintainer explains, that "[t]he issue can only be triggered with untrusted SGML catalogs and it makes absolutely no sense to use untrusted catalogs. I also doubt that anyone is still using SGML catalogs at all."

Remediation

There is no fixed version for Debian:13 libxml2.

References

• https://security-tracker.debian.org/tracker/CVE-2025-8732
• https://drive.google.com/file/d/1woIeYVcSQB_NwfEhaVnX6MedpWJ_nqWl/view?usp=drive_link
• https://gitlab.gnome.org/GNOME/libxml2/-/issues/958
• https://gitlab.gnome.org/GNOME/libxml2/-/issues/958#note_2505853
• https://vuldb.com/?ctiid.319228
• https://vuldb.com/?id.319228
• https://vuldb.com/?submit.622285

NVD Description

Note: Versions mentioned in the description apply only to the upstream ncurses package and not the ncurses package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability has been found in GNU ncurses up to 6.5-20250322 and classified as problematic. This vulnerability affects the function postprocess_termcap of the file tinfo/parse_entry.c. The manipulation leads to stack-based buffer overflow. The attack needs to be approached locally. Upgrading to version 6.5-20250329 is able to address this issue. It is recommended to upgrade the affected component.

Remediation

There is no fixed version for Debian:13 ncurses.

References

• https://security-tracker.debian.org/tracker/CVE-2025-6141
• https://invisible-island.net/ncurses/NEWS.html#index-t20250329
• https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00107.html
• https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00109.html
• https://lists.gnu.org/archive/html/bug-ncurses/2025-03/msg00114.html
• https://vuldb.com/?ctiid.312610
• https://vuldb.com/?id.312610
• https://vuldb.com/?submit.593000
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream perl package and not the perl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

_is_safe in the File::Temp module for Perl does not properly handle symlinks.

Remediation

There is no fixed version for Debian:13 perl.

References

• https://security-tracker.debian.org/tracker/CVE-2011-4116
• https://github.com/Perl-Toolchain-Gang/File-Temp/issues/14
• https://rt.cpan.org/Public/Bug/Display.html?id=69106
• https://seclists.org/oss-sec/2011/q4/238
• http://www.openwall.com/lists/oss-security/2011/11/04/2
• http://www.openwall.com/lists/oss-security/2011/11/04/4

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been declared as problematic. This vulnerability affects the function bfd_malloc of the file libbfd.c of the component ld. The manipulation leads to memory leak. The attack can be initiated remotely. The complexity of an attack is rather high. The exploitation appears to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1150
• https://sourceware.org/bugzilla/attachment.cgi?id=15887
• https://sourceware.org/bugzilla/show_bug.cgi?id=32576
• https://vuldb.com/?ctiid.295054
• https://vuldb.com/?id.295054
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been rated as problematic. This issue affects the function xmemdup of the file xmemdup.c of the component ld. The manipulation leads to memory leak. The attack may be initiated remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1151
• https://sourceware.org/bugzilla/attachment.cgi?id=15887
• https://sourceware.org/bugzilla/show_bug.cgi?id=32576
• https://vuldb.com/?ctiid.295055
• https://vuldb.com/?id.295055
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43. It has been classified as problematic. This affects the function xstrdup of the file libiberty/xmalloc.c of the component ld. The manipulation leads to memory leak. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1149
• https://sourceware.org/bugzilla/attachment.cgi?id=15887
• https://sourceware.org/bugzilla/show_bug.cgi?id=32576
• https://vuldb.com/?ctiid.295053
• https://vuldb.com/?id.295053
• https://www.gnu.org/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability was found in GNU Binutils 2.43 and classified as problematic. Affected by this issue is the function link_order_scan of the file ld/ldelfgen.c of the component ld. The manipulation leads to memory leak. The attack may be launched remotely. The complexity of an attack is rather high. The exploitation is known to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue. The code maintainer explains: "I'm not going to commit some of the leak fixes I've been working on to the 2.44 branch due to concern that would destabilise ld. All of the reported leaks in this bugzilla have been fixed on binutils master."

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1148
• https://sourceware.org/bugzilla/attachment.cgi?id=15887
• https://sourceware.org/bugzilla/show_bug.cgi?id=32576
• https://vuldb.com/?ctiid.295052
• https://vuldb.com/?id.295052
• https://vuldb.com/?submit.485747
• https://www.gnu.org/
• https://security.netapp.com/advisory/ntap-20250404-0004/

NVD Description

Note: Versions mentioned in the description apply only to the upstream binutils package and not the binutils package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

A vulnerability classified as problematic has been found in GNU Binutils 2.43. This affects the function _bfd_elf_write_section_eh_frame of the file bfd/elf-eh-frame.c of the component ld. The manipulation leads to memory corruption. It is possible to initiate the attack remotely. The complexity of an attack is rather high. The exploitability is told to be difficult. The exploit has been disclosed to the public and may be used. It is recommended to apply a patch to fix this issue.

Remediation

There is no fixed version for Debian:13 binutils.

References

• https://security-tracker.debian.org/tracker/CVE-2025-1180
• https://sourceware.org/bugzilla/attachment.cgi?id=15917
• https://vuldb.com/?ctiid.295083
• https://vuldb.com/?id.295083
• https://www.gnu.org/
• https://sourceware.org/bugzilla/show_bug.cgi?id=32642
• https://vuldb.com/?submit.495381

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

mod_userdir+suexec bypass via AllowOverride FileInfo vulnerability in Apache HTTP Server. Users with access to use the RequestHeader directive in htaccess can cause some CGI scripts to run under an unexpected userid.

This issue affects Apache HTTP Server: from 2.4.7 through 2.4.65.

Users are recommended to upgrade to version 2.4.66, which fixes the issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2025-66200
• https://httpd.apache.org/security/vulnerabilities_24.html
• http://www.openwall.com/lists/oss-security/2025/12/04/8

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Improper Neutralization of Escape, Meta, or Control Sequences vulnerability in Apache HTTP Server through environment variables set via the Apache configuration unexpectedly superseding variables calculated by the server for CGI programs.

This issue affects Apache HTTP Server from 2.4.0 through 2.4.65.

Users are recommended to upgrade to version 2.4.66 which fixes the issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2025-65082
• https://httpd.apache.org/security/vulnerabilities_24.html
• http://www.openwall.com/lists/oss-security/2025/12/04/7

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Apache HTTP Server 2.4.65 and earlier with Server Side Includes (SSI) enabled and mod_cgid (but not mod_cgi) passes the shell-escaped query string to #exec cmd="..." directives.

This issue affects Apache HTTP Server before 2.4.66.

Users are recommended to upgrade to version 2.4.66, which fixes the issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2025-58098
• https://httpd.apache.org/security/vulnerabilities_24.html
• http://www.openwall.com/lists/oss-security/2025/12/04/5

NVD Description

Note: Versions mentioned in the description apply only to the upstream apache2 package and not the apache2 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An integer overflow in the case of failed ACME certificate renewal leads, after a number of failures (~30 days in default configurations), to the backoff timer becoming 0. Attempts to renew the certificate then are repeated without delays until it succeeds.

This issue affects Apache HTTP Server: from 2.4.30 before 2.4.66.

Users are recommended to upgrade to version 2.4.66, which fixes the issue.

Remediation

There is no fixed version for Debian:13 apache2.

References

• https://security-tracker.debian.org/tracker/CVE-2025-55753
• https://httpd.apache.org/security/vulnerabilities_24.html
• http://www.openwall.com/lists/oss-security/2025/12/04/4

NVD Description

Note: Versions mentioned in the description apply only to the upstream curl package and not the curl package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

curl's code for managing SSH connections when SFTP was done using the wolfSSH powered backend was flawed and missed host verification mechanisms.

This prevents curl from detecting MITM attackers and more.

Remediation

There is no fixed version for Debian:13 curl.

References

• https://security-tracker.debian.org/tracker/CVE-2025-10966
• https://curl.se/docs/CVE-2025-10966.html
• https://curl.se/docs/CVE-2025-10966.json
• https://hackerone.com/reports/3355218
• http://www.openwall.com/lists/oss-security/2025/11/05/2

NVD Description

Note: Versions mentioned in the description apply only to the upstream expat package and not the expat package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

libexpat in Expat before 2.7.2 allows attackers to trigger large dynamic memory allocations via a small document that is submitted for parsing.

Remediation

There is no fixed version for Debian:13 expat.

References

• https://security-tracker.debian.org/tracker/CVE-2025-59375
• https://github.com/libexpat/libexpat/blob/676a4c531ec768732fac215da9730b5f50fbd2bf/expat/Changes#L45-L74
• https://github.com/libexpat/libexpat/blob/R_2_7_2/expat/Changes
• https://github.com/libexpat/libexpat/issues/1018
• https://github.com/libexpat/libexpat/pull/1034
• https://issues.oss-fuzz.com/issues/439133977
• http://www.openwall.com/lists/oss-security/2025/09/16/2

NVD Description

This vulnerability has not been analyzed by NVD yet.

Remediation

There is no fixed version for Debian:13 gnutls28.

References

• https://security-tracker.debian.org/tracker/CVE-2025-9820

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.

Remediation

There is no fixed version for Debian:13 krb5.

References

• https://security-tracker.debian.org/tracker/CVE-2024-26461
• https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_2.md
• https://security.netapp.com/advisory/ntap-20240415-0011/

NVD Description

Note: Versions mentioned in the description apply only to the upstream krb5 package and not the krb5 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.

Remediation

There is no fixed version for Debian:13 krb5.

References

• https://security-tracker.debian.org/tracker/CVE-2024-26458
• https://github.com/LuMingYinDetect/krb5_defects/blob/main/krb5_detect_1.md
• https://security.netapp.com/advisory/ntap-20240415-0010/

NVD Description

Note: Versions mentioned in the description apply only to the upstream shadow package and not the shadow package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

shadow-utils (aka shadow) 4.4 through 4.17.0 establishes a default /etc/subuid behavior (e.g., uid 100000 through 165535 for the first user account) that can realistically conflict with the uids of users defined on locally administered networks, potentially leading to account takeover, e.g., by leveraging newuidmap for access to an NFS home directory (or same-host resources in the case of remote logins by these local network users). NOTE: it may also be argued that system administrators should not have assigned uids, within local networks, that are within the range that can occur in /etc/subuid.

Remediation

There is no fixed version for Debian:13 shadow.

References

• https://security-tracker.debian.org/tracker/CVE-2024-56433
• https://github.com/shadow-maint/shadow/blob/e2512d5741d4a44bdd81a8c2d0029b6222728cf0/etc/login.defs#L238-L241
• https://github.com/shadow-maint/shadow/issues/1157
• https://github.com/shadow-maint/shadow/releases/tag/4.4

NVD Description

Note: Versions mentioned in the description apply only to the upstream sqlite3 package and not the sqlite3 package as distributed by Debian. See How to fix? for Debian:13 relevant fixed versions and status.

An integer overflow exists in the FTS5 https://sqlite.org/fts5.html  extension. It occurs when the size of an array of tombstone pointers is calculated and truncated into a 32-bit integer. A pointer to partially controlled data can then be written out of bounds.

Remediation

There is no fixed version for Debian:13 sqlite3.

References

• https://security-tracker.debian.org/tracker/CVE-2025-7709
• https://github.com/google/security-research/security/advisories/GHSA-v2c8-vqqp-hv3g
• http://www.openwall.com/lists/oss-security/2025/09/06/2
• http://www.openwall.com/lists/oss-security/2025/11/18/10