Debian

Debian 11 (bullseye)

9132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Exploit
  • EPSS 0.7%
  • Veröffentlicht 03.01.2019 16:29:00
  • Zuletzt bearbeitet 21.11.2024 04:42:21

An issue was discovered in can_can_gw_rcv in net/can/gw.c in the Linux kernel through 4.19.13. The CAN frame modification rules allow bitwise logical operations that can be also applied to the can_dlc field. The privileged user "root" with CAP_NET_AD...

  • EPSS 0.45%
  • Veröffentlicht 27.12.2018 14:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:38

An issue was discovered in the Linux kernel before 4.18.11. The ipddp_ioctl function in drivers/net/appletalk/ipddp.c allows local users to obtain sensitive kernel address information by leveraging CAP_NET_ADMIN to read the ipddp_route dev and next f...

  • EPSS 1.46%
  • Veröffentlicht 18.12.2018 22:29:04
  • Zuletzt bearbeitet 21.11.2024 03:53:31

A flaw was found in the Linux kernel's NFS41+ subsystem. NFS41+ shares mounted in different network namespaces at the same time can make bc_svc_process() use wrong back-channel IDs and cause a use-after-free vulnerability. Thus a malicious container ...

  • EPSS 0.59%
  • Veröffentlicht 17.12.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:01:00

An issue was discovered in the Linux kernel before 4.19.9. The USB subsystem mishandles size checks during the reading of an extra descriptor, related to __usb_get_extra_descriptor in drivers/usb/core/usb.c.

Exploit
  • EPSS 0.51%
  • Veröffentlicht 12.12.2018 10:29:00
  • Zuletzt bearbeitet 21.11.2024 03:55:52

The userfaultfd implementation in the Linux kernel before 4.19.7 mishandles access control for certain UFFDIO_ ioctl calls, as demonstrated by allowing local users to write data into holes in a tmpfs file (if the user has read-only access to that fil...

  • EPSS 0.42%
  • Veröffentlicht 07.12.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:37

In pppol2tp_connect, there is possible memory corruption due to a use after free. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: A...

  • EPSS 0.26%
  • Veröffentlicht 07.12.2018 23:29:00
  • Zuletzt bearbeitet 21.11.2024 04:15:37

In nfc_llcp_build_sdreq_tlv of llcp_commands.c, there is a possible out of bounds write due to a missing bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploi...

  • EPSS 0.72%
  • Veröffentlicht 06.12.2018 14:29:01
  • Zuletzt bearbeitet 21.11.2024 04:15:43

In sk_clone_lock of sock.c, there is a possible memory corruption due to type confusion. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Androi...

  • EPSS 0.43%
  • Veröffentlicht 04.12.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:41

An issue was discovered in the Linux kernel before 4.19.3. crypto_report_one() and related functions in crypto/crypto_user.c (the crypto user configuration API) do not fully initialize structures that are copied to userspace, potentially leaking sens...

  • EPSS 0.56%
  • Veröffentlicht 03.12.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:58:37

In the Linux kernel through 4.19.6, a local user could exploit a use-after-free in the ALSA driver by supplying a malicious USB Sound device (with zero interfaces) that is mishandled in usb_audio_probe in sound/usb/card.c.