Debian

Debian 9 (stretch)

363 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.1

CVE-2020-25656

Exploit
  • EPSS 0.02%
  • Veröffentlicht 02.12.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:22

A flaw was found in the Linux kernel. A use-after-free was found in the way the console subsystem was using ioctls KDGKBSENT and KDSKBSENT. A local user could use this flaw to get read memory access out of bounds. The highest threat from this vulnera...

5.5

CVE-2020-25704

  • EPSS 0.03%
  • Veröffentlicht 02.12.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:31

A flaw memory leak in the Linux kernel performance monitoring subsystem was found in the way if using PERF_EVENT_IOC_SET_FILTER. A local user could use this flaw to starve the resources causing denial of service.

3.6

CVE-2020-29374

Exploit
  • EPSS 0.02%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:56

An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and there...

8.8

CVE-2020-12351

Exploit
  • EPSS 2.87%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:33

Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.

6.5

CVE-2020-12352

Exploit
  • EPSS 2.39%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:33

Improper access control in BlueZ may allow an unauthenticated user to potentially enable information disclosure via adjacent access.

6.1

CVE-2020-28974

Exploit
  • EPSS 0.06%
  • Veröffentlicht 20.11.2020 18:15:12
  • Zuletzt bearbeitet 21.11.2024 05:23:25

A slab-out-of-bounds read in fbcon in the Linux kernel before 5.9.7 could be used by local attackers to read privileged information or potentially crash the kernel, aka CID-3c4e0dff2095. This occurs because KD_FONT_OP_COPY in drivers/tty/vt/vt.c can ...

7.4

CVE-2020-25705

  • EPSS 1.01%
  • Veröffentlicht 17.11.2020 02:15:13
  • Zuletzt bearbeitet 21.11.2024 05:18:31

A flaw in ICMP packets in the Linux kernel may allow an attacker to quickly scan open UDP ports. This flaw allows an off-path remote attacker to effectively bypass source port UDP randomization. Software that relies on UDP source port randomization a...

5.5

CVE-2020-8694

  • EPSS 0.81%
  • Veröffentlicht 12.11.2020 18:15:16
  • Zuletzt bearbeitet 21.11.2024 05:39:15

Insufficient access control in the Linux kernel driver for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2020-27673

  • EPSS 0.04%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. Guest OS users can cause a denial of service (host OS hang) via a high rate of events to dom0, aka CID-e99502f76271.

4.7

CVE-2020-27675

  • EPSS 0.06%
  • Veröffentlicht 22.10.2020 21:15:14
  • Zuletzt bearbeitet 21.11.2024 05:21:38

An issue was discovered in the Linux kernel through 5.9.1, as used with Xen through 4.14.x. drivers/xen/events/events_base.c allows event-channel removal during the event-handling loop (a race condition). This can cause a use-after-free or NULL point...