Debian

Debian 10 (buster)

543 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.5

CVE-2023-52429

  • EPSS 0.03%
  • Veröffentlicht 12.02.2024 03:15:32
  • Zuletzt bearbeitet 04.11.2025 19:16:23

dm_table_create in drivers/md/dm-table.c in the Linux kernel through 6.7.4 can attempt to (in alloc_targets) allocate more than INT_MAX bytes, and crash, because of a missing check for struct dm_ioctl.target_count.

5.5

CVE-2024-25739

  • EPSS 0.01%
  • Veröffentlicht 12.02.2024 03:15:32
  • Zuletzt bearbeitet 12.05.2026 12:16:18

create_empty_lvol in drivers/mtd/ubi/vtbl.c in the Linux kernel through 6.7.4 can attempt to allocate zero bytes, and crash, because of a missing check for ubi->leb_size.

6.3

CVE-2024-24861

  • EPSS 0.04%
  • Veröffentlicht 05.02.2024 08:15:45
  • Zuletzt bearbeitet 13.02.2025 18:17:11

A race condition was found in the Linux kernel's media/xc4000 device driver in xc4000 xc4000_get_frequency() function. This can result in return value overflow issue, possibly leading to malfunction or denial of service issue.

6.8

CVE-2024-24857

  • EPSS 0.03%
  • Veröffentlicht 05.02.2024 08:15:44
  • Zuletzt bearbeitet 12.05.2026 12:16:18

A race condition was found in the Linux kernel's net/bluetooth device driver in conn_info_{min,max}_age_set() function. This can result in integrity overflow issue, possibly leading to bluetooth connection abnormality or denial of service.

5.3

CVE-2024-24858

  • EPSS 0.03%
  • Veröffentlicht 05.02.2024 08:15:44
  • Zuletzt bearbeitet 12.05.2026 12:16:18

A race condition was found in the Linux kernel's net/bluetooth in {conn,adv}_{min,max}_interval_set() function. This can result in I2cap connection or broadcast abnormality issue, possibly leading to denial of service.

7.8

CVE-2024-1086

Warnung Exploit
  • EPSS 84.55%
  • Veröffentlicht 31.01.2024 13:15:10
  • Zuletzt bearbeitet 27.10.2025 17:06:37

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. The nft_verdict_init() function allows positive values as drop error within the hook verdict, and hence the n...

7.5

CVE-2023-46838

  • EPSS 0.22%
  • Veröffentlicht 29.01.2024 11:15:07
  • Zuletzt bearbeitet 04.11.2025 19:16:04

Transmit requests in Xen's virtual network protocol can consist of multiple parts. While not really useful, except for the initial part any of them may be of zero length, i.e. carry no data at all. Besides a certain initial portion of the to be tra...

5.5

CVE-2024-22099

  • EPSS 0.05%
  • Veröffentlicht 25.01.2024 07:15:08
  • Zuletzt bearbeitet 12.05.2026 12:16:17

NULL Pointer Dereference vulnerability in Linux Linux kernel kernel on Linux, x86, ARM (net, bluetooth modules) allows Overflow Buffers. This vulnerability is associated with program files /net/bluetooth/rfcomm/core.C. This issue affects Linux kerne...

5.5

CVE-2024-23849

  • EPSS 0.02%
  • Veröffentlicht 23.01.2024 09:15:36
  • Zuletzt bearbeitet 04.11.2025 19:16:54

In rds_recv_track_latency in net/rds/af_rds.c in the Linux kernel through 6.7.1, there is an off-by-one error for an RDS_MSG_RX_DGRAM_TRACE_MAX comparison, resulting in out-of-bounds access.

5.5

CVE-2024-23851

  • EPSS 0.03%
  • Veröffentlicht 23.01.2024 09:15:36
  • Zuletzt bearbeitet 04.11.2025 19:16:55

copy_params in drivers/md/dm-ioctl.c in the Linux kernel through 6.7.1 can attempt to allocate more than INT_MAX bytes, and crash, because of a missing param_kernel->data_size check. This is related to ctl_ioctl.