There are 2 open security issues in bullseye.
2 issues left for the package maintainer to handle:
- CVE-2021-45940:
(postponed; to be fixed through a stable update)
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (4 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).
- CVE-2021-45941:
(postponed; to be fixed through a stable update)
libbpf 0.6.0 and 0.6.1 has a heap-based buffer overflow (8 bytes) in __bpf_object__open (called from bpf_object__open_mem and bpf-object-fuzzer.c).
You can find information about how to handle these issues in the security team's documentation.