Debian

Debian 10 (buster)

543 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2021-3347

Exploit
  • EPSS 0.2%
  • Veröffentlicht 29.01.2021 17:15:12
  • Zuletzt bearbeitet 25.02.2026 18:16:53

An issue was discovered in the Linux kernel through 5.10.11. PI futexes have a kernel stack use-after-free during fault handling, allowing local users to execute code in the kernel, aka CID-34b1a1ce1458.

8.1

CVE-2020-28374

  • EPSS 0.31%
  • Veröffentlicht 13.01.2021 04:15:12
  • Zuletzt bearbeitet 21.11.2024 05:22:41

In drivers/target/target_core_xcopy.c in the Linux kernel before 5.10.7, insufficient identifier checking in the LIO SCSI target code can be used by remote attackers to read or write files via directory traversal in an XCOPY request, aka CID-2896c938...

7.2

CVE-2020-36158

  • EPSS 0.58%
  • Veröffentlicht 05.01.2021 05:15:10
  • Zuletzt bearbeitet 21.11.2024 05:28:50

mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332.

6.5

CVE-2020-29568

  • EPSS 0.06%
  • Veröffentlicht 15.12.2020 17:15:14
  • Zuletzt bearbeitet 21.11.2024 05:24:13

An issue was discovered in Xen through 4.14.x. Some OSes (such as Linux, FreeBSD, and NetBSD) are processing watch events using a single thread. If the events are received faster than the thread is able to handle, they will get queued. As the queue i...

8.8

CVE-2020-29569

  • EPSS 0.19%
  • Veröffentlicht 15.12.2020 17:15:14
  • Zuletzt bearbeitet 21.11.2024 05:24:13

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to ru...

5.7

CVE-2020-27825

  • EPSS 0.14%
  • Veröffentlicht 11.12.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 05:21:53

A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This fl...

4.4

CVE-2020-29660

Exploit
  • EPSS 0.07%
  • Veröffentlicht 09.12.2020 17:15:31
  • Zuletzt bearbeitet 21.11.2024 05:24:22

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

7.8

CVE-2020-29661

  • EPSS 0.29%
  • Veröffentlicht 09.12.2020 17:15:31
  • Zuletzt bearbeitet 21.11.2024 05:24:23

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

3.6

CVE-2020-29374

Exploit
  • EPSS 0.02%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:56

An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and there...

8.8

CVE-2020-12351

Exploit
  • EPSS 2.87%
  • Veröffentlicht 23.11.2020 17:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:33

Improper input validation in BlueZ may allow an unauthenticated user to potentially enable escalation of privilege via adjacent access.