Debian

Debian 9 (stretch)

363 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2019-19813

Exploit
  • EPSS 1.25%
  • Veröffentlicht 17.12.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:26

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner...

9.3

CVE-2019-19816

Exploit
  • EPSS 1.15%
  • Veröffentlicht 17.12.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:26

In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandl...

7.5

CVE-2019-19768

  • EPSS 1.4%
  • Veröffentlicht 12.12.2019 20:15:17
  • Zuletzt bearbeitet 21.11.2024 04:35:20

In the Linux kernel 5.4.0-rc2, there is a use-after-free (read) in the __blk_add_trace function in kernel/trace/blktrace.c (which is used to fill out a blk_io_trace structure and place it in a per-cpu sub-buffer).

7.8

CVE-2019-19448

Exploit
  • EPSS 0.78%
  • Veröffentlicht 08.12.2019 02:15:09
  • Zuletzt bearbeitet 21.11.2024 04:34:45

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer...

5.5

CVE-2019-19462

  • EPSS 0.11%
  • Veröffentlicht 30.11.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:34:47

relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

4.4

CVE-2019-19318

Exploit
  • EPSS 0.35%
  • Veröffentlicht 28.11.2019 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:34

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

6.5

CVE-2019-19319

Exploit
  • EPSS 0.44%
  • Veröffentlicht 27.11.2019 23:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:34

In the Linux kernel before 5.2, a setxattr operation, after a mount of a crafted ext4 image, can cause a slab-out-of-bounds write access because of an ext4_xattr_set_entry use-after-free in fs/ext4/xattr.c when a large old_size value is used in a mem...

5.5

CVE-2019-10207

  • EPSS 0.7%
  • Veröffentlicht 25.11.2019 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:18:39

A flaw was found in the Linux kernel's Bluetooth implementation of UART, all versions kernel 3.x.x before 4.18.0 and kernel 5.x.x. An attacker with local access and write permissions to the Bluetooth hardware could use this flaw to issue a specially ...

4

CVE-2019-19073

  • EPSS 0.09%
  • Veröffentlicht 18.11.2019 06:15:13
  • Zuletzt bearbeitet 21.11.2024 04:34:08

Memory leaks in drivers/net/wireless/ath/ath9k/htc_hst.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering wait_for_completion_timeout() failures. This affects the htc_config_pipe_credi...

7.8

CVE-2019-19074

  • EPSS 0.47%
  • Veröffentlicht 18.11.2019 06:15:13
  • Zuletzt bearbeitet 21.11.2024 04:34:08

A memory leak in the ath9k_wmi_cmd() function in drivers/net/wireless/ath/ath9k/wmi.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption), aka CID-728c1e2a05e4.