Debian

Debian 14 (forky)

14640 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.12%
  • Veröffentlicht 24.04.2026 14:44:57
  • Zuletzt bearbeitet 27.04.2026 20:19:26

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key parsing memleak In rxrpc_preparse_xdr_yfs_rxgk(), the memory attached to token->rxgk can be leaked in a few error paths after it's allocated. Fix this by freeing it...

  • EPSS 0.14%
  • Veröffentlicht 24.04.2026 14:44:56
  • Zuletzt bearbeitet 30.06.2026 03:18:26

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix RxGK token loading to check bounds rxrpc_preparse_xdr_yfs_rxgk() reads the raw key length and ticket length from the XDR token as u32 values and passes each through roun...

  • EPSS 0.12%
  • Veröffentlicht 24.04.2026 14:44:56
  • Zuletzt bearbeitet 01.06.2026 17:16:54

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix call removal to use RCU safe deletion Fix rxrpc call removal from the rxnet->calls list to use list_del_rcu() rather than list_del_init() to prevent stuffing up reading ...

  • EPSS 0.43%
  • Veröffentlicht 24.04.2026 14:44:54
  • Zuletzt bearbeitet 27.04.2026 20:20:22

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix use of wrong skb when comparing queued RESP challenge serial In rxrpc_post_response(), the code should be comparing the challenge serial number from the cached response ...

  • EPSS 0.44%
  • Veröffentlicht 24.04.2026 14:44:52
  • Zuletzt bearbeitet 27.04.2026 20:20:36

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Only put the call ref if one was acquired rxrpc_input_packet_on_conn() can process a to-client packet after the current client call on the channel has already been torn down...

  • EPSS 0.12%
  • Veröffentlicht 24.04.2026 14:44:52
  • Zuletzt bearbeitet 27.04.2026 20:20:27

In the Linux kernel, the following vulnerability has been resolved: rxrpc: Fix key reference count leak from call->key When creating a client call in rxrpc_alloc_client_call(), the code obtains a reference to the key. This is never cleaned up and ...

  • EPSS 0.51%
  • Veröffentlicht 24.04.2026 14:44:51
  • Zuletzt bearbeitet 01.06.2026 17:16:54

In the Linux kernel, the following vulnerability has been resolved: rxrpc: reject undecryptable rxkad response tickets rxkad_decrypt_ticket() decrypts the RXKAD response ticket and then parses the buffer as plaintext without checking whether crypto...

  • EPSS 0.44%
  • Veröffentlicht 24.04.2026 14:44:50
  • Zuletzt bearbeitet 27.04.2026 20:21:04

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix RESPONSE authenticator parser OOB read rxgk_verify_authenticator() copies auth_len bytes into a temporary buffer and then passes p + auth_len as the parser limit to rxgk...

  • EPSS 0.12%
  • Veröffentlicht 24.04.2026 14:44:49
  • Zuletzt bearbeitet 01.06.2026 17:16:54

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix reference count leak in rxrpc_server_keyring() This patch fixes a reference count leak in rxrpc_server_keyring() by checking if rx->securities is already set.

Medienbericht
  • EPSS 0.82%
  • Veröffentlicht 24.04.2026 14:44:49
  • Zuletzt bearbeitet 18.05.2026 15:16:25

In the Linux kernel, the following vulnerability has been resolved: rxrpc: fix oversized RESPONSE authenticator length check rxgk_verify_response() decodes auth_len from the packet and is supposed to verify that it fits in the remaining bytes. The ...