Debian

Debian 11 (bullseye)

8657 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2017-13220

  • EPSS 0.1%
  • Veröffentlicht 12.01.2018 23:29:02
  • Zuletzt bearbeitet 21.11.2024 03:11:11

An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.

7.8

CVE-2017-13215

  • EPSS 0.11%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:10

A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.

7.8

CVE-2017-13216

  • EPSS 3.84%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:10

In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges ne...

7.8

CVE-2018-5344

  • EPSS 0.06%
  • Veröffentlicht 12.01.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:37

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

7.8

CVE-2018-5332

  • EPSS 0.04%
  • Veröffentlicht 11.01.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:35

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

5.5

CVE-2018-5333

  • EPSS 2.8%
  • Veröffentlicht 11.01.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:36

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.

4.9

CVE-2017-15129

  • EPSS 0.08%
  • Veröffentlicht 09.01.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:07

A use-after-free vulnerability was found in network namespaces code affecting the Linux kernel before 4.14.11. The function get_net_ns_by_id() in net/core/net_namespace.c does not check for the net::count value after it has found a peer network in ne...

5.6

CVE-2017-5715

Exploit
  • EPSS 89.09%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 06.05.2025 15:15:51

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6

CVE-2017-5753

Exploit
  • EPSS 94.3%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6

CVE-2017-5754

  • EPSS 88.69%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:28:19

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.