Debian

Debian 11 (bullseye)

8657 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2020-28974

Exploit
  • EPSS 0.06%
  • Veröffentlicht 20.11.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:23:25

A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can ...

4.7

CVE-2020-4788

  • EPSS 0.2%
  • Veröffentlicht 20.11.2020 04:15:11
  • Zuletzt bearbeitet 21.11.2024 05:33:15

IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.

5.5

CVE-2020-28941

  • EPSS 0.06%
  • Veröffentlicht 19.11.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:20

An issue was discovered in drivers/accessibility/speakup/spk_ttyio.c in the Linux kernel through 5.9.9. Local attackers on systems with the speakup driver could cause a local denial of service attack, aka CID-d41227544427. This occurs because of an i...

6.1

CVE-2020-28915

  • EPSS 0.12%
  • Veröffentlicht 18.11.2020 08:15:12
  • Zuletzt bearbeitet 21.11.2024 05:23:17

A buffer over-read (at the framebuffer layer) in the fbcon code in the Linux kernel before 5.8.15 could be used by local attackers to read kernel memory, aka CID-6735b4632def.

7.4

CVE-2020-25705

  • EPSS 1.01%
  • Veröffentlicht 17.11.2020 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:18:31

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization a...

5.5

CVE-2020-12912

  • EPSS 0.84%
  • Veröffentlicht 12.11.2020 20:15:15
  • Zuletzt bearbeitet 21.11.2024 05:00:32

A potential vulnerability in the AMD extension to Linux "hwmon" service may allow an attacker to use the Linux-based Running Average Power Limit (RAPL) interface to show various side channel attacks. In line with industry partners, AMD has updated th...

5.5

CVE-2020-8694

  • EPSS 0.81%
  • Veröffentlicht 12.11.2020 18:15:16
  • Zuletzt bearbeitet 21.11.2024 05:39:15

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2020-27152

Exploit
  • EPSS 0.03%
  • Veröffentlicht 06.11.2020 08:15:13
  • Zuletzt bearbeitet 21.11.2024 05:20:47

An issue was discovered in ioapic_lazy_update_eoi in arch/x86/kvm/ioapic.c in the Linux kernel before 5.9.2. It has an infinite loop related to improper interaction between a resampler and edge triggering, aka CID-77377064c3a9.

5.5

CVE-2020-27673

  • EPSS 0.04%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.

4.7

CVE-2020-27675

  • EPSS 0.06%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL point...