Debian

Debian 13 (trixie)

13171 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2018-25020

  • EPSS 0.16%
  • Veröffentlicht 08.12.2021 05:15:07
  • Zuletzt bearbeitet 21.11.2024 04:03:22

The BPF subsystem in the Linux kernel before 4.17 mishandles situations with a long jump over an instruction sequence where inner instructions require substantial expansions into multiple BPF instructions, leading to an overflow. This affects kernel/...

5.5

CVE-2021-33098

  • EPSS 0.07%
  • Veröffentlicht 17.11.2021 20:15:10
  • Zuletzt bearbeitet 21.11.2024 06:08:17

Improper input validation in the Intel(R) Ethernet ixgbe driver for Linux before version 3.17.3 may allow an authenticated user to potentially enable denial of service via local access.

6.7

CVE-2021-43975

Exploit
  • EPSS 0.02%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.

4.6

CVE-2021-43976

  • EPSS 0.05%
  • Veröffentlicht 17.11.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 06:30:07

In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

5.5

CVE-2021-43389

Exploit
  • EPSS 0.01%
  • Veröffentlicht 04.11.2021 19:15:07
  • Zuletzt bearbeitet 21.11.2024 06:29:08

An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.

4.7

CVE-2020-27820

  • EPSS 0.02%
  • Veröffentlicht 03.11.2021 00:15:07
  • Zuletzt bearbeitet 21.11.2024 05:21:52

A vulnerability was found in Linux kernel, where a use-after-frees in nouveau's postclose() handler could happen if removing device (that is not common to remove video card physically without power-off, but same happens if "unbind" the driver).

9.8

CVE-2021-43267

Exploit
  • EPSS 72.62%
  • Veröffentlicht 02.11.2021 23:15:07
  • Zuletzt bearbeitet 21.11.2024 06:28:57

An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO mes...

8.8

CVE-2017-5123

  • EPSS 1.71%
  • Veröffentlicht 02.11.2021 22:15:08
  • Zuletzt bearbeitet 21.11.2024 03:27:06

Insufficient data validation in waitid allowed an user to escape sandboxes on Linux.

5.5

CVE-2021-43056

  • EPSS 0.02%
  • Veröffentlicht 28.10.2021 04:15:08
  • Zuletzt bearbeitet 21.11.2024 06:28:36

An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the...

7.8

CVE-2021-43057

Exploit
  • EPSS 0.15%
  • Veröffentlicht 28.10.2021 04:15:08
  • Zuletzt bearbeitet 21.11.2024 06:28:37

An issue was discovered in the Linux kernel before 5.14.8. A use-after-free in selinux_ptrace_traceme (aka the SELinux handler for PTRACE_TRACEME) could be used by local attackers to cause memory corruption and escalate privileges, aka CID-a3727a8bac...