Debian

Debian 13 (trixie)

13946 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.35%
  • Veröffentlicht 22.04.2013 11:40:59
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The crypto API in the Linux kernel through 3.9-rc8 does not initialize certain length variables, which allows local users to obtain sensitive information from kernel stack memory via a crafted recvmsg or recvfrom system call, related to the hash_recv...

Warnung Exploit
  • EPSS 3.37%
  • Veröffentlicht 13.04.2013 02:59:46
  • Zuletzt bearbeitet 21.04.2026 18:14:34

Integer overflow in the fb_mmap function in drivers/video/fbmem.c in the Linux kernel before 3.8.9, as used in a certain Motorola build of Android 4.1.2 and other products, allows local users to create a read-write memory mapping for the entirety of ...

  • EPSS 0.46%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The flush_signal_handlers function in kernel/signal.c in the Linux kernel before 3.8.4 preserves the value of the sa_restorer field across an exec operation, which makes it easier for local users to bypass the ASLR protection mechanism via a crafted ...

  • EPSS 0.29%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Race condition in the install_user_keyrings function in security/keys/process_keys.c in the Linux kernel before 3.8.3 allows local users to cause a denial of service (NULL pointer dereference and system crash) via crafted keyctl system calls that tri...

  • EPSS 0.95%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The kvm_set_msr_common function in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 does not ensure a required time_page alignment during an MSR_KVM_SYSTEM_TIME operation, which allows guest OS users to cause a denial of service (buffer overflow ...

  • EPSS 0.89%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

Use-after-free vulnerability in arch/x86/kvm/x86.c in the Linux kernel through 3.8.4 allows guest OS users to cause a denial of service (host OS memory corruption) or possibly have unspecified other impact via a crafted application that triggers use ...

Exploit
  • EPSS 1.35%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The ioapic_read_indirect function in virt/kvm/ioapic.c in the Linux kernel through 3.8.4 does not properly handle a certain combination of invalid IOAPIC_REG_SELECT and IOAPIC_REG_WINDOW operations, which allows guest OS users to obtain sensitive inf...

  • EPSS 0.51%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

The xfrm_state_netlink function in net/xfrm/xfrm_user.c in the Linux kernel before 3.5.7 does not properly handle error conditions in dump_one_state function calls, which allows local users to gain privileges or cause a denial of service (NULL pointe...

Exploit
  • EPSS 0.48%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

net/dccp/ccid.h in the Linux kernel before 3.5.4 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) by leveraging the CAP_NET_ADMIN capability for a certain (1) sender or (2) receiver getsoc...

Exploit
  • EPSS 0.58%
  • Veröffentlicht 22.03.2013 11:59:11
  • Zuletzt bearbeitet 29.04.2026 01:13:23

fs/ext3/super.c in the Linux kernel before 3.8.4 uses incorrect arguments to functions in certain circumstances related to printk input, which allows local users to conduct format-string attacks and possibly gain privileges via a crafted application.