Vulnerabilities > Debian > Debian Linux
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-04-16 | CVE-2022-24806 | net-snmp provides various tools relating to the Simple Network Management Protocol. | 5.3 |
| 2024-04-16 | CVE-2022-24807 | Classic Buffer Overflow vulnerability in multiple products net-snmp provides various tools relating to the Simple Network Management Protocol. | 6.5 |
| 2024-04-16 | CVE-2022-24808 | NULL Pointer Dereference vulnerability in multiple products net-snmp provides various tools relating to the Simple Network Management Protocol. | 6.5 |
| 2024-04-16 | CVE-2022-24809 | NULL Pointer Dereference vulnerability in multiple products net-snmp provides various tools relating to the Simple Network Management Protocol. | 6.5 |
| 2024-04-16 | CVE-2022-24810 | NULL Pointer Dereference vulnerability in multiple products net-snmp provides various tools relating to the Simple Network Management Protocol. | 8.8 |
| 2024-04-13 | CVE-2024-26817 | Integer Overflow or Wraparound vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: amdkfd: use calloc instead of kzalloc to avoid integer overflow This uses calloc instead of doing the multiplication which might overflow. | 5.5 |
| 2024-04-10 | CVE-2024-26816 | Allocation of Resources Without Limits or Throttling vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: x86, relocs: Ignore relocations in .notes section When building with CONFIG_XEN_PV=y, .text symbols are emitted into the .notes section so that Xen can find the "startup_xen" entry point. This information is used prior to booting the kernel, so relocations are not useful. | 5.5 |
| 2024-04-05 | CVE-2024-26812 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Create persistent INTx handler A vulnerability exists where the eventfd for INTx signaling can be deconfigured, which unregisters the IRQ handler but still allows eventfds to be signaled with a NULL context through the SET_IRQS ioctl or through unmask irqfd if the device interrupt is pending. Ideally this could be solved with some additional locking; the igate mutex serializes the ioctl and config space accesses, and the interrupt handler is unregistered relative to the trigger, but the irqfd path runs asynchronous to those. | 5.5 |
| 2024-04-05 | CVE-2024-26814 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel, the following vulnerability has been resolved: vfio/fsl-mc: Block calling interrupt handler without trigger The eventfd_ctx trigger pointer of the vfio_fsl_mc_irq object is initially NULL and may become NULL if the user sets the trigger eventfd to -1. | 5.5 |
| 2024-04-05 | CVE-2024-27437 | In the Linux kernel, the following vulnerability has been resolved: vfio/pci: Disable auto-enable of exclusive INTx IRQ Currently for devices requiring masking at the irqchip for INTx, ie. devices without DisINTx support, the IRQ is enabled in request_irq() and subsequently disabled as necessary to align with the masked status flag. | 5.5 |