Debian

Debian 8 (jessie)

428 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.51%
  • Veröffentlicht 04.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:53

Memory leak in the irda_bind function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (memory consumption) by repeatedly binding an AF_IRDA socket.

  • EPSS 0.5%
  • Veröffentlicht 04.09.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:10:53

The irda_setsockopt function in net/irda/af_irda.c and later in drivers/staging/irda/net/af_irda.c in the Linux kernel before 4.17 allows local users to cause a denial of service (ias_object use-after-free and system crash) or possibly have unspecifi...

  • EPSS 0.44%
  • Veröffentlicht 31.08.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:52:26

An issue was discovered in yurex_read in drivers/usb/misc/yurex.c in the Linux kernel before 4.17.7. Local attackers could use user access read/writes with incorrect bounds checking in the yurex USB driver to crash the kernel or potentially escalate ...

  • EPSS 0.52%
  • Veröffentlicht 21.08.2018 19:29:00
  • Zuletzt bearbeitet 07.07.2026 15:16:40

It was found that the raw midi kernel driver does not protect against concurrent access which leads to a double realloc (double free) in snd_rawmidi_input_params() and snd_rawmidi_output_status() which are part of snd_rawmidi_ioctl() handler in rawmi...

  • EPSS 0.55%
  • Veröffentlicht 20.08.2018 08:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:08

arch/x86/kernel/paravirt.c in the Linux kernel before 4.18.1 mishandles certain indirect calls, which makes it easier for attackers to conduct Spectre-v2 attacks against paravirtual guests.

  • EPSS 0.51%
  • Veröffentlicht 20.08.2018 02:29:00
  • Zuletzt bearbeitet 21.11.2024 03:51:05

The spectre_v2_select_mitigation function in arch/x86/kernel/cpu/bugs.c in the Linux kernel before 4.18.1 does not always fill RSB upon a context switch, which makes it easier for attackers to conduct userspace-userspace spectreRSB attacks.

  • EPSS 5.58%
  • Veröffentlicht 14.08.2018 19:29:00
  • Zuletzt bearbeitet 29.05.2026 21:16:33

Systems with microprocessors utilizing speculative execution and address translations may allow unauthorized disclosure of information residing in the L1 data cache to an attacker with local user access via a terminal page fault and a side-channel an...

  • EPSS 0.4%
  • Veröffentlicht 07.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:44

The swiotlb_print_info function in lib/swiotlb.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "software IO TLB" printk call.

  • EPSS 0.41%
  • Veröffentlicht 07.08.2018 18:29:00
  • Zuletzt bearbeitet 21.11.2024 04:09:50

The pcpu_embed_first_chunk function in mm/percpu.c in the Linux kernel through 4.14.14 allows local users to obtain sensitive address information by reading dmesg data from a "pages/cpu" printk call.

  • EPSS 0.53%
  • Veröffentlicht 30.07.2018 16:29:00
  • Zuletzt bearbeitet 21.11.2024 03:42:13

A flaw was found in the Linux kernel's ext4 filesystem. A local user can cause an out-of-bounds write in jbd2_journal_dirty_metadata(), a denial of service, and a system crash by mounting and operating on a crafted ext4 filesystem image.