Debian_linux - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Debian_linux
(Debian)

Repositories

• https://github.com/torvalds/linux
• https://github.com/ImageMagick/ImageMagick
• https://github.com/WordPress/WordPress
• https://github.com/FFmpeg/FFmpeg
• https://github.com/rdesktop/rdesktop

More/Less (143)

• https://github.com/krb5/krb5
• https://github.com/neomutt/neomutt
• https://github.com/FasterXML/jackson-databind
• https://github.com/file/file
• https://github.com/php/php-src
• https://github.com/the-tcpdump-group/tcpdump
• https://github.com/redmine/redmine
• https://github.com/dbry/WavPack
• https://github.com/rubygems/rubygems
• https://github.com/uclouvain/openjpeg
• https://github.com/bcgit/bc-java
• https://github.com/libgd/libgd
• https://github.com/kyz/libmspack
• https://github.com/mantisbt/mantisbt
• https://github.com/gpac/gpac
• https://github.com/newsoft/libvncserver
• https://github.com/madler/zlib
• https://github.com/libgit2/libgit2
• https://github.com/mdadams/jasper
• https://github.com/FreeRDP/FreeRDP
• https://github.com/mruby/mruby
• https://github.com/uriparser/uriparser
• https://github.com/LibRaw/LibRaw
• https://github.com/ceph/ceph
• https://github.com/verdammelt/tnef
• https://github.com/libevent/libevent
• https://github.com/antirez/redis
• https://github.com/Yeraze/ytnef
• https://github.com/Perl/perl5
• https://github.com/ntp-project/ntp
• https://github.com/openssl/openssl
• https://github.com/LibVNC/libvncserver
• https://github.com/ARMmbed/mbedtls
• https://github.com/inspircd/inspircd
• https://github.com/OTRS/otrs
• https://github.com/python-pillow/Pillow
• https://github.com/perl5-dbi/DBD-mysql
• https://github.com/mm2/Little-CMS
• https://github.com/apache/httpd
• https://github.com/curl/curl
• https://github.com/libjpeg-turbo/libjpeg-turbo
• https://github.com/jquery/jquery-ui
• https://github.com/openbsd/src
• https://github.com/szukw000/openjpeg
• https://github.com/mysql/mysql-server
• https://github.com/memcached/memcached
• https://github.com/openvswitch/ovs
• https://github.com/SpiderLabs/ModSecurity
• https://github.com/kamailio/kamailio
• https://github.com/vadz/libtiff
• https://github.com/dovecot/core
• https://github.com/znc/znc
• https://github.com/horde/horde
• https://github.com/mono/mono
• https://github.com/codehaus-plexus/plexus-utils
• https://github.com/ellson/graphviz
• git://git.openssl.org/openssl.git
• https://github.com/dajobe/raptor
• https://github.com/DanBloomberg/leptonica
• https://github.com/django/django
• https://github.com/collectd/collectd
• https://github.com/weechat/weechat
• https://git.kernel.org/pub/scm/git/git.git
• https://github.com/akrennmair/newsbeuter
• https://github.com/dom4j/dom4j
• https://github.com/sleuthkit/sleuthkit
• https://github.com/python/cpython
• https://github.com/zhutougg/c3p0
• https://github.com/golang/go
• https://github.com/haproxy/haproxy
• https://github.com/westes/flex
• https://github.com/jcupitt/libvips
• https://github.com/codehaus-plexus/plexus-archiver
• https://github.com/openssh/openssh-portable
• https://github.com/jpirko/libndp
• https://github.com/inverse-inc/sogo
• https://github.com/varnish/Varnish-Cache
• https://github.com/varnishcache/varnish-cache
• https://github.com/esnet/iperf
• https://github.com/paramiko/paramiko
• https://github.com/resiprocate/resiprocate
• https://github.com/nih-at/libzip
• https://github.com/twigphp/Twig
• https://github.com/lighttpd/lighttpd1.4
• https://github.com/vim/vim
• https://github.com/smarty-php/smarty
• https://github.com/symfony/symfony
• https://github.com/ansible/ansible
• https://github.com/mapserver/mapserver
• https://github.com/stoth68000/media-tree
• https://github.com/ImageMagick/ImageMagick6
• https://github.com/antlarr/audiofile
• https://github.com/shadow-maint/shadow
• https://github.com/lxml/lxml
• https://github.com/GStreamer/gst-plugins-ugly
• https://github.com/erikd/libsndfile
• https://github.com/ruby/openssl
• https://github.com/beanshell/beanshell
• https://github.com/git/git
• https://github.com/cyu/rack-cors
• https://github.com/Exim/exim
• https://github.com/GNOME/nautilus
• https://github.com/phusion/passenger
• https://github.com/karelzak/util-linux
• https://github.com/apple/cups
• https://github.com/shadowsocks/shadowsocks-libev
• https://github.com/simplesamlphp/simplesamlphp
• https://github.com/GNOME/evince
• https://github.com/torproject/tor
• https://github.com/derickr/timelib
• https://github.com/libarchive/libarchive
• https://git.savannah.gnu.org/git/patch.git
• https://github.com/puppetlabs/puppet
• https://github.com/flori/json
• https://github.com/eldy/awstats
• https://github.com/simplesamlphp/saml2
• https://github.com/anymail/django-anymail
• https://github.com/mpv-player/mpv
• https://github.com/TeX-Live/texlive-source
• https://github.com/vim-syntastic/syntastic
• https://github.com/gosa-project/gosa-core
• https://github.com/Cisco-Talos/clamav-devel
• https://github.com/GNOME/librsvg
• https://github.com/viewvc/viewvc
• https://github.com/moinwiki/moin-1.9
• https://github.com/splitbrain/dokuwiki
• https://github.com/heimdal/heimdal
• https://github.com/openstack/swauth
• https://github.com/bottlepy/bottle
• https://github.com/charybdis-ircd/charybdis
• https://github.com/mjg59/pupnp-code
• https://git.videolan.org/git/vlc.git
• https://github.com/atheme/atheme
• https://github.com/fragglet/lhasa
• https://github.com/neovim/neovim
• https://github.com/Quagga/quagga
• https://github.com/rohe/pysaml2
• https://github.com/PHPMailer/PHPMailer
• https://github.com/Automattic/Genericons
• https://github.com/jmacd/xdelta-devel
• https://github.com/axkibe/lsyncd
• https://github.com/quassel/quassel
• https://github.com/yarolig/didiwiki

#Vulnerabilities

8816

Date	Id	Summary	Products	Score	Patch	Annotated
2021-04-20	CVE-2021-29155	An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.	Debian_linux, Fedora, Linux_kernel	5.5
2021-06-14	CVE-2021-34693	net/can/bcm.c in the Linux kernel through 5.12.10 allows local users to obtain sensitive information from kernel stack memory because parts of a data structure are uninitialized.	Debian_linux, Linux_kernel	5.5
2021-07-21	CVE-2021-37159	hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.	Debian_linux, Linux_kernel, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy	6.4
2021-10-20	CVE-2021-42739	The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.	Debian_linux, Fedora, Linux_kernel, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy, Starwind_san_\&_nas, Starwind_virtual_san	6.7
2021-11-17	CVE-2021-43976	In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).	Debian_linux, Fedora, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy	4.6
2021-12-22	CVE-2021-44733	A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.	Debian_linux, Fedora, Linux_kernel, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Enterprise_linux	7.0
2022-01-14	CVE-2022-23222	kernel/bpf/verifier.c in the Linux kernel through 5.15.14 allows local users to gain privileges because of the availability of pointer arithmetic via certain *_OR_NULL pointer types.	Debian_linux, Fedora, Linux_kernel, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware	7.8
2022-07-27	CVE-2022-36946	nfqnl_mangle in net/netfilter/nfnetlink_queue.c in the Linux kernel through 5.18.14 allows remote attackers to cause a denial of service (panic) because, in the case of an nf_queue verdict with a one-byte nfta_payload attribute, an skb_pull can encounter a negative skb->len.	Debian_linux, Linux_kernel, Active_iq_unified_manager, Hci_compute_node, Solidfire_\&_hci_management_node, Solidfire_\&_hci_storage_node, Solidfire_enterprise_sds	7.5
2022-09-18	CVE-2022-40768	drivers/scsi/stex.c in the Linux kernel through 5.19.9 allows local users to obtain sensitive information from kernel memory because stex_queuecommand_lck lacks a memset for the PASSTHRU_CMD case.	Debian_linux, Fedora, Linux_kernel	5.5
2022-09-21	CVE-2022-41218	In drivers/media/dvb-core/dmxdev.c in the Linux kernel through 5.19.10, there is a use-after-free caused by refcount races, affecting dvb_demux_open and dvb_dmxdev_release.	Debian_linux, Linux_kernel	5.5