Debian

Debian 11 (bullseye)

8657 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-22999

  • EPSS 0.06%
  • Veröffentlicht 28.02.2023 21:15:12
  • Zuletzt bearbeitet 20.03.2025 20:15:28

In the Linux kernel before 5.16.3, drivers/usb/dwc3/dwc3-qcom.c misinterprets the dwc3_qcom_create_urs_usb_platdev return value (expects it to be NULL in the error case, whereas it is actually an error pointer).

7.8

CVE-2023-20938

  • EPSS 0.16%
  • Veröffentlicht 28.02.2023 17:15:10
  • Zuletzt bearbeitet 21.11.2024 07:41:51

In binder_transaction_buffer_release of binder.c, there is a possible use after free due to improper input validation. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for...

7.8

CVE-2023-0461

  • EPSS 0.14%
  • Veröffentlicht 28.02.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:37:13

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation ...

7.8

CVE-2023-22995

  • EPSS 0.02%
  • Veröffentlicht 28.02.2023 05:15:12
  • Zuletzt bearbeitet 05.05.2025 16:15:29

In the Linux kernel before 5.17, an error path in dwc3_qcom_acpi_register_core in drivers/usb/dwc3/dwc3-qcom.c lacks certain platform_device_put and kfree calls.

7.1

CVE-2023-26607

Exploit
  • EPSS 0.07%
  • Veröffentlicht 26.02.2023 23:15:10
  • Zuletzt bearbeitet 05.05.2025 16:15:31

In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.

4.7

CVE-2023-26545

  • EPSS 0.02%
  • Veröffentlicht 25.02.2023 04:15:10
  • Zuletzt bearbeitet 25.06.2025 20:54:48

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

5.5

CVE-2023-0597

  • EPSS 0.02%
  • Veröffentlicht 23.02.2023 20:15:12
  • Zuletzt bearbeitet 12.03.2025 20:15:13

A flaw possibility of memory leak in the Linux kernel cpu_entry_area mapping of X86 CPU data to memory was found in the way user can guess location of exception stack(s) or other important data. A local user could use this flaw to get access to some ...

5.7

CVE-2023-23039

  • EPSS 0.02%
  • Veröffentlicht 22.02.2023 17:15:11
  • Zuletzt bearbeitet 20.03.2025 21:15:17

An issue was discovered in the Linux kernel through 6.2.0-rc2. drivers/tty/vcc.c has a race condition and resultant use-after-free if a physically proximate attacker removes a VCC device while calling open(), aka a race condition between vcc_open() a...

7.8

CVE-2023-26242

  • EPSS 0.02%
  • Veröffentlicht 21.02.2023 01:15:11
  • Zuletzt bearbeitet 05.05.2025 16:15:31

afu_mmio_region_get_by_offset in drivers/fpga/dfl-afu-region.c in the Linux kernel through 6.1.12 has an integer overflow.

5.5

CVE-2023-23586

  • EPSS 0.01%
  • Veröffentlicht 17.02.2023 13:15:10
  • Zuletzt bearbeitet 21.11.2024 07:46:29

Due to a vulnerability in the io_uring subsystem, it is possible to leak kernel memory information to the user process. timens_install calls current_is_single_threaded to determine if the current process is single-threaded, but this call does not con...