Debian

Debian 13 (trixie)

13171 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2021-33624

Exploit
  • EPSS 0.47%
  • Veröffentlicht 23.06.2021 16:15:07
  • Zuletzt bearbeitet 11.11.2025 16:15:33

In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6...

4.9

CVE-2021-0605

  • EPSS 0.04%
  • Veröffentlicht 22.06.2021 12:15:09
  • Zuletzt bearbeitet 21.11.2024 05:43:00

In pfkey_dump of af_key.c, there is a possible out-of-bounds read due to a missing bounds check. This could lead to local information disclosure in the kernel with System execution privileges needed. User interaction is not needed for exploitation.Pr...

7.8

CVE-2021-0512

  • EPSS 0.04%
  • Veröffentlicht 21.06.2021 17:15:08
  • Zuletzt bearbeitet 21.11.2024 05:42:50

In __hidinput_change_resolution_multipliers of hid-input.c, there is a possible out of bounds write due to a heap buffer overflow. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is no...

7.1

CVE-2021-32078

Exploit
  • EPSS 0.22%
  • Veröffentlicht 17.06.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 06:06:48

An Out-of-Bounds Read was discovered in arch/arm/mach-footbridge/personal-pci.c in the Linux kernel through 5.12.11 because of the lack of a check for a value that shouldn't be negative, e.g., access to element -2 of an array, aka CID-298a58e165e4.

5.5

CVE-2021-34693

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.06.2021 22:15:20
  • Zuletzt bearbeitet 21.11.2024 06:10:57

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

5.7

CVE-2021-0129

  • EPSS 0.15%
  • Veröffentlicht 09.06.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:42:01

Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.

5.5

CVE-2021-3564

Exploit
  • EPSS 0.03%
  • Veröffentlicht 08.06.2021 12:15:11
  • Zuletzt bearbeitet 21.11.2024 06:21:51

A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux ke...

7.1

CVE-2020-36386

Exploit
  • EPSS 0.22%
  • Veröffentlicht 07.06.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:23

An issue was discovered in the Linux kernel before 5.8.1. net/bluetooth/hci_event.c has a slab out-of-bounds read in hci_extended_inquiry_result_evt, aka CID-51c19bf3d5cf.

7.8

CVE-2020-36387

  • EPSS 0.06%
  • Veröffentlicht 07.06.2021 20:15:08
  • Zuletzt bearbeitet 21.11.2024 05:29:23

An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.

7.8

CVE-2018-25015

Exploit
  • EPSS 0.07%
  • Veröffentlicht 07.06.2021 20:15:07
  • Zuletzt bearbeitet 21.11.2024 04:03:21

An issue was discovered in the Linux kernel before 4.14.16. There is a use-after-free in net/sctp/socket.c for a held lock after a peel off, aka CID-a0ff660058b8.