Debian

Debian 13 (trixie)

13171 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
10

CVE-2018-5703

  • EPSS 0.49%
  • Veröffentlicht 16.01.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:12

The tcp_v6_syn_recv_sock function in net/ipv6/tcp_ipv6.c in the Linux kernel through 4.14.11 allows attackers to cause a denial of service (slab out-of-bounds write) or possibly have unspecified other impact via vectors involving TLS.

9.3

CVE-2017-15126

  • EPSS 1.15%
  • Veröffentlicht 14.01.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:07

A use-after-free flaw was found in fs/userfaultfd.c in the Linux kernel before 4.13.6. The issue is related to the handling of fork failure when dealing with event messages. Failure to fork correctly can lead to a situation where a fork event will be...

5.5

CVE-2017-15127

  • EPSS 0.04%
  • Veröffentlicht 14.01.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:07

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13. A superfluous implicit page unlock for VM_SHARED hugetlbfs mapping could trigger a local denial of service (BUG).

5.5

CVE-2017-15128

  • EPSS 0.05%
  • Veröffentlicht 14.01.2018 06:29:00
  • Zuletzt bearbeitet 21.11.2024 03:14:07

A flaw was found in the hugetlb_mcopy_atomic_pte function in mm/hugetlb.c in the Linux kernel before 4.13.12. A lack of size check could cause a denial of service (BUG).

7.8

CVE-2017-13220

  • EPSS 0.1%
  • Veröffentlicht 12.01.2018 23:29:02
  • Zuletzt bearbeitet 21.11.2024 03:11:11

An elevation of privilege vulnerability in the Upstream kernel bluez. Product: Android. Versions: Android kernel. Android ID: A-63527053.

7.8

CVE-2017-13215

  • EPSS 0.11%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:10

A elevation of privilege vulnerability in the Upstream kernel skcipher. Product: Android. Versions: Android kernel. Android ID: A-64386293. References: Upstream kernel.

7.8

CVE-2017-13216

  • EPSS 3.84%
  • Veröffentlicht 12.01.2018 23:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:10

In ashmem_ioctl of ashmem.c, there is an out-of-bounds write due to insufficient locking when accessing asma. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges ne...

7.8

CVE-2018-5344

  • EPSS 0.06%
  • Veröffentlicht 12.01.2018 09:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:37

In the Linux kernel through 4.14.13, drivers/block/loop.c mishandles lo_release serialization, which allows attackers to cause a denial of service (__lock_acquire use-after-free) or possibly have unspecified other impact.

7.8

CVE-2018-5332

  • EPSS 0.04%
  • Veröffentlicht 11.01.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:35

In the Linux kernel through 3.2, the rds_message_alloc_sgs() function does not validate a value that is used during DMA page allocation, leading to a heap-based out-of-bounds write (related to the rds_rdma_extra_size function in net/rds/rdma.c).

5.5

CVE-2018-5333

  • EPSS 2.8%
  • Veröffentlicht 11.01.2018 07:29:00
  • Zuletzt bearbeitet 21.11.2024 04:08:36

In the Linux kernel through 4.14.13, the rds_cmsg_atomic function in net/rds/rdma.c mishandles cases where page pinning fails or an invalid address is supplied, leading to an rds_atomic_free_op NULL pointer dereference.