Debian

Debian 11 (bullseye)

8657 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.5

CVE-2018-15572

  • EPSS 0.04%
  • Veröffentlicht 20.08.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:05

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

7.8

CVE-2018-15471

  • EPSS 0.09%
  • Veröffentlicht 17.08.2018 18:29:01
  • Zuletzt bearbeitet 21.11.2024 03:50:52

An issue was discovered in xenvif_set_hash_mapping in drivers/net/xen-netback/hash.c in the Linux kernel through 4.18.1, as used in Xen through 4.11.x and other products. The Linux netback driver allows frontends to control mapping of requests to req...

5.6

CVE-2018-3620

  • EPSS 2.26%
  • Veröffentlicht 14.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:05:47

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel an...

5.6

CVE-2018-3646

  • EPSS 3.88%
  • Veröffentlicht 14.08.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:05:50

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access with guest OS privilege via a terminal page fau...

5.5

CVE-2018-7754

  • EPSS 0.05%
  • Veröffentlicht 10.08.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:40

The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.

5.5

CVE-2018-5953

  • EPSS 0.12%
  • Veröffentlicht 07.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:44

The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.

5.5

CVE-2018-5995

  • EPSS 0.05%
  • Veröffentlicht 07.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:50

The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

7.8

CVE-2018-5390

  • EPSS 10.6%
  • Veröffentlicht 06.08.2018 20:29:01
  • Zuletzt bearbeitet 21.11.2024 04:08:43

Linux kernel versions 4.9+ can be forced to make very expensive calls to tcp_collapse_ofo_queue() and tcp_prune_ofo_queue() for every incoming packet which can lead to a denial of service.

5.5

CVE-2018-10883

  • EPSS 0.05%
  • Veröffentlicht 30.07.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:13

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.

7.8

CVE-2017-7518

  • EPSS 0.09%
  • Veröffentlicht 30.07.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:32:03

A flaw was found in the Linux kernel before version 4.12 in the way the KVM module processed the trap flag(TF) bit in EFLAGS during emulation of the syscall instruction, which leads to a debug exception(#DB) being raised in the guest stack. A user/pr...