Debian Security Vulnerabilities (CVEs)

A Linux kernel TLS vulnerability where zero-length records on the rx_list can cause improper handling during decryption, potentially leading to memory...

A race condition vulnerability in the Linux kernel's PPP implementation could allow local attackers to cause a kernel panic (system crash) or potentia...

A null pointer dereference vulnerability in the Linux kernel's AMD display driver could cause kernel crashes or denial of service. This affects system...

This CVE describes a NULL pointer dereference vulnerability in the Linux kernel's qla4xxx SCSI driver. The vulnerability occurs when error pointers ar...

A memory leak vulnerability in the Linux kernel's netfilter subsystem where loopback packets cause reference count leaks when rejected. This affects L...

A Linux kernel vulnerability in the ASIX USB network driver allows invalid PHY addresses to be used during MDIO bus initialization, potentially causin...

A use-after-free vulnerability in the Linux kernel's NFS server (nfsd) allows attackers to potentially crash the kernel or execute arbitrary code. Thi...

A race condition in the Linux kernel's netlink subsystem can cause infinite retry loops when sending unicast messages, leading to CPU stalls and poten...

A slab out-of-bounds read vulnerability in the Linux kernel's SMB3 implementation allows attackers to read kernel memory during mount operations to ks...

A memory corruption vulnerability in the Linux kernel's SCTP (Stream Control Transmission Protocol) implementation allows uninitialized memory access ...

A reference count leak in the Linux kernel's netfilter ctnetlink component prevents proper cleanup of connection tracking objects. This can cause kern...

A deadlock vulnerability exists in the Linux kernel's SMB server implementation when handling file linking operations with ReplaceIfExists flag. This ...

A vulnerability in the Linux kernel's HFS+ filesystem driver where erroneous volume header values cause the system to incorrectly assume the attribute...

This is a memory corruption vulnerability in the Linux kernel's HFS+ filesystem driver. A slab-out-of-bounds read in the hfsplus_uni2asc() function ca...

A slab-out-of-bounds memory access vulnerability in the Linux kernel's HFS filesystem implementation allows attackers to read or write beyond allocate...

A NULL pointer dereference vulnerability in the Linux kernel's ASoC (Audio System on Chip) subsystem could cause kernel crashes when removing PCM runt...

A vulnerability in the Linux kernel's NTFS3 filesystem driver allows local attackers to cause a kernel panic or potentially execute arbitrary code by ...

This CVE describes an out-of-bounds read vulnerability in the JFS filesystem implementation in the Linux kernel. An attacker could exploit filesystem ...

A double-free vulnerability in the Linux kernel's bfa SCSI driver allows attackers to potentially crash the kernel or execute arbitrary code with kern...

A Linux kernel vulnerability in the ext4 filesystem where a maliciously crafted filesystem image triggers a kernel panic (BUG_ON) when an inode has th...

A buffer overflow vulnerability exists in the Linux kernel's framebuffer device driver (fbdev) in the do_register_framebuffer() function. This allows ...

This CVE describes a use-after-free vulnerability in the Linux kernel's pNFS block/scsi layout code where uninitialized pointers in the 'layoutupdate_...

This CVE describes a null pointer dereference vulnerability in the Linux kernel's w7090p DVB frontend driver. Attackers with local access can trigger ...

A null pointer dereference vulnerability in the Linux kernel's DVB frontend driver allows local attackers to crash the system or potentially execute a...

A null pointer dereference vulnerability in the Linux kernel's lpfc SCSI driver could cause kernel panic or system crash when specific error condition...

A NULL pointer dereference vulnerability in the Linux kernel's Enhanced Transmission Selection (ETS) queuing discipline allows local attackers to caus...

This vulnerability in the Linux kernel's fbdev subsystem allows a local user to trigger an out-of-bounds write in the fast_imageblit function when per...

A race condition vulnerability in the Linux kernel's comedi subsystem allows use-after-free when polling operations overlap with device detachment. Th...

A Linux kernel vulnerability in the Venus media driver allows out-of-bounds memory reads when processing firmware messages. This could lead to kernel ...

A race condition in the Linux kernel's page table dump functionality could allow concurrent memory hot removal operations to cause the kernel to acces...

This CVE-2025-38677 is an out-of-bounds memory access vulnerability in the Linux kernel's F2FS filesystem driver. It allows attackers with access to a...

This CVE addresses a use-after-free vulnerability in the Linux kernel's TLS implementation that could allow local attackers to escalate privileges or ...

This CVE describes a stack buffer overflow vulnerability in the AMD IOMMU driver of the Linux kernel. An attacker with control over the kernel command...

A race condition in the Linux kernel's Appletalk AARP proxy-probe routine allows a use-after-free vulnerability when an expire timer thread frees memo...

A NULL pointer dereference vulnerability in the Linux kernel's regulator subsystem can cause kernel panics when accessing regulator coupling data afte...

This Linux kernel vulnerability allows interrupt handlers to corrupt stack pointers during context switching, potentially leading to kernel panics and...

This CVE describes a null pointer dereference vulnerability in the Linux kernel's ice driver, which handles Intel Ethernet Connection network adapters...

A NULL pointer dereference vulnerability in the Linux kernel's CAN (Controller Area Network) subsystem allows local attackers to crash the kernel when...

A buffer overflow vulnerability in the Linux kernel's F2FS filesystem driver allows out-of-bounds memory access when mounting devices with paths exact...

A race condition vulnerability in the Linux kernel's HFS+ filesystem implementation where concurrent file operations can trigger a false warning about...

This CVE describes a vulnerability in the Linux kernel's WiFi subsystem where TDLS (Tunneled Direct Link Setup) operations could be triggered before a...

A NULL pointer dereference vulnerability in the Linux kernel's mlx5 network driver could cause kernel crashes when device memory allocation fails. Thi...

A NULL pointer dereference vulnerability exists in the Linux kernel's davinci_lpsc_clk_register() function when devm_kasprintf() fails to allocate mem...

This CVE describes a kernel memory corruption vulnerability in the Linux netfilter subsystem's xt_nfacct module. The vulnerability occurs when the mod...

This vulnerability in the Linux kernel's imxfb framebuffer driver could allow a local attacker to cause a kernel null pointer dereference, leading to ...

A kernel panic vulnerability in the Linux kernel's UDP processing allows remote attackers to crash affected systems by sending specially crafted UDP p...

A vulnerability in the Linux kernel's PowerNV PCI hotplug subsystem could cause system instability when PCI devices are unexpectedly removed. This aff...

A resource leak vulnerability in the Linux kernel's pnv_php driver causes kernel panic when unplugging PCIe bridge configurations. This affects Linux ...

A use-after-free vulnerability in the Linux kernel's vsock (virtual socket) subsystem allows local attackers to potentially escalate privileges or cra...

This CVE addresses a semi-unbounded recursion vulnerability in the Linux kernel's eventpoll (epoll) subsystem. Attackers could potentially cause kerne...