Debian

Debian 11 (bullseye)

9132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.61%
  • Veröffentlicht 09.06.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 06:44:50

KGDB and KDB allow read and write access to kernel memory, and thus should be restricted during lockdown. An attacker with access to a serial port could trigger the debugger so it is important that the debugger respect the lockdown mode when/if it is...

  • EPSS 0.32%
  • Veröffentlicht 09.06.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:41:55

A use after free in the Linux kernel File System notify functionality was found in the way user triggers copy_info_records_to_user() call to fail in copy_event_to_user(). A local user could use this flaw to crash the system or potentially escalate th...

  • EPSS 0.43%
  • Veröffentlicht 05.06.2022 22:15:08
  • Zuletzt bearbeitet 21.11.2024 07:06:07

The Linux kernel before 5.17.9 allows TCP servers to identify clients by observing what source ports are used. This occurs because of use of Algorithm 4 ("Double-Hash Port Selection Algorithm") of RFC 6056.

Exploit
  • EPSS 2.88%
  • Veröffentlicht 02.06.2022 21:15:07
  • Zuletzt bearbeitet 21.11.2024 07:06:01

net/netfilter/nf_tables_api.c in the Linux kernel through 5.18.1 allows a local user (able to create user/net namespaces) to escalate privileges to root because an incorrect NFT_STATEFUL_EXPR check leads to a use-after-free.

  • EPSS 1%
  • Veröffentlicht 02.06.2022 14:15:33
  • Zuletzt bearbeitet 21.11.2024 06:41:28

A use-after-free flaw was found in the Linux kernel’s io_uring subsystem in the way a user sets up a ring with IORING_SETUP_IOPOLL with more than one task completing submissions on this ring. This flaw allows a local user to crash or escalate their p...

  • EPSS 0.32%
  • Veröffentlicht 02.06.2022 14:15:33
  • Zuletzt bearbeitet 21.11.2024 06:41:28

With shadow paging enabled, the INVPCID instruction results in a call to kvm_mmu_invpcid_gva. If INVPCID is executed with CR0.PG=0, the invlpg callback is not set and the result is a NULL pointer dereference.

  • EPSS 0.3%
  • Veröffentlicht 02.06.2022 14:15:32
  • Zuletzt bearbeitet 21.11.2024 06:40:41

The root cause of this vulnerability is that the ioctl$DRM_IOCTL_MODE_DESTROY_DUMB can decrease refcount of *drm_vgem_gem_object *(created in *vgem_gem_dumb_create*) concurrently, and *vgem_gem_dumb_create *will access the freed drm_vgem_gem_object.

Exploit
  • EPSS 0.33%
  • Veröffentlicht 02.06.2022 14:15:32
  • Zuletzt bearbeitet 21.11.2024 06:40:46

An out-of-bounds read flaw was found in the Linux kernel’s TeleTYpe subsystem. The issue occurs in how a user triggers a race condition using ioctls TIOCSPTLCK and TIOCGPTPEER and TIOCSTI and TCXONC with leakage of memory in the flush_to_ldisc functi...

  • EPSS 0.54%
  • Veröffentlicht 02.06.2022 14:15:32
  • Zuletzt bearbeitet 21.11.2024 06:41:10

Linux Kernel could allow a local attacker to execute arbitrary code on the system, caused by a concurrency use-after-free flaw in the bad_flp_intr function. By executing a specially-crafted program, an attacker could exploit this vulnerability to exe...

  • EPSS 0.35%
  • Veröffentlicht 26.05.2022 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:41:40

A use-after-free flaw was found in the Linux kernel’s pipes functionality in how a user performs manipulations with the pipe post_one_notification() after free_pipe_info() that is already called. This flaw allows a local user to crash or potentially ...