Debian

Debian 11 (bullseye)

9132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.37%
  • Veröffentlicht 06.05.2021 13:15:12
  • Zuletzt bearbeitet 21.11.2024 06:21:41

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat f...

Exploit
  • EPSS 0.48%
  • Veröffentlicht 22.04.2021 18:15:08
  • Zuletzt bearbeitet 21.11.2024 05:51:16

A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr...

  • EPSS 1.07%
  • Veröffentlicht 20.04.2021 16:15:10
  • Zuletzt bearbeitet 21.11.2024 06:00:47

An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information f...

  • EPSS 0.37%
  • Veröffentlicht 19.04.2021 22:15:13
  • Zuletzt bearbeitet 21.11.2024 06:21:42

An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system cras...

Warnung Medienbericht Exploit
  • EPSS 43.99%
  • Veröffentlicht 17.04.2021 05:15:14
  • Zuletzt bearbeitet 28.10.2025 13:49:50

The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a pat...

  • EPSS 0.38%
  • Veröffentlicht 14.04.2021 06:15:12
  • Zuletzt bearbeitet 21.11.2024 05:29:16

An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulne...

  • EPSS 0.93%
  • Veröffentlicht 08.04.2021 21:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:47

BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.

  • EPSS 0.33%
  • Veröffentlicht 07.04.2021 00:15:13
  • Zuletzt bearbeitet 21.11.2024 05:29:14

An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.

  • EPSS 0.34%
  • Veröffentlicht 07.04.2021 00:15:13
  • Zuletzt bearbeitet 21.11.2024 05:29:14

An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be7...

  • EPSS 0.31%
  • Veröffentlicht 07.04.2021 00:15:13
  • Zuletzt bearbeitet 21.11.2024 05:29:14

An issue was discovered in the Linux kernel before 5.8.10. virt/kvm/kvm_main.c has a kvm_io_bus_unregister_dev memory leak upon a kmalloc failure, aka CID-f65886606c2d.