Debian

Debian 10 (buster)

543 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2023-1118

  • EPSS 0.02%
  • Veröffentlicht 02.03.2023 18:15:09
  • Zuletzt bearbeitet 23.04.2025 17:16:24

A flaw use after free in the Linux kernel integrated infrared receiver/transceiver driver was found in the way user detaching rc device. A local user could use this flaw to crash the system or potentially escalate their privileges on the system.

7.8

CVE-2023-0461

  • EPSS 0.14%
  • Veröffentlicht 28.02.2023 15:15:11
  • Zuletzt bearbeitet 21.11.2024 07:37:13

There is a use-after-free vulnerability in the Linux Kernel which can be exploited to achieve local privilege escalation. To reach the vulnerability kernel configuration flag CONFIG_TLS or CONFIG_XFRM_ESPINTCP has to be configured, but the operation ...

4.7

CVE-2023-26545

  • EPSS 0.02%
  • Veröffentlicht 25.02.2023 04:15:10
  • Zuletzt bearbeitet 25.06.2025 20:54:48

In the Linux kernel before 6.1.13, there is a double free in net/mpls/af_mpls.c upon an allocation failure (for registering the sysctl table under a new location) during the renaming of a device.

7

CVE-2023-0266

Warnung
  • EPSS 0.15%
  • Veröffentlicht 30.01.2023 14:15:10
  • Zuletzt bearbeitet 24.10.2025 13:54:46

A use after free vulnerability exists in the ALSA PCM package in the Linux Kernel. SNDRV_CTL_IOCTL_ELEM_{READ|WRITE}32 is missing locks that can be used in a use-after-free that can result in a priviledge escalation to gain ring0 access from the syst...

5.5

CVE-2023-0394

  • EPSS 0.02%
  • Veröffentlicht 26.01.2023 21:18:07
  • Zuletzt bearbeitet 31.03.2025 15:15:38

A NULL pointer dereference flaw was found in rawv6_push_pending_frames in net/ipv6/raw.c in the network subcomponent in the Linux kernel. This flaw causes the system to crash.

5.5

CVE-2022-47929

Exploit
  • EPSS 0.04%
  • Veröffentlicht 17.01.2023 21:15:14
  • Zuletzt bearbeitet 04.04.2025 18:15:43

In the Linux kernel before 6.1.6, a NULL pointer dereference bug in the traffic control subsystem allows an unprivileged user to trigger a denial of service (system crash) via a crafted traffic control configuration that is set up with "tc qdisc" and...

7.8

CVE-2023-23559

  • EPSS 0.03%
  • Veröffentlicht 13.01.2023 01:15:10
  • Zuletzt bearbeitet 05.05.2025 16:15:30

In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.

6.6

CVE-2022-3628

Exploit
  • EPSS 0.07%
  • Veröffentlicht 12.01.2023 19:15:24
  • Zuletzt bearbeitet 08.04.2025 15:15:45

A buffer overflow flaw was found in the Linux kernel Broadcom Full MAC Wi-Fi driver. This issue occurs when a user connects to a malicious USB device. This can allow a local user to crash the system or escalate their privileges.

5.5

CVE-2023-23455

  • EPSS 0.03%
  • Veröffentlicht 12.01.2023 07:15:09
  • Zuletzt bearbeitet 20.03.2025 21:15:18

atm_tc_enqueue in net/sched/sch_atm.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than valid classification resu...

5.5

CVE-2023-23454

  • EPSS 0.04%
  • Veröffentlicht 12.01.2023 07:15:08
  • Zuletzt bearbeitet 20.03.2025 21:15:18

cbq_classify in net/sched/sch_cbq.c in the Linux kernel through 6.1.4 allows attackers to cause a denial of service (slab-out-of-bounds read) because of type confusion (non-negative numbers can sometimes indicate a TC_ACT_SHOT condition rather than v...