Debian

Debian Linux

9950 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.8

CVE-2018-14767

Exploit
  • EPSS 1.15%
  • Veröffentlicht 31.07.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:44

In Kamailio before 5.0.7 and 5.1.x before 5.1.4, a crafted SIP message with a double "To" header and an empty "To" tag causes a segmentation fault and crash. The reason is missing input validation in the "build_res_buf_from_sip_req" core function. Th...

5.5

CVE-2018-10883

  • EPSS 0.05%
  • Veröffentlicht 30.07.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:13

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

7.8

CVE-2017-7518

  • EPSS 0.09%
  • Veröffentlicht 30.07.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:32:03

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/pr...

7.5

CVE-2016-9597

  • EPSS 1.25%
  • Veröffentlicht 30.07.2018 14:29:02
  • Zuletzt bearbeitet 21.11.2024 03:01:28

It was found that Red Hat JBoss Core Services erratum RHSA-2016:2957 for CVE-2016-3705 did not actually include the fix for the issue found in libxml2, making it vulnerable to a Denial of Service attack due to a Stack Overflow. This is a regression C...

7.8

CVE-2017-7482

  • EPSS 0.16%
  • Veröffentlicht 30.07.2018 14:29:02
  • Zuletzt bearbeitet 21.11.2024 03:31:59

In the Linux kernel before version 4.12, Kerberos 5 tickets decoded when using the RXRPC keys incorrectly assumes the size of a field. This could lead to the size-remaining variable wrapping and the data pointer going over the end of the buffer. This...

7.8

CVE-2018-14734

  • EPSS 0.03%
  • Veröffentlicht 29.07.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:42

drivers/infiniband/core/ucma.c in the Linux kernel through 4.17.11 allows ucma_leave_multicast to access a certain data structure after a cleanup step in ucma_process_join, which allows attackers to cause a denial of service (use-after-free).

6.5

CVE-2018-14679

  • EPSS 0.92%
  • Veröffentlicht 28.07.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:34

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the CHM PMGI/PMGL chunk number validity checks, which could lead to denial of service (uninitialized data dereference and application crash).

6.5

CVE-2018-14680

  • EPSS 2.92%
  • Veröffentlicht 28.07.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:34

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. It does not reject blank CHM filenames.

8.8

CVE-2018-14681

  • EPSS 4.43%
  • Veröffentlicht 28.07.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:34

An issue was discovered in kwajd_read_headers in mspack/kwajd.c in libmspack before 0.7alpha. Bad KWAJ file header extensions could cause a one or two byte overwrite.

8.8

CVE-2018-14682

  • EPSS 4.43%
  • Veröffentlicht 28.07.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 03:49:34

An issue was discovered in mspack/chmd.c in libmspack before 0.7alpha. There is an off-by-one error in the TOLOWER() macro for CHM decompression.