Debian

Debian 11 (bullseye)

8657 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2022-4662

  • EPSS 0.01%
  • Veröffentlicht 22.12.2022 22:15:16
  • Zuletzt bearbeitet 09.04.2025 19:15:46

A flaw incorrect access control in the Linux kernel USB core subsystem was found in the way user attaches usb device. A local user could use this flaw to crash the system.

7.8

CVE-2022-47518

  • EPSS 0.03%
  • Veröffentlicht 18.12.2022 06:15:09
  • Zuletzt bearbeitet 17.04.2025 15:15:52

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when copying the li...

7.8

CVE-2022-47519

  • EPSS 0.14%
  • Veröffentlicht 18.12.2022 06:15:09
  • Zuletzt bearbeitet 17.04.2025 15:15:52

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger an out-of-bounds write when parsing the...

7.1

CVE-2022-47520

  • EPSS 0.03%
  • Veröffentlicht 18.12.2022 06:15:09
  • Zuletzt bearbeitet 17.04.2025 15:15:53

An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read when parsing a Robust Security Network (RSN) infor...

7.8

CVE-2022-47521

  • EPSS 0.15%
  • Veröffentlicht 18.12.2022 06:15:09
  • Zuletzt bearbeitet 17.04.2025 19:15:55

An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigger a heap-based buffer overflow when parsi...

7.8

CVE-2022-20566

  • EPSS 0.02%
  • Veröffentlicht 16.12.2022 16:15:19
  • Zuletzt bearbeitet 21.04.2025 14:15:26

In l2cap_chan_put of l2cap_core, there is a possible use after free due to improper locking. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...

6.4

CVE-2022-20567

  • EPSS 0.01%
  • Veröffentlicht 16.12.2022 16:15:19
  • Zuletzt bearbeitet 21.04.2025 14:15:26

In pppol2tp_create of l2tp_ppp.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVe...

7.8

CVE-2022-20568

  • EPSS 0.04%
  • Veröffentlicht 16.12.2022 16:15:19
  • Zuletzt bearbeitet 21.04.2025 13:15:55

In (TBD) of (TBD), there is a possible way to corrupt kernel memory due to a use after free. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: And...

6.7

CVE-2022-20572

  • EPSS 0.01%
  • Veröffentlicht 16.12.2022 16:15:19
  • Zuletzt bearbeitet 18.04.2025 15:15:46

In verity_target of dm-verity-target.c, there is a possible way to modify read-only files due to a missing permission check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for ...

5.5

CVE-2022-3108

  • EPSS 0.01%
  • Veröffentlicht 14.12.2022 21:15:12
  • Zuletzt bearbeitet 22.04.2025 15:15:59

An issue was discovered in the Linux kernel through 5.16-rc6. kfd_parse_subtype_iolink in drivers/gpu/drm/amd/amdkfd/kfd_crat.c lacks check of the return value of kmemdup().