Debian

Debian 11 (bullseye)

9132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:41
  • Zuletzt bearbeitet 01.06.2026 17:16:53

In the Linux kernel, the following vulnerability has been resolved: HID: core: clamp report_size in s32ton() to avoid undefined shift s32ton() shifts by n-1 where n is the field's report_size, a value that comes directly from a HID device. The HID...

  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:40
  • Zuletzt bearbeitet 01.06.2026 17:16:53

In the Linux kernel, the following vulnerability has been resolved: net: usb: cdc-phonet: fix skb frags[] overflow in rx_complete() A malicious USB device claiming to be a CDC Phonet modem can overflow the skb_shared_info->frags[] array by sending ...

  • EPSS 0.28%
  • Veröffentlicht 24.04.2026 14:42:39
  • Zuletzt bearbeitet 01.06.2026 17:16:53

In the Linux kernel, the following vulnerability has been resolved: NFC: digital: Bounds check NFC-A cascade depth in SDD response handler The NFC-A anti-collision cascade in digital_in_recv_sdd_res() appends 3 or 4 bytes to target->nfcid1 on each ...

  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:37
  • Zuletzt bearbeitet 01.06.2026 17:16:52

In the Linux kernel, the following vulnerability has been resolved: fbdev: tdfxfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that sam...

  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:37
  • Zuletzt bearbeitet 01.06.2026 17:16:52

In the Linux kernel, the following vulnerability has been resolved: ALSA: fireworks: bound device-supplied status before string array lookup The status field in an EFW response is a 32-bit value supplied by the firewire device. efr_status_names[] ...

  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:36
  • Zuletzt bearbeitet 30.06.2026 03:18:25

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_ncm: validate minimum block_len in ncm_unwrap_ntb() The block_len read from the host-supplied NTB header is checked against ntb_max but has no lower bound. When bloc...

  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:35
  • Zuletzt bearbeitet 01.06.2026 17:16:52

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: f_phonet: fix skb frags[] overflow in pn_rx_complete() A broken/bored/mean USB host can overflow the skb_shared_info->frags[] array on a Linux gadget exposing a Phonet...

  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:34
  • Zuletzt bearbeitet 01.06.2026 17:16:52

In the Linux kernel, the following vulnerability has been resolved: usb: gadget: renesas_usb3: validate endpoint index in standard request handlers The GET_STATUS and SET/CLEAR_FEATURE handlers extract the endpoint number from the host-supplied wIn...

  • EPSS 0.31%
  • Veröffentlicht 24.04.2026 14:42:29
  • Zuletzt bearbeitet 30.06.2026 03:18:25

In the Linux kernel, the following vulnerability has been resolved: usbip: validate number_of_packets in usbip_pack_ret_submit() When a USB/IP client receives a RET_SUBMIT response, usbip_pack_ret_submit() unconditionally overwrites urb->number_of_...

  • EPSS 0.13%
  • Veröffentlicht 24.04.2026 14:42:28
  • Zuletzt bearbeitet 01.06.2026 17:16:51

In the Linux kernel, the following vulnerability has been resolved: fbdev: udlfb: avoid divide-by-zero on FBIOPUT_VSCREENINFO Much like commit 19f953e74356 ("fbdev: fb_pm2fb: Avoid potential divide by zero error"), we also need to prevent that same...