debian debian linux 10.0 vulnerabilities and exploits

(subscribe to this query)

The Debian backport of the fix for CVE-2017-3137 leads to assertion failure in validator.c:1858; Affects Debian versions 9.9.5.dfsg-9+deb8u15; 9.9.5.dfsg-9+deb8u18; 9.10.3.dfsg.P4-12.3+deb9u5; 9.11.5.P4+dfsg-5.1 No ISC releases are affected. Other packages from other distribution...

Debian Debian Linux 8.0 Debian Debian Linux 9.0 Debian Debian Linux 10.0

An issue was found in the Linux kernel in nf_conntrack_irc where the message handling can be confused and incorrectly matches the message. A firewall may be able to be bypassed when users are using unencrypted IRC with nf_conntrack_irc configured.

Linux Linux Kernel -Debian Debian Linux 10.0 Debian Debian Linux 11.0

A use-after-free vulnerability in the Linux kernel's netfilter: nf_tables component can be exploited to achieve local privilege escalation. Flaw in the error handling of bound chains causes a use-after-free in the abort path of NFT_MSG_NEWRULE. The vulnerability requires CAP...

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

An issue exists in the Linux kernel prior to 5.9. arch/x86/kvm/svm/sev.c allows malicious users to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.0

A vulnerability was found in Linux Kernel where in the spk_ttyio_receive_buf2() function, it would dereference spk_ttyio_synth without checking whether it is NULL or not, and may lead to a NULL-ptr deref crash.

Linux Linux Kernel Debian Debian Linux 9.0 Debian Debian Linux 10.0

An issue exists in the Linux kernel up to and including 5.19.8. drivers/firmware/efi/capsule-loader.c has a race condition with a resultant use-after-free.

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

1 Github repository

Guest can force Linux netback driver to hog large amounts of kernel memory T[his CNA information record relates to multiple CVEs; the text explains which aspects/vulnerabilities correspond to which CVE.] Incoming data packets for a guest in the Linux kernel's netback driver ...

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

A vulnerability was found in the fs/inode.c:inode_init_owner() function logic of the LInux kernel that allows local users to create files for the XFS file-system with an unintended group ownership and with group execution and SGID permission bits set, in a scenario where a direct...

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

There exists a use-after-free in io_uring in the Linux kernel. Signalfd_poll() and binder_poll() use a waitqueue whose lifetime is the current task. It will send a POLLFREE notification to all waiters before the queue is freed. Unfortunately, the io_uring poll doesn't handle...

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 11.0

A use-after-free vulnerability in the Linux kernel's af_unix component can be exploited to achieve local privilege escalation. The unix_stream_sendpage() function tries to add data to the last skb in the peer's recv queue without locking the queue. Thus there is a race ...

Linux Linux Kernel Debian Debian Linux 10.0 Debian Debian Linux 12.0

1 2 3 4 5 6 NEXT »

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook