Debian

Debian 13 (trixie)

13946 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 25.06.2026 08:39:55
  • Zuletzt bearbeitet 08.07.2026 04:01:49

In the Linux kernel, the following vulnerability has been resolved: netfilter: synproxy: add mutex to guard hook reference counting As the synproxy infrastructure register netfilter hooks on-demand when a user adds the first iptables target or nfta...

  • EPSS 0.36%
  • Veröffentlicht 25.06.2026 08:39:54
  • Zuletzt bearbeitet 08.07.2026 04:01:54

In the Linux kernel, the following vulnerability has been resolved: netfilter: conntrack_irc: fix possible out-of-bounds read When parsing fails after we've matched the command string we should bail out instead of trying to match a different comman...

  • EPSS 0.13%
  • Veröffentlicht 25.06.2026 08:39:53
  • Zuletzt bearbeitet 08.07.2026 04:01:59

In the Linux kernel, the following vulnerability has been resolved: netfilter: nft_ct: bail out on template ct in get eval I noticed this issue while looking at a historic syzbot report [1]. A rule like the one below is enough to trigger the bug: ...

  • EPSS 0.13%
  • Veröffentlicht 25.06.2026 08:39:53
  • Zuletzt bearbeitet 08.07.2026 04:02:04

In the Linux kernel, the following vulnerability has been resolved: netfilter: bridge: make ebt_snat ARP rewrite writable The ebtables SNAT target keeps the Ethernet source address rewrite behind skb_ensure_writable(skb, 0). This is intentional: a...

  • EPSS 0.13%
  • Veröffentlicht 25.06.2026 08:39:51
  • Zuletzt bearbeitet 08.07.2026 04:02:13

In the Linux kernel, the following vulnerability has been resolved: net/sched: act_api: use RCU with deferred freeing for action lifecycle When NEWTFILTER and DELFILTER are run concurrently it is possible to create a race with an associated action....

  • EPSS 0.12%
  • Veröffentlicht 25.06.2026 08:39:51
  • Zuletzt bearbeitet 08.07.2026 04:02:17

In the Linux kernel, the following vulnerability has been resolved: 6lowpan: fix off-by-one in multicast context address compression The second memcpy in lowpan_iphc_mcast_ctx_addr_compress() uses &data[1] as destination and &ipaddr->s6_addr[11] as...

  • EPSS 0.13%
  • Veröffentlicht 25.06.2026 08:39:50
  • Zuletzt bearbeitet 08.07.2026 15:15:55

In the Linux kernel, the following vulnerability has been resolved: l2tp: pppol2tp: hold reference to session in pppol2tp_ioctl() pppol2tp_ioctl() read sock->sk->sk_user_data directly without any locks or reference counting. If a controllable slee...

  • EPSS 0.12%
  • Veröffentlicht 25.06.2026 08:39:49
  • Zuletzt bearbeitet 08.07.2026 15:17:32

In the Linux kernel, the following vulnerability has been resolved: devlink: Release nested relation on devlink free devlink relation state is normally released from devl_unregister(), which calls devlink_rel_put(). This misses devlink instances th...

  • EPSS 0.35%
  • Veröffentlicht 25.06.2026 08:39:49
  • Zuletzt bearbeitet 08.07.2026 15:25:49

In the Linux kernel, the following vulnerability has been resolved: tcp: Add preempt_{disable,enable}_nested() in reqsk_queue_hash_req(). syzbot reported a weird reqsk->rsk_refcnt underflow in __inet_csk_reqsk_queue_drop(). The captured reqsk_put(...

  • EPSS 0.12%
  • Veröffentlicht 25.06.2026 08:39:47
  • Zuletzt bearbeitet 08.07.2026 16:40:07

In the Linux kernel, the following vulnerability has been resolved: wifi: fix leak if split 6 GHz scanning fails rdev->int_scan_req is leaked if cfg80211_scan() fails. Note that it's supposed to be released at ___cfg80211_scan_done() but this does...