Debian Linux Security Vulnerabilities and Issues — Page 7 of Debian Linux CVE List

Lucene search

DebianDebian Linux

312 matches found

CVE•added 2024/04/17 4:15 p.m.•70 views

CVE-2024-26917

In the Linux kernel, the following vulnerability has been resolved: scsi: Revert "scsi: fcoe: Fix potential deadlock on &fip->ctlr_lock" This reverts commit 1a1975551943f681772720f639ff42fbaa746212. This commit causes interrupts to be lost for FCoE devices, since it changedsping locks from "bh" ...

5.5CVSS6.3AI score0.00007EPSS

CVE•added 2024/10/15 9:15 p.m.•70 views

CVE-2024-41311

In Libheif 1.17.6, insufficient checks in ImageOverlay::parse() decoding a heif file containing an overlay image with forged offsets can lead to an out-of-bounds read and write.

8.1CVSS7AI score0.00169EPSS

CVE•added 2024/05/05 8:15 p.m.•69 views

CVE-2024-34509

dcmdata in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.

5.3CVSS6.8AI score0.00105EPSS

CVE•added 2024/05/17 2:15 p.m.•68 views

CVE-2024-35833

In the Linux kernel, the following vulnerability has been resolved: dmaengine: fsl-qdma: Fix a memory leak related to the queue command DMA This dma_alloc_coherent() is undone neither in the remove function, nor inthe error handling path of fsl_qdma_probe(). Switch to the managed version to fix bot...

5.5CVSS6.7AI score0.00015EPSS

CVE•added 2024/05/19 9:15 a.m.•68 views

CVE-2024-35902

In the Linux kernel, the following vulnerability has been resolved: net/rds: fix possible cp null dereference cp might be null, calling cp->cp_conn would produce null dereference [Simon Horman adds:] Analysis: cp is a parameter of __rds_rdma_map and is not reassigned. The following call-sites pa...

5.5CVSS6.7AI score0.00013EPSS

CVE•added 2024/04/03 5:15 p.m.•67 views

CVE-2024-26753

In the Linux kernel, the following vulnerability has been resolved: crypto: virtio/akcipher - Fix stack overflow on memcpy sizeof(struct virtio_crypto_akcipher_session_para) is less thansizeof(struct virtio_crypto_op_ctrl_req::u), copying more bytes fromstack variable leads stack overflow. Clang re...

7.8CVSS7AI score0.00016EPSS

CVE•added 2024/02/11 3:15 a.m.•63 views

CVE-2024-25714

In Rhonabwy through 1.1.13, HMAC signature verification uses a strcmp function that is vulnerable to side-channel attacks, because it stops the comparison when the first difference is spotted in the two signatures. (The fix uses gnutls_memcmp, which has constant-time execution.)

9.8CVSS6.5AI score0.00188EPSS

CVE•added 2024/11/10 10:15 p.m.•63 views

CVE-2024-46952

An issue was discovered in pdf/pdf_xref.c in Artifex Ghostscript before 10.04.0. There is a buffer overflow during handling of a PDF XRef stream (related to W array values).

8.4CVSS6.9AI score0.00026EPSS

CVE•added 2024/11/10 10:15 p.m.•63 views

CVE-2024-46955

An issue was discovered in psi/zcolor.c in Artifex Ghostscript before 10.04.0. There is an out-of-bounds read when reading color in Indexed color space.

5.5CVSS6.4AI score0.00051EPSS

CVE•added 2024/04/04 9:15 a.m.•61 views

CVE-2024-26781

In the Linux kernel, the following vulnerability has been resolved: mptcp: fix possible deadlock in subflow diag Syzbot and Eric reported a lockdep splat in the subflow diag: WARNING: possible circular locking dependency detected6.8.0-rc4-syzkaller-00212-g40b9385dd8e6 #0 Not tainted syz-executor.2/...

5.5CVSS6.3AI score0.00007EPSS

CVE•added 2024/06/07 4:15 a.m.•61 views

CVE-2024-37384

Roundcube Webmail before 1.5.7 and 1.6.x before 1.6.7 allows XSS via list columns from user preferences.

6.1CVSS6.1AI score0.00183EPSS

CVE•added 2024/05/05 8:15 p.m.•58 views

CVE-2024-34508

dcmnet in DCMTK before 3.6.9 has a segmentation fault via an invalid DIMSE message.

4.3CVSS6.8AI score0.00062EPSS

Total number of security vulnerabilities312