Debian

Debian 10 (buster)

543 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.9

CVE-2021-20317

  • EPSS 0.02%
  • Veröffentlicht 27.09.2021 11:15:07
  • Zuletzt bearbeitet 21.11.2024 05:46:21

A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing...

7.8

CVE-2021-38300

Exploit
  • EPSS 0.17%
  • Veröffentlicht 20.09.2021 06:15:06
  • Zuletzt bearbeitet 21.11.2024 06:16:45

arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can...

7.8

CVE-2021-33909

Exploit
  • EPSS 1.78%
  • Veröffentlicht 20.07.2021 19:15:09
  • Zuletzt bearbeitet 21.11.2024 06:09:45

fs/seq_file.c in the Linux kernel 3.16 through 5.13.x before 5.13.4 does not properly restrict seq buffer allocations, leading to an integer overflow, an Out-of-bounds Write, and escalation to root by an unprivileged user, aka CID-8cae8cd89f05.

5.5

CVE-2021-34693

Exploit
  • EPSS 0.05%
  • Veröffentlicht 14.06.2021 22:15:20
  • Zuletzt bearbeitet 21.11.2024 06:10:57

net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.

4.4

CVE-2021-20177

  • EPSS 0.01%
  • Veröffentlicht 26.05.2021 21:15:08
  • Zuletzt bearbeitet 21.11.2024 05:46:04

A flaw was found in the Linux kernel's implementation of string matching within a packet. A privileged user (with root or CAP_NET_ADMIN) when inserting iptables rules could insert a rule which can panic the system. Kernel before kernel 5.5-rc1 is aff...

7.8

CVE-2020-27815

Exploit
  • EPSS 0.2%
  • Veröffentlicht 26.05.2021 13:15:07
  • Zuletzt bearbeitet 21.11.2024 05:21:51

A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerabil...

5.5

CVE-2020-27830

  • EPSS 0.15%
  • Veröffentlicht 13.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:21:53

A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.

5.5

CVE-2020-36322

  • EPSS 0.04%
  • Veröffentlicht 14.04.2021 06:15:12
  • Zuletzt bearbeitet 21.11.2024 05:29:16

An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulne...

5.5

CVE-2020-36311

  • EPSS 0.08%
  • Veröffentlicht 07.04.2021 00:15:13
  • Zuletzt bearbeitet 21.11.2024 05:29:14

An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be7...

5.5

CVE-2021-28950

  • EPSS 0.03%
  • Veröffentlicht 20.03.2021 20:15:13
  • Zuletzt bearbeitet 21.11.2024 06:00:25

An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.