Debian

Debian 12 (bookworm)

11227 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2019-8956

  • EPSS 1.02%
  • Veröffentlicht 01.04.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:50:44

In the Linux Kernel before versions 4.20.8 and 4.19.21 a use-after-free error in the "sctp_sendmsg()" function (net/sctp/socket.c) when handling SCTP_SENDALL flag can be exploited to corrupt memory.

10

CVE-2019-10125

Exploit
  • EPSS 3.43%
  • Veröffentlicht 27.03.2019 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:18:27

An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pair of pipes) after the return of vfs_poll(), and t...

6.5

CVE-2019-3874

  • EPSS 0.18%
  • Veröffentlicht 25.03.2019 19:29:01
  • Zuletzt bearbeitet 21.11.2024 04:42:46

The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.

5.5

CVE-2019-9857

  • EPSS 0.07%
  • Veröffentlicht 21.03.2019 16:01:17
  • Zuletzt bearbeitet 21.11.2024 04:52:26

In the Linux kernel through 5.0.2, the function inotify_update_existing_watch() in fs/notify/inotify/inotify_user.c neglects to call fsnotify_put_mark() with IN_MASK_CREATE after fsnotify_find_mark(), which will cause a memory leak (aka refcount leak...

5.5

CVE-2019-7222

Exploit
  • EPSS 0.04%
  • Veröffentlicht 21.03.2019 16:01:11
  • Zuletzt bearbeitet 21.11.2024 04:47:47

The KVM implementation in the Linux kernel through 4.20.5 has an Information Leak.

7.8

CVE-2019-7221

Exploit
  • EPSS 0.05%
  • Veröffentlicht 21.03.2019 16:01:10
  • Zuletzt bearbeitet 21.11.2024 04:47:46

The KVM implementation in the Linux kernel through 4.20.5 has a Use-after-Free.

7.8

CVE-2018-20669

Exploit
  • EPSS 0.08%
  • Veröffentlicht 21.03.2019 16:00:37
  • Zuletzt bearbeitet 21.11.2024 04:01:57

An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A local attacker can craft a malicious IOCTL function ca...

4.6

CVE-2018-19985

  • EPSS 0.04%
  • Veröffentlicht 21.03.2019 16:00:33
  • Zuletzt bearbeitet 21.11.2024 03:58:56

The function hso_get_config_data in drivers/net/usb/hso.c in the Linux kernel through 4.19.8 reads if_num from the USB device (as a u8) and uses it to index a small array, resulting in an object out-of-bounds (OOB) read that potentially allows arbitr...

5.5

CVE-2019-9213

Exploit
  • EPSS 6.81%
  • Veröffentlicht 05.03.2019 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:51:13

In the Linux kernel before 4.20.14, expand_downwards in mm/mmap.c lacks a check for the mmap minimum address, which makes it easier for attackers to exploit kernel NULL pointer dereferences on non-SMAP platforms. This is related to a capability check...

7.8

CVE-2019-1999

Exploit
  • EPSS 0.6%
  • Veröffentlicht 28.02.2019 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:37:51

In binder_alloc_free_page of binder_alloc.c, there is a possible double free due to improper locking. This could lead to local escalation of privilege in the kernel with no additional execution privileges needed. User interaction is not needed for ex...