Debian

Debian 11 (bullseye)

9132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.36%
  • Veröffentlicht 19.08.2020 13:15:10
  • Zuletzt bearbeitet 21.11.2024 05:14:44

In the Linux kernel before 5.7.8, fs/nfsd/vfs.c (in the NFS server) can set incorrect permissions on new filesystem objects when the filesystem lacks ACL support, aka CID-22cf8419f131. This occurs because the current umask is not considered.

  • EPSS 5.27%
  • Veröffentlicht 30.07.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:53

The Linux kernel through 5.7.11 allows remote attackers to make observations that help to obtain sensitive information about the internal state of the network RNG, aka CID-f227e3ec3b5c. This is related to drivers/char/random.c and kernel/time/timer.c...

  • EPSS 0.33%
  • Veröffentlicht 20.07.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:18

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes ...

  • EPSS 0.17%
  • Veröffentlicht 17.07.2020 20:15:11
  • Zuletzt bearbeitet 21.11.2024 04:53:16

In cdev_get of char_dev.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions:...

  • EPSS 1.31%
  • Veröffentlicht 15.07.2020 22:15:14
  • Zuletzt bearbeitet 21.11.2024 05:06:09

An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.

  • EPSS 0.51%
  • Veröffentlicht 15.07.2020 22:15:13
  • Zuletzt bearbeitet 21.11.2024 04:39:39

An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.

  • EPSS 0.43%
  • Veröffentlicht 29.06.2020 22:15:10
  • Zuletzt bearbeitet 21.11.2024 05:05:28

In the Linux kernel 4.4 through 5.7.6, usbtest_disconnect in drivers/usb/misc/usbtest.c has a memory leak, aka CID-28ebeb8db770.

Exploit
  • EPSS 0.49%
  • Veröffentlicht 26.06.2020 16:15:12
  • Zuletzt bearbeitet 21.11.2024 04:56:01

A buffer over-read flaw was found in RH kernel versions before 5.0 in crypto_authenc_extractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment bou...

  • EPSS 0.32%
  • Veröffentlicht 18.06.2020 11:15:09
  • Zuletzt bearbeitet 21.11.2024 05:03:13

In the Linux kernel before 5.4.16, a race condition in tty->disc_data handling in the slip and slcan line discipline could lead to a use-after-free, aka CID-0ace17d56824. This affects drivers/net/slip/slip.c and drivers/net/can/slcan.c.

  • EPSS 0.54%
  • Veröffentlicht 15.06.2020 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:53:42

Incomplete cleanup from specific special register read operations in some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.