Debian

Debian 11 (bullseye)

9132 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 13.04.2026 13:40:26
  • Zuletzt bearbeitet 20.05.2026 18:06:31

In the Linux kernel, the following vulnerability has been resolved: net/sched: sch_hfsc: fix divide-by-zero in rtsc_min() m2sm() converts a u32 slope to a u64 scaled value. For large inputs (e.g. m1=4000000000), the result can reach 2^32. rtsc_mi...

  • EPSS 0.11%
  • Veröffentlicht 13.04.2026 13:40:25
  • Zuletzt bearbeitet 20.05.2026 18:10:34

In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_fw: fix NULL pointer dereference on shared blocks The old-method path in fw_classify() calls tcf_block_q() and dereferences q->handle. Shared blocks leave block->q ...

  • EPSS 0.12%
  • Veröffentlicht 13.04.2026 13:40:25
  • Zuletzt bearbeitet 20.05.2026 18:08:43

In the Linux kernel, the following vulnerability has been resolved: net/sched: cls_flow: fix NULL pointer dereference on shared blocks flow_change() calls tcf_block_q() and dereferences q->handle to derive a default baseclass. Shared blocks leave ...

  • EPSS 0.09%
  • Veröffentlicht 13.04.2026 13:40:24
  • Zuletzt bearbeitet 01.06.2026 17:16:46

In the Linux kernel, the following vulnerability has been resolved: bridge: mrp: reject zero test interval to avoid OOM panic br_mrp_start_test() and br_mrp_start_in_test() accept the user-supplied interval value from netlink without validation. Wh...

  • EPSS 0.12%
  • Veröffentlicht 13.04.2026 13:40:23
  • Zuletzt bearbeitet 08.07.2026 13:16:34

In the Linux kernel, the following vulnerability has been resolved: net: bonding: fix use-after-free in bond_xmit_broadcast() bond_xmit_broadcast() reuses the original skb for the last slave (determined by bond_is_last_slave()) and clones it for ot...

  • EPSS 0.11%
  • Veröffentlicht 13.04.2026 13:21:05
  • Zuletzt bearbeitet 20.05.2026 19:32:14

In the Linux kernel, the following vulnerability has been resolved: netfilter: ipset: drop logically empty buckets in mtype_del mtype_del() counts empty slots below n->pos in k, but it only drops the bucket when both n->pos and k are zero. This mis...

  • EPSS 0.39%
  • Veröffentlicht 13.04.2026 13:21:04
  • Zuletzt bearbeitet 20.05.2026 19:34:29

In the Linux kernel, the following vulnerability has been resolved: net/x25: Fix overflow when accumulating packets Add a check to ensure that `x25_sock.fraglen` does not overflow. The `fraglen` also needs to be resetted when purging `fragment_que...

  • EPSS 0.11%
  • Veröffentlicht 13.04.2026 13:21:03
  • Zuletzt bearbeitet 20.05.2026 15:41:05

In the Linux kernel, the following vulnerability has been resolved: ipv6: avoid overflows in ip6_datagram_send_ctl() Yiming Qian reported : <quote> I believe I found a locally triggerable kernel bug in the IPv6 sendmsg ancillary-data path that ca...

  • EPSS 0.12%
  • Veröffentlicht 13.04.2026 13:21:03
  • Zuletzt bearbeitet 20.05.2026 15:36:14

In the Linux kernel, the following vulnerability has been resolved: netfilter: nfnetlink_log: account for netlink header size This is a followup to an old bug fix: NLMSG_DONE needs to account for the netlink header size, not just the attribute size...

  • EPSS 0.38%
  • Veröffentlicht 13.04.2026 13:21:02
  • Zuletzt bearbeitet 20.05.2026 15:43:42

In the Linux kernel, the following vulnerability has been resolved: netfilter: nf_conntrack_expect: use expect->helper Use expect->helper in ctnetlink and /proc to dump the helper name. Using nfct_help() without holding a reference to the master co...