Debian

Debian 11 (bullseye)

8657 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.1

CVE-2014-3180

  • EPSS 0.18%
  • Veröffentlicht 06.11.2019 20:15:09
  • Zuletzt bearbeitet 21.11.2024 02:07:36

In kernel/compat.c in the Linux kernel before 3.17, as used in Google Chrome OS and other products, there is a possible out-of-bounds read. restart_syscall uses uninitialized data when restarting compat_sys_nanosleep. NOTE: this is disputed because t...

5.5

CVE-2019-18786

  • EPSS 0.11%
  • Veröffentlicht 06.11.2019 03:15:10
  • Zuletzt bearbeitet 21.11.2024 04:33:33

In the Linux kernel through 5.3.8, f->fmt.sdr.reserved is uninitialized in rcar_drif_g_fmt_sdr_cap in drivers/media/platform/rcar_drif.c, which could cause a memory disclosure problem.

7

CVE-2019-18683

Exploit
  • EPSS 0.89%
  • Veröffentlicht 04.11.2019 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:31

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. ...

8.8

CVE-2019-17666

  • EPSS 0.45%
  • Veröffentlicht 17.10.2019 02:15:13
  • Zuletzt bearbeitet 21.11.2024 04:32:44

rtl_p2p_noa_ie in drivers/net/wireless/realtek/rtlwifi/ps.c in the Linux kernel through 5.3.6 lacks a certain upper-bound check, leading to a buffer overflow.

7.8

CVE-2019-2215

Warnung Exploit
  • EPSS 50.89%
  • Veröffentlicht 11.10.2019 19:15:10
  • Zuletzt bearbeitet 24.10.2025 14:11:31

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local appli...

6.5

CVE-2019-17351

  • EPSS 0.09%
  • Veröffentlicht 08.10.2019 00:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:08

An issue was discovered in drivers/xen/balloon.c in the Linux kernel before 5.2.3, as used in Xen through 4.12.x, allowing guest OS users to cause a denial of service because of unrestricted resource consumption during the mapping of guest memory, ak...

9.8

CVE-2019-17133

  • EPSS 1.56%
  • Veröffentlicht 04.10.2019 12:15:11
  • Zuletzt bearbeitet 21.11.2024 04:31:45

In the Linux kernel through 5.3.2, cfg80211_mgd_wext_giwessid in net/wireless/wext-sme.c does not reject a long SSID IE, leading to a Buffer Overflow.

7.5

CVE-2019-17075

  • EPSS 1.19%
  • Veröffentlicht 01.10.2019 21:15:11
  • Zuletzt bearbeitet 21.11.2024 04:31:39

An issue was discovered in write_tpt_entry in drivers/infiniband/hw/cxgb4/mem.c in the Linux kernel through 5.3.2. The cxgb4 driver is directly calling dma_map_single (a DMA function) from a stack variable. This could allow an attacker to trigger a D...

3.3

CVE-2019-17056

  • EPSS 0.07%
  • Veröffentlicht 01.10.2019 14:15:55
  • Zuletzt bearbeitet 21.11.2024 04:31:36

llcp_sock_create in net/nfc/llcp_sock.c in the AF_NFC network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-3a359798b176.

3.3

CVE-2019-17055

  • EPSS 0.09%
  • Veröffentlicht 01.10.2019 14:15:51
  • Zuletzt bearbeitet 21.11.2024 04:31:36

base_sock_create in drivers/isdn/mISDN/socket.c in the AF_ISDN network module in the Linux kernel through 5.3.2 does not enforce CAP_NET_RAW, which means that unprivileged users can create a raw socket, aka CID-b91ee4aa2a21.