Debian 12 Bookworm

Debian 12 — mdadm — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — mdadm — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-5220 CVE-2023-28736 CVE-2023-28938 Upstream summary: The mdcheck script of the mdadm package for openSUSE 13.2 prior to version 3.3.1-5.14.1 does not properly sanitize device names, which allows local […]

Read more
Debian 12 — hivex — multiple vulnerabilities (3 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — hivex — multiple vulnerabilities (3 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2014-9273 CVE-2021-3504 CVE-2021-3622 Upstream summary: lib/handle.c in Hivex before 1.3.11 allows local users to execute arbitrary code and gain privileges via a small hive files, which triggers an […]

Read more
Debian 12 — fuzz — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — fuzz — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0261 Upstream summary: fuzz 0.6 and earlier creates temporary files insecurely, which could allow local users to gain root privileges. Table of contents Symptom & Impact Environment & […]

Read more
Debian 12 — php-phpseclib3 — multiple vulnerabilities (10 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — php-phpseclib3 — multiple vulnerabilities (10 CVEs) — patch and remediation guide

🟠 High   ⏱ 15–60 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2021-30130 CVE-2023-27560 CVE-2023-48795 CVE-2023-49316 CVE-2023-52892 CVE-2024-27354 CVE-2024-27355 CVE-2026-32935  +2 more Upstream summary: phpseclib before 2.0.31 and 3.x before 3.0.7 mishandles RSA PKCS#1 v1.5 signature verification. Table of contents […]

Read more
Debian 12 — php-shellcommand — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — php-shellcommand — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-10774 Upstream summary: php-shellcommand versions before 1.6.1 have a command injection vulnerability. Successful exploitation could lead to arbitrary code execution. Table of contents Symptom & Impact Environment & […]

Read more
Debian 12 — ruby-css-parser — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — ruby-css-parser — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2026-44312 Upstream summary: css_parser is a Ruby CSS parser. Prior to 2.1.0 and 1.22.0, the CSS Parser gem does not validate HTTPS connections, allowing a Man-in-the-Middle (MITM) attacker […]

Read more
Debian 12 — fdclone — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — fdclone — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2003-0596 Upstream summary: FDclone 2.00a, and other versions before 2.02a, creates temporary directories with predictable names and uses them if they already exist, which allows local users to […]

Read more
Debian 12 — smb4k — multiple vulnerabilities (9 CVEs) — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — smb4k — multiple vulnerabilities (9 CVEs) — patch and remediation guide

🟡 Medium   ⏱ 10–30 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2005-2851 CVE-2007-0472 CVE-2007-0473 CVE-2007-0474 CVE-2007-0475 CVE-2014-2581 CVE-2017-8849 CVE-2025-66002  +1 more Upstream summary: smb4k 0.4 and other versions before 0.6.3 allows local users to read sensitive files via a […]

Read more
Debian 12 — gdnsd — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — gdnsd — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-13952 Upstream summary: The set_ipv6() function in zscan_rfc1035.rl in gdnsd before 2.4.3 and 3.x before 3.2.1 has a stack-based buffer overflow via a long and malformed IPv6 address […]

Read more
Debian 12 — mcpp — vulnerability — patch and remediation guide — diagnosis and fix on Debian 12

Debian 12 — mcpp — vulnerability — patch and remediation guide

🟢 Low   ⏱ 5–15 min  Last verified: 25 May 2026 Affected versions: Debian 12 (bookworm) 📖 ~4 min read  •  Source: Debian Security Tracker Related CVEs: CVE-2019-14274 Upstream summary: MCPP 2.7.2 has a heap-based buffer overflow in the do_msg() function in support.c. Table of contents Symptom & Impact Environment & Reproduction Root Cause Analysis […]

Read more
CHAT