Debian

Debian 9 (stretch)

363 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.7

CVE-2018-1065

  • EPSS 0.08%
  • Veröffentlicht 02.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:06

The netfilter subsystem in the Linux kernel through 4.15.7 mishandles the case of a rule blob that contains a jump but lacks a user-defined chain, which allows local users to cause a denial of service (NULL pointer dereference) by leveraging the CAP_...

7.1

CVE-2018-1066

  • EPSS 5.04%
  • Veröffentlicht 02.03.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:59:06

The Linux kernel before version 4.11 is vulnerable to a NULL pointer dereference in fs/cifs/cifsencrypt.c:setup_ntlmv2_rsp() that allows an attacker controlling a CIFS server to kernel panic a client that has this server mounted, because an empty Tar...

7.8

CVE-2018-7480

  • EPSS 0.09%
  • Veröffentlicht 25.02.2018 20:29:00
  • Zuletzt bearbeitet 21.11.2024 04:12:12

The blkcg_init_queue function in block/blk-cgroup.c in the Linux kernel before 4.11 allows local users to cause a denial of service (double free) or possibly have unspecified other impact by triggering a creation failure.

5.5

CVE-2017-18193

  • EPSS 0.08%
  • Veröffentlicht 22.02.2018 15:29:00
  • Zuletzt bearbeitet 21.11.2024 03:19:31

fs/f2fs/extent_cache.c in the Linux kernel before 4.13 mishandles extent trees, which allows local users to cause a denial of service (BUG) via an application with multiple threads.

5.5

CVE-2018-5750

  • EPSS 0.04%
  • Veröffentlicht 26.01.2018 19:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:18

The acpi_smbus_hc_add function in drivers/acpi/sbshc.c in the Linux kernel through 4.14.15 allows local users to obtain sensitive address information by reading dmesg data from an SBS HC printk call.

5.6

CVE-2017-5715

Exploit
  • EPSS 89.09%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 06.05.2025 15:15:51

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6

CVE-2017-5753

Exploit
  • EPSS 94.3%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 14.01.2025 19:29:55

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6

CVE-2017-5754

  • EPSS 88.69%
  • Veröffentlicht 04.01.2018 13:29:00
  • Zuletzt bearbeitet 21.11.2024 03:28:19

Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis of the data cache.

5.5

CVE-2017-17975

  • EPSS 0.05%
  • Veröffentlicht 30.12.2017 01:29:00
  • Zuletzt bearbeitet 13.05.2026 00:24:29

Use-after-free in the usbtv_probe function in drivers/media/usb/usbtv/usbtv-core.c in the Linux kernel through 4.14.10 allows attackers to cause a denial of service (system crash) or possibly have unspecified other impact by triggering failure of aud...

5.5

CVE-2017-17862

  • EPSS 0.08%
  • Veröffentlicht 27.12.2017 17:08:20
  • Zuletzt bearbeitet 13.05.2026 00:24:29

kernel/bpf/verifier.c in the Linux kernel through 4.14.8 ignores unreachable code, even though it would still be processed by JIT compilers. This behavior, also considered an improper branch-pruning logic issue, could possibly be used by local users ...