Debian

Debian 14 (forky)

13671 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2018-10021

  • EPSS 0.04%
  • Veröffentlicht 11.04.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:40:41

drivers/scsi/libsas/sas_scsi_host.c in the Linux kernel before 4.16 allows local users to cause a denial of service (ata qc leak) by triggering certain failure conditions. NOTE: a third party disputes the relevance of this report because the failure ...

7

CVE-2015-9016

  • EPSS 0.02%
  • Veröffentlicht 05.04.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 02:39:40

In blk_mq_tag_to_rq in blk-mq.c in the upstream kernel, there is a possible use after free due to a race condition when a request has been previously freed by blk_mq_complete_request. This could lead to local escalation of privilege. Product: Android...

5.5

CVE-2017-18257

  • EPSS 0.11%
  • Veröffentlicht 04.04.2018 17:29:01
  • Zuletzt bearbeitet 21.11.2024 03:19:42

The __get_data_block function in fs/f2fs/data.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow and loop) via crafted use of the open and fallocate system calls with an FS_IOC_FIEMAP ioctl.

7.1

CVE-2017-13305

  • EPSS 0.11%
  • Veröffentlicht 04.04.2018 16:29:01
  • Zuletzt bearbeitet 21.11.2024 03:11:20

A information disclosure vulnerability in the Upstream kernel encrypted-keys. Product: Android. Versions: Android kernel. Android ID: A-70526974.

7.1

CVE-2018-1092

  • EPSS 0.24%
  • Veröffentlicht 02.04.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:09

The ext4_iget function in fs/ext4/inode.c in the Linux kernel through 4.15.15 mishandles the case of a root directory with a zero i_links_count, which allows attackers to cause a denial of service (ext4_process_freed_data NULL pointer dereference and...

7.1

CVE-2018-1093

  • EPSS 0.1%
  • Veröffentlicht 02.04.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:10

The ext4_valid_block_bitmap function in fs/ext4/balloc.c in the Linux kernel through 4.15.15 allows attackers to cause a denial of service (out-of-bounds read and system crash) via a crafted ext4 image because balloc.c and ialloc.c do not validate bi...

7.1

CVE-2018-1094

Exploit
  • EPSS 0.29%
  • Veröffentlicht 02.04.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:10

The ext4_fill_super function in fs/ext4/super.c in the Linux kernel through 4.15.15 does not always initialize the crc32c checksum driver, which allows attackers to cause a denial of service (ext4_xattr_inode_hash NULL pointer dereference and system ...

7.1

CVE-2018-1095

Exploit
  • EPSS 0.15%
  • Veröffentlicht 02.04.2018 03:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:10

The ext4_xattr_check_entries function in fs/ext4/xattr.c in the Linux kernel through 4.15.15 does not properly validate xattr sizes, which causes misinterpretation of a size as an error code, and consequently allows attackers to cause a denial of ser...

7.8

CVE-2017-18255

  • EPSS 0.11%
  • Veröffentlicht 31.03.2018 17:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:41

The perf_cpu_time_max_percent_handler function in kernel/events/core.c in the Linux kernel before 4.11 allows local users to cause a denial of service (integer overflow) or possibly have unspecified other impact via a large value, as demonstrated by ...

7.8

CVE-2018-7566

  • EPSS 0.08%
  • Veröffentlicht 30.03.2018 21:29:02
  • Zuletzt bearbeitet 21.11.2024 04:12:22

The Linux kernel 4.15 has a Buffer Overflow via an SNDRV_SEQ_IOCTL_SET_CLIENT_POOL ioctl write operation to /dev/snd/seq by a local user.