246 matches found
DEBIAN-CVE-2024-47141
In the Linux kernel, the following vulnerability has been resolved: pinmux: Use sequential access to access desc-pinmux data When two client of the same gpio call pinctrlselectstate for the same functionality, we are seeing NULL pointer issue while accessing desc-muxowner. Let's say two processes...
DEBIAN-CVE-2024-56761
In the Linux kernel, the following vulnerability has been resolved: x86/fred: Clear WFE in missing-ENDBRANCH CPs An indirect branch instruction sets the CPU indirect branch tracker IBT into WAITFORENDBRANCH WFE state and WFE stays asserted across the instruction boundary. When the decoder finds a...
DEBIAN-CVE-2024-38573
In the Linux kernel, the following vulnerability has been resolved: cppccpufreq: Fix possible null pointer dereference cppccpufreqgetrate and hisicppccpufreqgetrate can be called from different places with various parameters. So cpufreqcpuget can return null as 'policy' in some circumstances. Fix...
DEBIAN-CVE-2023-52640
In the Linux kernel, the following vulnerability has been resolved: fs/ntfs3: Fix oob in ntfslistxattr The length of name cannot exceed the space occupied by ea...
DEBIAN-CVE-2021-47091
In the Linux kernel, the following vulnerability has been resolved: mac80211: fix locking in ieee80211startap error path We need to hold the local-mtx to release the channel context, as even encoded by the lockdepassertheld there. Fix it...
DEBIAN-CVE-2023-52467
In the Linux kernel, the following vulnerability has been resolved: mfd: syscon: Fix null pointer dereference in ofsysconregister kasprintf returns a pointer to dynamically allocated memory which can be NULL upon failure...
SUSE CVE-2016-7118
fs/fcntl.c in the "aufs 3.2.x+setfl-debian" patch in the linux-image package 3.2.0-4 kernel 3.2.81-1 in Debian wheezy mishandles FSETFL fcntl calls on directories, which allows local users to cause a denial of service NULL pointer dereference and system crash via standard filesystem operations, a...
DEBIAN-CVE-2020-27784
A vulnerability was found in the Linux kernel, where accessing a deallocated instance in printerioctl printerioctl tries to access of a printerdev instance. However, use-after-free arises because it had been freed by gprinterfree...
DEBIAN-CVE-2021-38205
drivers/net/ethernet/xilinx/xilinxemaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer i.e., the real IOMEM pointer...
Vulnerabilities fixed in the Debian kernel
Vulnerabilities have been fixed in Debian's kernel. The vulnerabilities allow a malicious person to carry out attacks execute attacks that result in the following categories of damage: Denial-of-Service DoS Manipulation of data Access to system data Increased user privileges Debian has released...
DEBIAN-CVE-2019-20908
An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivarssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032...
DEBIAN-CVE-2020-10769
A buffer over-read flaw was found in RH kernel versions before 5.0 in cryptoauthencextractkeys in crypto/authenc.c in the IPsec Cryptographic algorithm's module, authenc. When a payload longer than 4 bytes, and is not following 4-byte alignment boundary guidelines, it causes a buffer over-read...
DEBIAN-CVE-2019-19543
In the Linux kernel before 5.1.6, there is a use-after-free in serialirinitmodule in drivers/media/rc/serialir.c...
DEBIAN-CVE-2019-15504
drivers/net/wireless/rsi/rsi91xusb.c in the Linux kernel through 5.2.9 has a Double Free via crafted USB device traffic which may be remote via usbip or usbredir...
DEBIAN-CVE-2017-18551
An issue was discovered in drivers/i2c/i2c-core-smbus.c in the Linux kernel before 4.14.15. There is an out of bounds write in the function i2csmbusxferemulated...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the linux-image-2.6.26-1-sb1a-bcm91480b package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a local malicious individual to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-source-2.4.18 package of the Debian GNU/Linux operating system may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited by local malicious individuals...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.6.8-12-amd64-generic operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.6.8-12-amd64-k8-smp operating system from the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...
Vulnerabilities in the Debian GNU/Linux operating system that allow a remote attacker to compromise the confidentiality, integrity, and accessibility of protected information
The multiple vulnerabilities in the kernel-image-2.6.8-2-32-smp operating system of the Debian GNU/Linux distribution may lead to breaches of confidentiality, integrity, and accessibility of protected information. These vulnerabilities can be exploited remotely...