Debian

Debian 13 (trixie)

13171 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-1091

  • EPSS 0.08%
  • Veröffentlicht 27.03.2018 21:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:09

In the flush_tmregs_to_thread function in arch/powerpc/kernel/ptrace.c in the Linux kernel before 4.13.5, a guest kernel crash can be triggered from unprivileged userspace during a core dump on a POWER host due to a missing processor feature check an...

7

CVE-2017-18249

  • EPSS 0.06%
  • Veröffentlicht 26.03.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:40

The add_free_nid function in fs/f2fs/node.c in the Linux kernel before 4.12 does not properly track an allocated nid, which allows local users to cause a denial of service (race condition) or possibly have unspecified other impact via concurrent thre...

5.5

CVE-2017-18241

  • EPSS 0.09%
  • Veröffentlicht 21.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:39

fs/f2fs/segment.c in the Linux kernel before 4.13 allows local users to cause a denial of service (NULL pointer dereference and panic) by using a noflush_merge option that triggers a NULL value for a flush_cmd_control data structure.

7.8

CVE-2018-8822

  • EPSS 0.09%
  • Veröffentlicht 20.03.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 04:14:23

Incorrect buffer length handling in the ncp_read_kernel function in fs/ncpfs/ncplib_kernel.c in the Linux kernel through 4.15.11, and in drivers/staging/ncpfs/ncplib_kernel.c in the Linux kernel 4.16-rc through 4.16-rc6, could be exploited by malicio...

7.2

CVE-2018-1068

  • EPSS 0.03%
  • Veröffentlicht 16.03.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:06

A flaw was found in the Linux 4.x kernel's implementation of 32-bit syscall interface for bridging. This allowed a privileged user to arbitrarily write to a limited range of kernel memory.

5.5

CVE-2017-18232

  • EPSS 0.09%
  • Veröffentlicht 15.03.2018 04:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:38

The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.

5.5

CVE-2018-8087

  • EPSS 0.04%
  • Veröffentlicht 13.03.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:14

Memory leak in the hwsim_new_radio_nl function in drivers/net/wireless/mac80211_hwsim.c in the Linux kernel through 4.15.9 allows local users to cause a denial of service (memory consumption) by triggering an out-of-array error case.

4.7

CVE-2017-18224

  • EPSS 0.05%
  • Veröffentlicht 12.03.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:36

In the Linux kernel before 4.15, fs/ocfs2/aops.c omits use of a semaphore and consequently has a race condition for access to the extent tree during read operations in DIRECT mode, which allows local users to cause a denial of service (BUG) by modify...

5.5

CVE-2018-8043

  • EPSS 0.08%
  • Veröffentlicht 10.03.2018 22:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:10

The unimac_mdio_probe function in drivers/net/phy/mdio-bcm-unimac.c in the Linux kernel through 4.15.8 does not validate certain resource availability, which allows local users to cause a denial of service (NULL pointer dereference).

4.7

CVE-2018-7995

  • EPSS 0.06%
  • Veröffentlicht 09.03.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 04:13:03

Race condition in the store_int_with_restart() function in arch/x86/kernel/cpu/mcheck/mce.c in the Linux kernel through 4.15.7 allows local users to cause a denial of service (panic) by leveraging root access to write to the check_interval file in a ...