linux - Debian Package Tracker

general

source: linux (main)
version: 5.14.6-2
maintainer: Debian Kernel Team (archive) (DMD)
uploaders: maximilian attems [DMD] – Salvatore Bonaccorso [DMD] – Ben Hutchings [DMD] – Bastian Blank [DMD]
arch: all
std-ver: 4.2.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.9.228-1
o-o-sec: 4.9.272-2
o-o-bpo: 4.19.118-2+deb10u1~bpo9+1
oldstable: 4.19.194-1
old-sec: 4.19.194-3
old-bpo: 5.10.46-4~bpo10+1
old-upd: 4.19.194-2
old-p-u: 4.19.194-3
stable: 5.10.46-4
testing: 5.10.46-4
unstable: 5.14.6-2
exp: 5.14.3-1~exp1

versioned links

4.9.228-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.246-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.258-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.272-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.118-2+deb10u1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.171-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.181-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.194-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.194-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.194-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.46-2~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.46-4~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.46-4: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.13.12-1~exp1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.14.3-1~exp1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.14.6-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

acpi-modules-5.14.0-1-686-di
acpi-modules-5.14.0-1-686-pae-di
acpi-modules-5.14.0-1-amd64-di
affs-modules-5.14.0-1-4kc-malta-di
affs-modules-5.14.0-1-5kc-malta-di
affs-modules-5.14.0-1-loongson-3-di
affs-modules-5.14.0-1-m68k-di
affs-modules-5.14.0-1-octeon-di
affs-modules-5.14.0-1-powerpc-di
affs-modules-5.14.0-1-powerpc64-di
ata-modules-5.14.0-1-4kc-malta-di
ata-modules-5.14.0-1-5kc-malta-di
ata-modules-5.14.0-1-686-di
ata-modules-5.14.0-1-686-pae-di
ata-modules-5.14.0-1-alpha-generic-di
ata-modules-5.14.0-1-amd64-di
ata-modules-5.14.0-1-arm64-di
ata-modules-5.14.0-1-armmp-di
ata-modules-5.14.0-1-itanium-di
ata-modules-5.14.0-1-loongson-3-di
ata-modules-5.14.0-1-m68k-di
ata-modules-5.14.0-1-parisc-di
ata-modules-5.14.0-1-parisc64-di
ata-modules-5.14.0-1-powerpc-di
ata-modules-5.14.0-1-powerpc64-di
ata-modules-5.14.0-1-powerpc64le-di
ata-modules-5.14.0-1-riscv64-di
ata-modules-5.14.0-1-sparc64-di
bpftool (1 bugs: 0, 0, 1, 0)
btrfs-modules-5.14.0-1-4kc-malta-di
btrfs-modules-5.14.0-1-5kc-malta-di
btrfs-modules-5.14.0-1-686-di
btrfs-modules-5.14.0-1-686-pae-di
btrfs-modules-5.14.0-1-alpha-generic-di
btrfs-modules-5.14.0-1-amd64-di
btrfs-modules-5.14.0-1-arm64-di
btrfs-modules-5.14.0-1-armmp-di
btrfs-modules-5.14.0-1-itanium-di
btrfs-modules-5.14.0-1-loongson-3-di
btrfs-modules-5.14.0-1-m68k-di
btrfs-modules-5.14.0-1-marvell-di
btrfs-modules-5.14.0-1-mips32r6-di
btrfs-modules-5.14.0-1-mips32r6el-di
btrfs-modules-5.14.0-1-mips64r6-di
btrfs-modules-5.14.0-1-mips64r6el-di
btrfs-modules-5.14.0-1-octeon-di
btrfs-modules-5.14.0-1-parisc-di
btrfs-modules-5.14.0-1-parisc64-di
btrfs-modules-5.14.0-1-powerpc-di
btrfs-modules-5.14.0-1-powerpc64-di
btrfs-modules-5.14.0-1-powerpc64le-di
btrfs-modules-5.14.0-1-riscv64-di
btrfs-modules-5.14.0-1-s390x-di
btrfs-modules-5.14.0-1-sh7751r-di
btrfs-modules-5.14.0-1-sh7785lcr-di
btrfs-modules-5.14.0-1-sparc64-di
cdrom-core-modules-5.14.0-1-4kc-malta-di
cdrom-core-modules-5.14.0-1-5kc-malta-di
cdrom-core-modules-5.14.0-1-686-di
cdrom-core-modules-5.14.0-1-686-pae-di
cdrom-core-modules-5.14.0-1-alpha-generic-di
cdrom-core-modules-5.14.0-1-amd64-di
cdrom-core-modules-5.14.0-1-arm64-di
cdrom-core-modules-5.14.0-1-armmp-di
cdrom-core-modules-5.14.0-1-itanium-di
cdrom-core-modules-5.14.0-1-loongson-3-di
cdrom-core-modules-5.14.0-1-m68k-di
cdrom-core-modules-5.14.0-1-marvell-di
cdrom-core-modules-5.14.0-1-octeon-di
cdrom-core-modules-5.14.0-1-parisc-di
cdrom-core-modules-5.14.0-1-parisc64-di
cdrom-core-modules-5.14.0-1-powerpc-di
cdrom-core-modules-5.14.0-1-powerpc64-di
cdrom-core-modules-5.14.0-1-powerpc64le-di
cdrom-core-modules-5.14.0-1-riscv64-di
cdrom-core-modules-5.14.0-1-s390x-di
cdrom-core-modules-5.14.0-1-sh7751r-di
cdrom-core-modules-5.14.0-1-sh7785lcr-di
cdrom-core-modules-5.14.0-1-sparc64-di
crc-modules-5.14.0-1-4kc-malta-di
crc-modules-5.14.0-1-5kc-malta-di
crc-modules-5.14.0-1-686-di
crc-modules-5.14.0-1-686-pae-di
crc-modules-5.14.0-1-alpha-generic-di
crc-modules-5.14.0-1-amd64-di
crc-modules-5.14.0-1-arm64-di
crc-modules-5.14.0-1-armmp-di
crc-modules-5.14.0-1-itanium-di
crc-modules-5.14.0-1-loongson-3-di
crc-modules-5.14.0-1-m68k-di
crc-modules-5.14.0-1-marvell-di
crc-modules-5.14.0-1-mips32r6-di
crc-modules-5.14.0-1-mips32r6el-di
crc-modules-5.14.0-1-mips64r6-di
crc-modules-5.14.0-1-mips64r6el-di
crc-modules-5.14.0-1-octeon-di
crc-modules-5.14.0-1-parisc-di
crc-modules-5.14.0-1-parisc64-di
crc-modules-5.14.0-1-powerpc-di
crc-modules-5.14.0-1-powerpc64-di
crc-modules-5.14.0-1-powerpc64le-di
crc-modules-5.14.0-1-riscv64-di
crc-modules-5.14.0-1-s390x-di
crc-modules-5.14.0-1-sh7751r-di
crc-modules-5.14.0-1-sh7785lcr-di
crc-modules-5.14.0-1-sparc64-di
crypto-dm-modules-5.14.0-1-4kc-malta-di
crypto-dm-modules-5.14.0-1-5kc-malta-di
crypto-dm-modules-5.14.0-1-686-di
crypto-dm-modules-5.14.0-1-686-pae-di
crypto-dm-modules-5.14.0-1-alpha-generic-di
crypto-dm-modules-5.14.0-1-amd64-di
crypto-dm-modules-5.14.0-1-arm64-di
crypto-dm-modules-5.14.0-1-armmp-di
crypto-dm-modules-5.14.0-1-itanium-di
crypto-dm-modules-5.14.0-1-loongson-3-di
crypto-dm-modules-5.14.0-1-marvell-di
crypto-dm-modules-5.14.0-1-mips32r6-di
crypto-dm-modules-5.14.0-1-mips32r6el-di
crypto-dm-modules-5.14.0-1-mips64r6-di
crypto-dm-modules-5.14.0-1-mips64r6el-di
crypto-dm-modules-5.14.0-1-octeon-di
crypto-dm-modules-5.14.0-1-parisc-di
crypto-dm-modules-5.14.0-1-parisc64-di
crypto-dm-modules-5.14.0-1-powerpc-di
crypto-dm-modules-5.14.0-1-powerpc64-di
crypto-dm-modules-5.14.0-1-powerpc64le-di
crypto-dm-modules-5.14.0-1-riscv64-di
crypto-dm-modules-5.14.0-1-s390x-di
crypto-dm-modules-5.14.0-1-sh7751r-di
crypto-dm-modules-5.14.0-1-sh7785lcr-di
crypto-dm-modules-5.14.0-1-sparc64-di
crypto-modules-5.14.0-1-4kc-malta-di
crypto-modules-5.14.0-1-5kc-malta-di
crypto-modules-5.14.0-1-686-di
crypto-modules-5.14.0-1-686-pae-di
crypto-modules-5.14.0-1-alpha-generic-di
crypto-modules-5.14.0-1-amd64-di
crypto-modules-5.14.0-1-arm64-di
crypto-modules-5.14.0-1-armmp-di
crypto-modules-5.14.0-1-itanium-di
crypto-modules-5.14.0-1-loongson-3-di
crypto-modules-5.14.0-1-m68k-di
crypto-modules-5.14.0-1-marvell-di
crypto-modules-5.14.0-1-mips32r6-di
crypto-modules-5.14.0-1-mips32r6el-di
crypto-modules-5.14.0-1-mips64r6-di
crypto-modules-5.14.0-1-mips64r6el-di
crypto-modules-5.14.0-1-octeon-di
crypto-modules-5.14.0-1-parisc-di
crypto-modules-5.14.0-1-parisc64-di
crypto-modules-5.14.0-1-powerpc-di
crypto-modules-5.14.0-1-powerpc64-di
crypto-modules-5.14.0-1-powerpc64le-di
crypto-modules-5.14.0-1-riscv64-di
crypto-modules-5.14.0-1-s390x-di
crypto-modules-5.14.0-1-sh7751r-di
crypto-modules-5.14.0-1-sh7785lcr-di
crypto-modules-5.14.0-1-sparc64-di
dasd-extra-modules-5.14.0-1-s390x-di
dasd-modules-5.14.0-1-s390x-di
efi-modules-5.14.0-1-686-di
efi-modules-5.14.0-1-686-pae-di
efi-modules-5.14.0-1-amd64-di
efi-modules-5.14.0-1-arm64-di
efi-modules-5.14.0-1-armmp-di
event-modules-5.14.0-1-4kc-malta-di
event-modules-5.14.0-1-5kc-malta-di
event-modules-5.14.0-1-686-di
event-modules-5.14.0-1-686-pae-di
event-modules-5.14.0-1-alpha-generic-di
event-modules-5.14.0-1-amd64-di
event-modules-5.14.0-1-arm64-di
event-modules-5.14.0-1-armmp-di
event-modules-5.14.0-1-itanium-di
event-modules-5.14.0-1-loongson-3-di
event-modules-5.14.0-1-marvell-di
event-modules-5.14.0-1-octeon-di
event-modules-5.14.0-1-parisc-di
event-modules-5.14.0-1-parisc64-di
event-modules-5.14.0-1-powerpc-di
event-modules-5.14.0-1-powerpc64-di
event-modules-5.14.0-1-powerpc64le-di
event-modules-5.14.0-1-riscv64-di
ext4-modules-5.14.0-1-4kc-malta-di
ext4-modules-5.14.0-1-5kc-malta-di
ext4-modules-5.14.0-1-686-di
ext4-modules-5.14.0-1-686-pae-di
ext4-modules-5.14.0-1-alpha-generic-di
ext4-modules-5.14.0-1-amd64-di
ext4-modules-5.14.0-1-arm64-di
ext4-modules-5.14.0-1-armmp-di
ext4-modules-5.14.0-1-itanium-di
ext4-modules-5.14.0-1-loongson-3-di
ext4-modules-5.14.0-1-m68k-di
ext4-modules-5.14.0-1-marvell-di
ext4-modules-5.14.0-1-mips32r6-di
ext4-modules-5.14.0-1-mips32r6el-di
ext4-modules-5.14.0-1-mips64r6-di
ext4-modules-5.14.0-1-mips64r6el-di
ext4-modules-5.14.0-1-octeon-di
ext4-modules-5.14.0-1-parisc-di
ext4-modules-5.14.0-1-parisc64-di
ext4-modules-5.14.0-1-powerpc-di
ext4-modules-5.14.0-1-powerpc64-di
ext4-modules-5.14.0-1-powerpc64le-di
ext4-modules-5.14.0-1-riscv64-di
ext4-modules-5.14.0-1-s390x-di
ext4-modules-5.14.0-1-sh7751r-di
ext4-modules-5.14.0-1-sh7785lcr-di
ext4-modules-5.14.0-1-sparc64-di
f2fs-modules-5.14.0-1-4kc-malta-di
f2fs-modules-5.14.0-1-5kc-malta-di
f2fs-modules-5.14.0-1-686-di
f2fs-modules-5.14.0-1-686-pae-di
f2fs-modules-5.14.0-1-alpha-generic-di
f2fs-modules-5.14.0-1-amd64-di
f2fs-modules-5.14.0-1-arm64-di
f2fs-modules-5.14.0-1-armmp-di
f2fs-modules-5.14.0-1-itanium-di
f2fs-modules-5.14.0-1-loongson-3-di
f2fs-modules-5.14.0-1-marvell-di
f2fs-modules-5.14.0-1-mips32r6-di
f2fs-modules-5.14.0-1-mips32r6el-di
f2fs-modules-5.14.0-1-mips64r6-di
f2fs-modules-5.14.0-1-mips64r6el-di
f2fs-modules-5.14.0-1-octeon-di
f2fs-modules-5.14.0-1-parisc-di
f2fs-modules-5.14.0-1-parisc64-di
f2fs-modules-5.14.0-1-powerpc-di
f2fs-modules-5.14.0-1-powerpc64-di
f2fs-modules-5.14.0-1-powerpc64le-di
f2fs-modules-5.14.0-1-riscv64-di
f2fs-modules-5.14.0-1-s390x-di
f2fs-modules-5.14.0-1-sh7751r-di
f2fs-modules-5.14.0-1-sh7785lcr-di
f2fs-modules-5.14.0-1-sparc64-di
fancontrol-modules-5.14.0-1-powerpc64-di
fancontrol-modules-5.14.0-1-powerpc64le-di
fat-modules-5.14.0-1-4kc-malta-di
fat-modules-5.14.0-1-5kc-malta-di
fat-modules-5.14.0-1-686-di
fat-modules-5.14.0-1-686-pae-di
fat-modules-5.14.0-1-alpha-generic-di
fat-modules-5.14.0-1-amd64-di
fat-modules-5.14.0-1-arm64-di
fat-modules-5.14.0-1-armmp-di
fat-modules-5.14.0-1-itanium-di
fat-modules-5.14.0-1-loongson-3-di
fat-modules-5.14.0-1-m68k-di
fat-modules-5.14.0-1-marvell-di
fat-modules-5.14.0-1-octeon-di
fat-modules-5.14.0-1-parisc-di
fat-modules-5.14.0-1-parisc64-di
fat-modules-5.14.0-1-powerpc-di
fat-modules-5.14.0-1-powerpc64-di
fat-modules-5.14.0-1-powerpc64le-di
fat-modules-5.14.0-1-riscv64-di
fat-modules-5.14.0-1-s390x-di
fat-modules-5.14.0-1-sh7751r-di
fat-modules-5.14.0-1-sh7785lcr-di
fat-modules-5.14.0-1-sparc64-di
fb-modules-5.14.0-1-4kc-malta-di
fb-modules-5.14.0-1-5kc-malta-di
fb-modules-5.14.0-1-686-di
fb-modules-5.14.0-1-686-pae-di
fb-modules-5.14.0-1-alpha-generic-di
fb-modules-5.14.0-1-amd64-di
fb-modules-5.14.0-1-arm64-di
fb-modules-5.14.0-1-armmp-di
fb-modules-5.14.0-1-itanium-di
fb-modules-5.14.0-1-loongson-3-di
fb-modules-5.14.0-1-marvell-di
fb-modules-5.14.0-1-parisc64-di
fb-modules-5.14.0-1-powerpc-di
fb-modules-5.14.0-1-powerpc64-di
fb-modules-5.14.0-1-powerpc64le-di
fb-modules-5.14.0-1-riscv64-di
fb-modules-5.14.0-1-sparc64-di
firewire-core-modules-5.14.0-1-686-di
firewire-core-modules-5.14.0-1-686-pae-di
firewire-core-modules-5.14.0-1-amd64-di
firewire-core-modules-5.14.0-1-itanium-di
firewire-core-modules-5.14.0-1-loongson-3-di
firewire-core-modules-5.14.0-1-powerpc-di
firewire-core-modules-5.14.0-1-powerpc64-di
firewire-core-modules-5.14.0-1-powerpc64le-di
firewire-core-modules-5.14.0-1-sh7751r-di
firewire-core-modules-5.14.0-1-sh7785lcr-di
fuse-modules-5.14.0-1-4kc-malta-di
fuse-modules-5.14.0-1-5kc-malta-di
fuse-modules-5.14.0-1-686-di
fuse-modules-5.14.0-1-686-pae-di
fuse-modules-5.14.0-1-alpha-generic-di
fuse-modules-5.14.0-1-amd64-di
fuse-modules-5.14.0-1-arm64-di
fuse-modules-5.14.0-1-armmp-di
fuse-modules-5.14.0-1-itanium-di
fuse-modules-5.14.0-1-loongson-3-di
fuse-modules-5.14.0-1-m68k-di
fuse-modules-5.14.0-1-marvell-di
fuse-modules-5.14.0-1-mips32r6-di
fuse-modules-5.14.0-1-mips32r6el-di
fuse-modules-5.14.0-1-mips64r6-di
fuse-modules-5.14.0-1-mips64r6el-di
fuse-modules-5.14.0-1-octeon-di
fuse-modules-5.14.0-1-parisc-di
fuse-modules-5.14.0-1-parisc64-di
fuse-modules-5.14.0-1-powerpc-di
fuse-modules-5.14.0-1-powerpc64-di
fuse-modules-5.14.0-1-powerpc64le-di
fuse-modules-5.14.0-1-riscv64-di
fuse-modules-5.14.0-1-s390x-di
fuse-modules-5.14.0-1-sh7751r-di
fuse-modules-5.14.0-1-sh7785lcr-di
fuse-modules-5.14.0-1-sparc64-di
hfs-modules-5.14.0-1-m68k-di
hfs-modules-5.14.0-1-powerpc-di
hfs-modules-5.14.0-1-powerpc64-di
hyperv-daemons (1 bugs: 0, 1, 0, 0)
hypervisor-modules-5.14.0-1-powerpc64-di
hypervisor-modules-5.14.0-1-powerpc64le-di
i2c-modules-5.14.0-1-4kc-malta-di
i2c-modules-5.14.0-1-5kc-malta-di
i2c-modules-5.14.0-1-686-di
i2c-modules-5.14.0-1-686-pae-di
i2c-modules-5.14.0-1-alpha-generic-di
i2c-modules-5.14.0-1-amd64-di
i2c-modules-5.14.0-1-arm64-di
i2c-modules-5.14.0-1-armmp-di
i2c-modules-5.14.0-1-itanium-di
i2c-modules-5.14.0-1-powerpc64-di
i2c-modules-5.14.0-1-powerpc64le-di
i2c-modules-5.14.0-1-riscv64-di
i2c-modules-5.14.0-1-sh7751r-di
i2c-modules-5.14.0-1-sparc64-di
ide-core-modules-5.14.0-1-itanium-di
ide-core-modules-5.14.0-1-m68k-di
ide-modules-5.14.0-1-itanium-di
ide-modules-5.14.0-1-m68k-di
input-modules-5.14.0-1-4kc-malta-di
input-modules-5.14.0-1-5kc-malta-di
input-modules-5.14.0-1-686-di
input-modules-5.14.0-1-686-pae-di
input-modules-5.14.0-1-alpha-generic-di
input-modules-5.14.0-1-amd64-di
input-modules-5.14.0-1-arm64-di
input-modules-5.14.0-1-armmp-di
input-modules-5.14.0-1-itanium-di
input-modules-5.14.0-1-loongson-3-di
input-modules-5.14.0-1-marvell-di
input-modules-5.14.0-1-octeon-di
input-modules-5.14.0-1-parisc-di
input-modules-5.14.0-1-parisc64-di
input-modules-5.14.0-1-powerpc-di
input-modules-5.14.0-1-powerpc64-di
input-modules-5.14.0-1-powerpc64le-di
input-modules-5.14.0-1-riscv64-di
input-modules-5.14.0-1-sparc64-di
ipv6-modules-5.14.0-1-marvell-di
isofs-modules-5.14.0-1-4kc-malta-di
isofs-modules-5.14.0-1-5kc-malta-di
isofs-modules-5.14.0-1-686-di
isofs-modules-5.14.0-1-686-pae-di
isofs-modules-5.14.0-1-alpha-generic-di
isofs-modules-5.14.0-1-amd64-di
isofs-modules-5.14.0-1-arm64-di
isofs-modules-5.14.0-1-armmp-di
isofs-modules-5.14.0-1-itanium-di
isofs-modules-5.14.0-1-loongson-3-di
isofs-modules-5.14.0-1-m68k-di
isofs-modules-5.14.0-1-marvell-di
isofs-modules-5.14.0-1-mips32r6-di
isofs-modules-5.14.0-1-mips32r6el-di
isofs-modules-5.14.0-1-mips64r6-di
isofs-modules-5.14.0-1-mips64r6el-di
isofs-modules-5.14.0-1-octeon-di
isofs-modules-5.14.0-1-parisc-di
isofs-modules-5.14.0-1-parisc64-di
isofs-modules-5.14.0-1-powerpc-di
isofs-modules-5.14.0-1-powerpc64-di
isofs-modules-5.14.0-1-powerpc64le-di
isofs-modules-5.14.0-1-riscv64-di
isofs-modules-5.14.0-1-s390x-di
isofs-modules-5.14.0-1-sh7751r-di
isofs-modules-5.14.0-1-sh7785lcr-di
isofs-modules-5.14.0-1-sparc64-di
jffs2-modules-5.14.0-1-marvell-di
jfs-modules-5.14.0-1-4kc-malta-di
jfs-modules-5.14.0-1-5kc-malta-di
jfs-modules-5.14.0-1-686-di
jfs-modules-5.14.0-1-686-pae-di
jfs-modules-5.14.0-1-alpha-generic-di
jfs-modules-5.14.0-1-amd64-di
jfs-modules-5.14.0-1-arm64-di
jfs-modules-5.14.0-1-armmp-di
jfs-modules-5.14.0-1-itanium-di
jfs-modules-5.14.0-1-loongson-3-di
jfs-modules-5.14.0-1-marvell-di
jfs-modules-5.14.0-1-mips32r6-di
jfs-modules-5.14.0-1-mips32r6el-di
jfs-modules-5.14.0-1-mips64r6-di
jfs-modules-5.14.0-1-mips64r6el-di
jfs-modules-5.14.0-1-octeon-di
jfs-modules-5.14.0-1-parisc-di
jfs-modules-5.14.0-1-parisc64-di
jfs-modules-5.14.0-1-powerpc-di
jfs-modules-5.14.0-1-powerpc64-di
jfs-modules-5.14.0-1-powerpc64le-di
jfs-modules-5.14.0-1-riscv64-di
jfs-modules-5.14.0-1-sh7751r-di
jfs-modules-5.14.0-1-sh7785lcr-di
jfs-modules-5.14.0-1-sparc64-di
kernel-image-5.14.0-1-4kc-malta-di
kernel-image-5.14.0-1-5kc-malta-di
kernel-image-5.14.0-1-686-di
kernel-image-5.14.0-1-686-pae-di
kernel-image-5.14.0-1-alpha-generic-di
kernel-image-5.14.0-1-amd64-di
kernel-image-5.14.0-1-arm64-di
kernel-image-5.14.0-1-armmp-di
kernel-image-5.14.0-1-itanium-di
kernel-image-5.14.0-1-loongson-3-di
kernel-image-5.14.0-1-m68k-di
kernel-image-5.14.0-1-marvell-di
kernel-image-5.14.0-1-mips32r6-di
kernel-image-5.14.0-1-mips32r6el-di
kernel-image-5.14.0-1-mips64r6-di
kernel-image-5.14.0-1-mips64r6el-di
kernel-image-5.14.0-1-octeon-di
kernel-image-5.14.0-1-parisc-di
kernel-image-5.14.0-1-parisc64-di
kernel-image-5.14.0-1-powerpc-di
kernel-image-5.14.0-1-powerpc64-di
kernel-image-5.14.0-1-powerpc64le-di
kernel-image-5.14.0-1-riscv64-di
kernel-image-5.14.0-1-s390x-di
kernel-image-5.14.0-1-sh7751r-di
kernel-image-5.14.0-1-sh7785lcr-di
kernel-image-5.14.0-1-sparc64-di
leds-modules-5.14.0-1-arm64-di
leds-modules-5.14.0-1-armmp-di
leds-modules-5.14.0-1-marvell-di
libcpupower-dev
libcpupower1
linux-bootwrapper-5.14.0-1
linux-compiler-gcc-10-arm
linux-compiler-gcc-10-s390
linux-compiler-gcc-10-x86
linux-config-5.14
linux-cpupower (2 bugs: 0, 1, 1, 0)
linux-doc
linux-doc-5.14
linux-headers-4kc-malta
linux-headers-5.14.0-1-4kc-malta
linux-headers-5.14.0-1-5kc-malta
linux-headers-5.14.0-1-686
linux-headers-5.14.0-1-686-pae
linux-headers-5.14.0-1-alpha-generic
linux-headers-5.14.0-1-alpha-smp
linux-headers-5.14.0-1-amd64
linux-headers-5.14.0-1-arm64
linux-headers-5.14.0-1-armmp
linux-headers-5.14.0-1-armmp-lpae
linux-headers-5.14.0-1-cloud-amd64
linux-headers-5.14.0-1-cloud-arm64
linux-headers-5.14.0-1-common
linux-headers-5.14.0-1-itanium
linux-headers-5.14.0-1-loongson-3
linux-headers-5.14.0-1-m68k
linux-headers-5.14.0-1-marvell
linux-headers-5.14.0-1-mckinley
linux-headers-5.14.0-1-mips32r6
linux-headers-5.14.0-1-mips32r6el
linux-headers-5.14.0-1-mips64r6
linux-headers-5.14.0-1-mips64r6el
linux-headers-5.14.0-1-octeon
linux-headers-5.14.0-1-parisc
linux-headers-5.14.0-1-parisc64
linux-headers-5.14.0-1-powerpc
linux-headers-5.14.0-1-powerpc-smp
linux-headers-5.14.0-1-powerpc64
linux-headers-5.14.0-1-powerpc64le
linux-headers-5.14.0-1-riscv64
linux-headers-5.14.0-1-rpi
linux-headers-5.14.0-1-s390x
linux-headers-5.14.0-1-sh7751r
linux-headers-5.14.0-1-sh7785lcr
linux-headers-5.14.0-1-sparc64
linux-headers-5.14.0-1-sparc64-smp
linux-headers-5kc-malta
linux-headers-alpha-generic
linux-headers-alpha-smp
linux-headers-armmp
linux-headers-armmp-lpae
linux-headers-itanium
linux-headers-loongson-3
linux-headers-m68k
linux-headers-marvell
linux-headers-mckinley
linux-headers-mips32r6
linux-headers-mips32r6el
linux-headers-mips64r6
linux-headers-mips64r6el
linux-headers-octeon
linux-headers-parisc
linux-headers-parisc64
linux-headers-powerpc
linux-headers-powerpc-smp
linux-headers-powerpc64
linux-headers-powerpc64le
linux-headers-riscv64
linux-headers-rpi
linux-headers-s390x
linux-headers-sh7751r
linux-headers-sh7785lcr
linux-headers-sparc64
linux-headers-sparc64-smp
linux-image-4kc-malta
linux-image-4kc-malta-dbg
linux-image-5.14.0-1-4kc-malta
linux-image-5.14.0-1-4kc-malta-dbg
linux-image-5.14.0-1-5kc-malta
linux-image-5.14.0-1-5kc-malta-dbg
linux-image-5.14.0-1-686-dbg
linux-image-5.14.0-1-686-pae-dbg
linux-image-5.14.0-1-686-pae-unsigned
linux-image-5.14.0-1-686-unsigned
linux-image-5.14.0-1-alpha-generic
linux-image-5.14.0-1-alpha-generic-dbg
linux-image-5.14.0-1-alpha-smp
linux-image-5.14.0-1-alpha-smp-dbg
linux-image-5.14.0-1-amd64-dbg
linux-image-5.14.0-1-amd64-unsigned
linux-image-5.14.0-1-arm64-dbg
linux-image-5.14.0-1-arm64-unsigned
linux-image-5.14.0-1-armmp
linux-image-5.14.0-1-armmp-dbg
linux-image-5.14.0-1-armmp-lpae
linux-image-5.14.0-1-armmp-lpae-dbg
linux-image-5.14.0-1-cloud-amd64-dbg
linux-image-5.14.0-1-cloud-amd64-unsigned
linux-image-5.14.0-1-cloud-arm64-dbg
linux-image-5.14.0-1-cloud-arm64-unsigned
linux-image-5.14.0-1-itanium
linux-image-5.14.0-1-itanium-dbg
linux-image-5.14.0-1-loongson-3
linux-image-5.14.0-1-loongson-3-dbg
linux-image-5.14.0-1-m68k
linux-image-5.14.0-1-m68k-dbg
linux-image-5.14.0-1-marvell
linux-image-5.14.0-1-marvell-dbg
linux-image-5.14.0-1-mckinley
linux-image-5.14.0-1-mckinley-dbg
linux-image-5.14.0-1-mips32r6
linux-image-5.14.0-1-mips32r6-dbg
linux-image-5.14.0-1-mips32r6el
linux-image-5.14.0-1-mips32r6el-dbg
linux-image-5.14.0-1-mips64r6
linux-image-5.14.0-1-mips64r6-dbg
linux-image-5.14.0-1-mips64r6el
linux-image-5.14.0-1-mips64r6el-dbg
linux-image-5.14.0-1-octeon
linux-image-5.14.0-1-octeon-dbg
linux-image-5.14.0-1-parisc
linux-image-5.14.0-1-parisc64
linux-image-5.14.0-1-powerpc
linux-image-5.14.0-1-powerpc-dbg
linux-image-5.14.0-1-powerpc-smp
linux-image-5.14.0-1-powerpc-smp-dbg
linux-image-5.14.0-1-powerpc64
linux-image-5.14.0-1-powerpc64-dbg
linux-image-5.14.0-1-powerpc64le
linux-image-5.14.0-1-powerpc64le-dbg
linux-image-5.14.0-1-riscv64
linux-image-5.14.0-1-riscv64-dbg
linux-image-5.14.0-1-rpi
linux-image-5.14.0-1-rpi-dbg
linux-image-5.14.0-1-s390x
linux-image-5.14.0-1-s390x-dbg
linux-image-5.14.0-1-sh7751r
linux-image-5.14.0-1-sh7751r-dbg
linux-image-5.14.0-1-sh7785lcr
linux-image-5.14.0-1-sh7785lcr-dbg
linux-image-5.14.0-1-sparc64
linux-image-5.14.0-1-sparc64-dbg
linux-image-5.14.0-1-sparc64-smp
linux-image-5.14.0-1-sparc64-smp-dbg
linux-image-5kc-malta
linux-image-5kc-malta-dbg
linux-image-686-dbg
linux-image-686-pae-dbg
linux-image-alpha-generic
linux-image-alpha-generic-dbg
linux-image-alpha-smp
linux-image-alpha-smp-dbg
linux-image-amd64-dbg
linux-image-amd64-signed-template
linux-image-arm64-dbg
linux-image-arm64-signed-template
linux-image-armmp (1 bugs: 0, 1, 0, 0)
linux-image-armmp-dbg
linux-image-armmp-lpae
linux-image-armmp-lpae-dbg
linux-image-cloud-amd64-dbg
linux-image-cloud-arm64-dbg
linux-image-i386-signed-template
linux-image-itanium
linux-image-itanium-dbg
linux-image-loongson-3
linux-image-loongson-3-dbg
linux-image-m68k
linux-image-m68k-dbg
linux-image-marvell
linux-image-marvell-dbg
linux-image-mckinley
linux-image-mckinley-dbg
linux-image-mips32r6
linux-image-mips32r6-dbg
linux-image-mips32r6el
linux-image-mips32r6el-dbg
linux-image-mips64r6
linux-image-mips64r6-dbg
linux-image-mips64r6el
linux-image-mips64r6el-dbg
linux-image-octeon
linux-image-octeon-dbg
linux-image-parisc
linux-image-parisc-smp
linux-image-parisc64
linux-image-parisc64-smp
linux-image-powerpc
linux-image-powerpc-dbg
linux-image-powerpc-smp
linux-image-powerpc-smp-dbg
linux-image-powerpc64
linux-image-powerpc64-dbg
linux-image-powerpc64le
linux-image-powerpc64le-dbg
linux-image-riscv64
linux-image-riscv64-dbg
linux-image-rpi
linux-image-rpi-dbg
linux-image-s390x
linux-image-s390x-dbg
linux-image-sh7751r
linux-image-sh7751r-dbg
linux-image-sh7785lcr
linux-image-sh7785lcr-dbg
linux-image-sparc64
linux-image-sparc64-dbg
linux-image-sparc64-smp
linux-image-sparc64-smp-dbg
linux-kbuild-5.14
linux-libc-dev (7 bugs: 0, 3, 4, 0)
linux-perf
linux-perf-5.14
linux-source (1 bugs: 0, 1, 0, 0)
linux-source-5.14
linux-support-5.14.0-1
loop-modules-5.14.0-1-4kc-malta-di
loop-modules-5.14.0-1-5kc-malta-di
loop-modules-5.14.0-1-686-di
loop-modules-5.14.0-1-686-pae-di
loop-modules-5.14.0-1-alpha-generic-di
loop-modules-5.14.0-1-amd64-di
loop-modules-5.14.0-1-arm64-di
loop-modules-5.14.0-1-armmp-di
loop-modules-5.14.0-1-itanium-di
loop-modules-5.14.0-1-loongson-3-di
loop-modules-5.14.0-1-m68k-di
loop-modules-5.14.0-1-marvell-di
loop-modules-5.14.0-1-mips32r6-di
loop-modules-5.14.0-1-mips32r6el-di
loop-modules-5.14.0-1-mips64r6-di
loop-modules-5.14.0-1-mips64r6el-di
loop-modules-5.14.0-1-octeon-di
loop-modules-5.14.0-1-parisc-di
loop-modules-5.14.0-1-parisc64-di
loop-modules-5.14.0-1-powerpc-di
loop-modules-5.14.0-1-powerpc64-di
loop-modules-5.14.0-1-powerpc64le-di
loop-modules-5.14.0-1-riscv64-di
loop-modules-5.14.0-1-s390x-di
loop-modules-5.14.0-1-sh7751r-di
loop-modules-5.14.0-1-sh7785lcr-di
md-modules-5.14.0-1-4kc-malta-di
md-modules-5.14.0-1-5kc-malta-di
md-modules-5.14.0-1-686-di
md-modules-5.14.0-1-686-pae-di
md-modules-5.14.0-1-alpha-generic-di
md-modules-5.14.0-1-amd64-di
md-modules-5.14.0-1-arm64-di
md-modules-5.14.0-1-armmp-di
md-modules-5.14.0-1-itanium-di
md-modules-5.14.0-1-loongson-3-di
md-modules-5.14.0-1-m68k-di
md-modules-5.14.0-1-marvell-di
md-modules-5.14.0-1-mips32r6-di
md-modules-5.14.0-1-mips32r6el-di
md-modules-5.14.0-1-mips64r6-di
md-modules-5.14.0-1-mips64r6el-di
md-modules-5.14.0-1-octeon-di
md-modules-5.14.0-1-parisc-di
md-modules-5.14.0-1-parisc64-di
md-modules-5.14.0-1-powerpc-di
md-modules-5.14.0-1-powerpc64-di
md-modules-5.14.0-1-powerpc64le-di
md-modules-5.14.0-1-riscv64-di
md-modules-5.14.0-1-s390x-di
md-modules-5.14.0-1-sh7751r-di
md-modules-5.14.0-1-sh7785lcr-di
md-modules-5.14.0-1-sparc64-di
minix-modules-5.14.0-1-4kc-malta-di
minix-modules-5.14.0-1-5kc-malta-di
minix-modules-5.14.0-1-loongson-3-di
minix-modules-5.14.0-1-marvell-di
minix-modules-5.14.0-1-octeon-di
minix-modules-5.14.0-1-sh7751r-di
minix-modules-5.14.0-1-sh7785lcr-di
mmc-core-modules-5.14.0-1-4kc-malta-di
mmc-core-modules-5.14.0-1-5kc-malta-di
mmc-core-modules-5.14.0-1-686-di
mmc-core-modules-5.14.0-1-686-pae-di
mmc-core-modules-5.14.0-1-amd64-di
mmc-core-modules-5.14.0-1-marvell-di
mmc-core-modules-5.14.0-1-powerpc-di
mmc-core-modules-5.14.0-1-powerpc64-di
mmc-core-modules-5.14.0-1-riscv64-di
mmc-modules-5.14.0-1-4kc-malta-di
mmc-modules-5.14.0-1-5kc-malta-di
mmc-modules-5.14.0-1-686-di
mmc-modules-5.14.0-1-686-pae-di
mmc-modules-5.14.0-1-amd64-di
mmc-modules-5.14.0-1-arm64-di
mmc-modules-5.14.0-1-armmp-di
mmc-modules-5.14.0-1-marvell-di
mmc-modules-5.14.0-1-riscv64-di
mouse-modules-5.14.0-1-4kc-malta-di
mouse-modules-5.14.0-1-5kc-malta-di
mouse-modules-5.14.0-1-686-di
mouse-modules-5.14.0-1-686-pae-di
mouse-modules-5.14.0-1-alpha-generic-di
mouse-modules-5.14.0-1-amd64-di
mouse-modules-5.14.0-1-itanium-di
mouse-modules-5.14.0-1-marvell-di
mouse-modules-5.14.0-1-parisc-di
mouse-modules-5.14.0-1-parisc64-di
mouse-modules-5.14.0-1-powerpc-di
mouse-modules-5.14.0-1-powerpc64-di
mouse-modules-5.14.0-1-powerpc64le-di
mtd-core-modules-5.14.0-1-4kc-malta-di
mtd-core-modules-5.14.0-1-5kc-malta-di
mtd-core-modules-5.14.0-1-686-di
mtd-core-modules-5.14.0-1-686-pae-di
mtd-core-modules-5.14.0-1-amd64-di
mtd-core-modules-5.14.0-1-arm64-di
mtd-core-modules-5.14.0-1-itanium-di
mtd-core-modules-5.14.0-1-loongson-3-di
mtd-core-modules-5.14.0-1-marvell-di
mtd-core-modules-5.14.0-1-powerpc64-di
mtd-core-modules-5.14.0-1-powerpc64le-di
mtd-core-modules-5.14.0-1-riscv64-di
mtd-core-modules-5.14.0-1-s390x-di
mtd-modules-5.14.0-1-armmp-di
mtd-modules-5.14.0-1-marvell-di
mtd-modules-5.14.0-1-riscv64-di
multipath-modules-5.14.0-1-4kc-malta-di
multipath-modules-5.14.0-1-5kc-malta-di
multipath-modules-5.14.0-1-686-di
multipath-modules-5.14.0-1-686-pae-di
multipath-modules-5.14.0-1-alpha-generic-di
multipath-modules-5.14.0-1-amd64-di
multipath-modules-5.14.0-1-arm64-di
multipath-modules-5.14.0-1-armmp-di
multipath-modules-5.14.0-1-itanium-di
multipath-modules-5.14.0-1-loongson-3-di
multipath-modules-5.14.0-1-marvell-di
multipath-modules-5.14.0-1-mips32r6-di
multipath-modules-5.14.0-1-mips32r6el-di
multipath-modules-5.14.0-1-mips64r6-di
multipath-modules-5.14.0-1-mips64r6el-di
multipath-modules-5.14.0-1-octeon-di
multipath-modules-5.14.0-1-parisc-di
multipath-modules-5.14.0-1-parisc64-di
multipath-modules-5.14.0-1-powerpc-di
multipath-modules-5.14.0-1-powerpc64-di
multipath-modules-5.14.0-1-powerpc64le-di
multipath-modules-5.14.0-1-riscv64-di
multipath-modules-5.14.0-1-s390x-di
multipath-modules-5.14.0-1-sh7751r-di
multipath-modules-5.14.0-1-sh7785lcr-di
multipath-modules-5.14.0-1-sparc64-di
nbd-modules-5.14.0-1-4kc-malta-di
nbd-modules-5.14.0-1-5kc-malta-di
nbd-modules-5.14.0-1-686-di
nbd-modules-5.14.0-1-686-pae-di
nbd-modules-5.14.0-1-alpha-generic-di
nbd-modules-5.14.0-1-amd64-di
nbd-modules-5.14.0-1-arm64-di
nbd-modules-5.14.0-1-armmp-di
nbd-modules-5.14.0-1-itanium-di
nbd-modules-5.14.0-1-loongson-3-di
nbd-modules-5.14.0-1-m68k-di
nbd-modules-5.14.0-1-marvell-di
nbd-modules-5.14.0-1-mips32r6-di
nbd-modules-5.14.0-1-mips32r6el-di
nbd-modules-5.14.0-1-mips64r6-di
nbd-modules-5.14.0-1-mips64r6el-di
nbd-modules-5.14.0-1-octeon-di
nbd-modules-5.14.0-1-parisc-di
nbd-modules-5.14.0-1-parisc64-di
nbd-modules-5.14.0-1-powerpc-di
nbd-modules-5.14.0-1-powerpc64-di
nbd-modules-5.14.0-1-powerpc64le-di
nbd-modules-5.14.0-1-riscv64-di
nbd-modules-5.14.0-1-s390x-di
nbd-modules-5.14.0-1-sh7751r-di
nbd-modules-5.14.0-1-sh7785lcr-di
nbd-modules-5.14.0-1-sparc64-di
nfs-modules-5.14.0-1-loongson-3-di
nic-modules-5.14.0-1-4kc-malta-di
nic-modules-5.14.0-1-5kc-malta-di
nic-modules-5.14.0-1-686-di
nic-modules-5.14.0-1-686-pae-di
nic-modules-5.14.0-1-alpha-generic-di
nic-modules-5.14.0-1-amd64-di
nic-modules-5.14.0-1-arm64-di
nic-modules-5.14.0-1-armmp-di
nic-modules-5.14.0-1-itanium-di
nic-modules-5.14.0-1-loongson-3-di
nic-modules-5.14.0-1-m68k-di
nic-modules-5.14.0-1-marvell-di
nic-modules-5.14.0-1-octeon-di
nic-modules-5.14.0-1-parisc-di
nic-modules-5.14.0-1-parisc64-di
nic-modules-5.14.0-1-powerpc-di
nic-modules-5.14.0-1-powerpc64-di
nic-modules-5.14.0-1-powerpc64le-di
nic-modules-5.14.0-1-riscv64-di
nic-modules-5.14.0-1-s390x-di
nic-modules-5.14.0-1-sh7751r-di
nic-modules-5.14.0-1-sh7785lcr-di
nic-modules-5.14.0-1-sparc64-di
nic-pcmcia-modules-5.14.0-1-686-di
nic-pcmcia-modules-5.14.0-1-686-pae-di
nic-pcmcia-modules-5.14.0-1-alpha-generic-di
nic-pcmcia-modules-5.14.0-1-amd64-di
nic-pcmcia-modules-5.14.0-1-powerpc-di
nic-pcmcia-modules-5.14.0-1-powerpc64-di
nic-shared-modules-5.14.0-1-4kc-malta-di
nic-shared-modules-5.14.0-1-5kc-malta-di
nic-shared-modules-5.14.0-1-686-di
nic-shared-modules-5.14.0-1-686-pae-di
nic-shared-modules-5.14.0-1-alpha-generic-di
nic-shared-modules-5.14.0-1-amd64-di
nic-shared-modules-5.14.0-1-arm64-di
nic-shared-modules-5.14.0-1-armmp-di
nic-shared-modules-5.14.0-1-itanium-di
nic-shared-modules-5.14.0-1-loongson-3-di
nic-shared-modules-5.14.0-1-m68k-di
nic-shared-modules-5.14.0-1-marvell-di
nic-shared-modules-5.14.0-1-mips32r6-di
nic-shared-modules-5.14.0-1-mips32r6el-di
nic-shared-modules-5.14.0-1-mips64r6-di
nic-shared-modules-5.14.0-1-mips64r6el-di
nic-shared-modules-5.14.0-1-octeon-di
nic-shared-modules-5.14.0-1-parisc-di
nic-shared-modules-5.14.0-1-parisc64-di
nic-shared-modules-5.14.0-1-powerpc-di
nic-shared-modules-5.14.0-1-powerpc64-di
nic-shared-modules-5.14.0-1-powerpc64le-di
nic-shared-modules-5.14.0-1-riscv64-di
nic-shared-modules-5.14.0-1-sh7751r-di
nic-shared-modules-5.14.0-1-sh7785lcr-di
nic-shared-modules-5.14.0-1-sparc64-di
nic-usb-modules-5.14.0-1-4kc-malta-di
nic-usb-modules-5.14.0-1-5kc-malta-di
nic-usb-modules-5.14.0-1-686-di
nic-usb-modules-5.14.0-1-686-pae-di
nic-usb-modules-5.14.0-1-alpha-generic-di
nic-usb-modules-5.14.0-1-amd64-di
nic-usb-modules-5.14.0-1-arm64-di
nic-usb-modules-5.14.0-1-armmp-di
nic-usb-modules-5.14.0-1-itanium-di
nic-usb-modules-5.14.0-1-loongson-3-di
nic-usb-modules-5.14.0-1-marvell-di
nic-usb-modules-5.14.0-1-octeon-di
nic-usb-modules-5.14.0-1-parisc-di
nic-usb-modules-5.14.0-1-parisc64-di
nic-usb-modules-5.14.0-1-powerpc-di
nic-usb-modules-5.14.0-1-powerpc64-di
nic-usb-modules-5.14.0-1-powerpc64le-di
nic-usb-modules-5.14.0-1-riscv64-di
nic-usb-modules-5.14.0-1-sh7751r-di
nic-usb-modules-5.14.0-1-sh7785lcr-di
nic-usb-modules-5.14.0-1-sparc64-di
nic-wireless-modules-5.14.0-1-4kc-malta-di
nic-wireless-modules-5.14.0-1-5kc-malta-di
nic-wireless-modules-5.14.0-1-686-di
nic-wireless-modules-5.14.0-1-686-pae-di
nic-wireless-modules-5.14.0-1-alpha-generic-di
nic-wireless-modules-5.14.0-1-amd64-di
nic-wireless-modules-5.14.0-1-arm64-di
nic-wireless-modules-5.14.0-1-armmp-di
nic-wireless-modules-5.14.0-1-loongson-3-di
nic-wireless-modules-5.14.0-1-octeon-di
nic-wireless-modules-5.14.0-1-powerpc-di
nic-wireless-modules-5.14.0-1-powerpc64-di
nic-wireless-modules-5.14.0-1-powerpc64le-di
nic-wireless-modules-5.14.0-1-riscv64-di
pata-modules-5.14.0-1-4kc-malta-di
pata-modules-5.14.0-1-5kc-malta-di
pata-modules-5.14.0-1-686-di
pata-modules-5.14.0-1-686-pae-di
pata-modules-5.14.0-1-alpha-generic-di
pata-modules-5.14.0-1-amd64-di
pata-modules-5.14.0-1-armmp-di
pata-modules-5.14.0-1-itanium-di
pata-modules-5.14.0-1-loongson-3-di
pata-modules-5.14.0-1-m68k-di
pata-modules-5.14.0-1-octeon-di
pata-modules-5.14.0-1-parisc-di
pata-modules-5.14.0-1-parisc64-di
pata-modules-5.14.0-1-powerpc-di
pata-modules-5.14.0-1-powerpc64-di
pata-modules-5.14.0-1-riscv64-di
pata-modules-5.14.0-1-sh7751r-di
pata-modules-5.14.0-1-sh7785lcr-di
pata-modules-5.14.0-1-sparc64-di
pcmcia-modules-5.14.0-1-686-di
pcmcia-modules-5.14.0-1-686-pae-di
pcmcia-modules-5.14.0-1-alpha-generic-di
pcmcia-modules-5.14.0-1-amd64-di
pcmcia-modules-5.14.0-1-itanium-di
pcmcia-modules-5.14.0-1-powerpc-di
pcmcia-modules-5.14.0-1-powerpc64-di
pcmcia-storage-modules-5.14.0-1-686-di
pcmcia-storage-modules-5.14.0-1-686-pae-di
pcmcia-storage-modules-5.14.0-1-amd64-di
pcmcia-storage-modules-5.14.0-1-powerpc-di
pcmcia-storage-modules-5.14.0-1-powerpc64-di
ppp-modules-5.14.0-1-4kc-malta-di
ppp-modules-5.14.0-1-5kc-malta-di
ppp-modules-5.14.0-1-686-di
ppp-modules-5.14.0-1-686-pae-di
ppp-modules-5.14.0-1-alpha-generic-di
ppp-modules-5.14.0-1-amd64-di
ppp-modules-5.14.0-1-arm64-di
ppp-modules-5.14.0-1-armmp-di
ppp-modules-5.14.0-1-itanium-di
ppp-modules-5.14.0-1-loongson-3-di
ppp-modules-5.14.0-1-m68k-di
ppp-modules-5.14.0-1-marvell-di
ppp-modules-5.14.0-1-octeon-di
ppp-modules-5.14.0-1-parisc-di
ppp-modules-5.14.0-1-parisc64-di
ppp-modules-5.14.0-1-powerpc-di
ppp-modules-5.14.0-1-powerpc64-di
ppp-modules-5.14.0-1-powerpc64le-di
ppp-modules-5.14.0-1-riscv64-di
ppp-modules-5.14.0-1-sh7751r-di
ppp-modules-5.14.0-1-sh7785lcr-di
ppp-modules-5.14.0-1-sparc64-di
rfkill-modules-5.14.0-1-686-di
rfkill-modules-5.14.0-1-686-pae-di
rfkill-modules-5.14.0-1-amd64-di
rtc-modules-5.14.0-1-octeon-di
sata-modules-5.14.0-1-4kc-malta-di
sata-modules-5.14.0-1-5kc-malta-di
sata-modules-5.14.0-1-686-di
sata-modules-5.14.0-1-686-pae-di
sata-modules-5.14.0-1-alpha-generic-di
sata-modules-5.14.0-1-amd64-di
sata-modules-5.14.0-1-arm64-di
sata-modules-5.14.0-1-armmp-di
sata-modules-5.14.0-1-itanium-di
sata-modules-5.14.0-1-loongson-3-di
sata-modules-5.14.0-1-marvell-di
sata-modules-5.14.0-1-octeon-di
sata-modules-5.14.0-1-parisc-di
sata-modules-5.14.0-1-parisc64-di
sata-modules-5.14.0-1-powerpc-di
sata-modules-5.14.0-1-powerpc64-di
sata-modules-5.14.0-1-powerpc64le-di
sata-modules-5.14.0-1-riscv64-di
sata-modules-5.14.0-1-sh7751r-di
sata-modules-5.14.0-1-sh7785lcr-di
sata-modules-5.14.0-1-sparc64-di
scsi-core-modules-5.14.0-1-4kc-malta-di
scsi-core-modules-5.14.0-1-5kc-malta-di
scsi-core-modules-5.14.0-1-686-di
scsi-core-modules-5.14.0-1-686-pae-di
scsi-core-modules-5.14.0-1-alpha-generic-di
scsi-core-modules-5.14.0-1-amd64-di
scsi-core-modules-5.14.0-1-arm64-di
scsi-core-modules-5.14.0-1-armmp-di
scsi-core-modules-5.14.0-1-itanium-di
scsi-core-modules-5.14.0-1-loongson-3-di
scsi-core-modules-5.14.0-1-m68k-di
scsi-core-modules-5.14.0-1-marvell-di
scsi-core-modules-5.14.0-1-octeon-di
scsi-core-modules-5.14.0-1-parisc-di
scsi-core-modules-5.14.0-1-parisc64-di
scsi-core-modules-5.14.0-1-powerpc-di
scsi-core-modules-5.14.0-1-powerpc64-di
scsi-core-modules-5.14.0-1-powerpc64le-di
scsi-core-modules-5.14.0-1-riscv64-di
scsi-core-modules-5.14.0-1-s390x-di
scsi-core-modules-5.14.0-1-sparc64-di
scsi-modules-5.14.0-1-4kc-malta-di
scsi-modules-5.14.0-1-5kc-malta-di
scsi-modules-5.14.0-1-686-di
scsi-modules-5.14.0-1-686-pae-di
scsi-modules-5.14.0-1-alpha-generic-di
scsi-modules-5.14.0-1-amd64-di
scsi-modules-5.14.0-1-arm64-di
scsi-modules-5.14.0-1-armmp-di
scsi-modules-5.14.0-1-itanium-di
scsi-modules-5.14.0-1-loongson-3-di
scsi-modules-5.14.0-1-m68k-di
scsi-modules-5.14.0-1-octeon-di
scsi-modules-5.14.0-1-parisc-di
scsi-modules-5.14.0-1-parisc64-di
scsi-modules-5.14.0-1-powerpc-di
scsi-modules-5.14.0-1-powerpc64-di
scsi-modules-5.14.0-1-powerpc64le-di
scsi-modules-5.14.0-1-riscv64-di
scsi-modules-5.14.0-1-s390x-di
scsi-modules-5.14.0-1-sparc64-di
scsi-nic-modules-5.14.0-1-4kc-malta-di
scsi-nic-modules-5.14.0-1-5kc-malta-di
scsi-nic-modules-5.14.0-1-686-di
scsi-nic-modules-5.14.0-1-686-pae-di
scsi-nic-modules-5.14.0-1-alpha-generic-di
scsi-nic-modules-5.14.0-1-amd64-di
scsi-nic-modules-5.14.0-1-arm64-di
scsi-nic-modules-5.14.0-1-armmp-di
scsi-nic-modules-5.14.0-1-itanium-di
scsi-nic-modules-5.14.0-1-loongson-3-di
scsi-nic-modules-5.14.0-1-octeon-di
scsi-nic-modules-5.14.0-1-powerpc-di
scsi-nic-modules-5.14.0-1-powerpc64-di
scsi-nic-modules-5.14.0-1-powerpc64le-di
scsi-nic-modules-5.14.0-1-riscv64-di
serial-modules-5.14.0-1-686-di
serial-modules-5.14.0-1-686-pae-di
serial-modules-5.14.0-1-alpha-generic-di
serial-modules-5.14.0-1-amd64-di
serial-modules-5.14.0-1-itanium-di
serial-modules-5.14.0-1-parisc-di
serial-modules-5.14.0-1-parisc64-di
serial-modules-5.14.0-1-powerpc-di
serial-modules-5.14.0-1-powerpc64-di
serial-modules-5.14.0-1-powerpc64le-di
sound-modules-5.14.0-1-4kc-malta-di
sound-modules-5.14.0-1-5kc-malta-di
sound-modules-5.14.0-1-686-di
sound-modules-5.14.0-1-686-pae-di
sound-modules-5.14.0-1-amd64-di
sound-modules-5.14.0-1-loongson-3-di
sound-modules-5.14.0-1-octeon-di
sound-modules-5.14.0-1-sh7751r-di
sound-modules-5.14.0-1-sh7785lcr-di
speakup-modules-5.14.0-1-686-di
speakup-modules-5.14.0-1-686-pae-di
speakup-modules-5.14.0-1-amd64-di
speakup-modules-5.14.0-1-loongson-3-di
speakup-modules-5.14.0-1-sh7751r-di
speakup-modules-5.14.0-1-sh7785lcr-di
squashfs-modules-5.14.0-1-4kc-malta-di
squashfs-modules-5.14.0-1-5kc-malta-di
squashfs-modules-5.14.0-1-686-di
squashfs-modules-5.14.0-1-686-pae-di
squashfs-modules-5.14.0-1-alpha-generic-di
squashfs-modules-5.14.0-1-amd64-di
squashfs-modules-5.14.0-1-arm64-di
squashfs-modules-5.14.0-1-armmp-di
squashfs-modules-5.14.0-1-itanium-di
squashfs-modules-5.14.0-1-loongson-3-di
squashfs-modules-5.14.0-1-m68k-di
squashfs-modules-5.14.0-1-marvell-di
squashfs-modules-5.14.0-1-mips32r6-di
squashfs-modules-5.14.0-1-mips32r6el-di
squashfs-modules-5.14.0-1-mips64r6-di
squashfs-modules-5.14.0-1-mips64r6el-di
squashfs-modules-5.14.0-1-octeon-di
squashfs-modules-5.14.0-1-parisc-di
squashfs-modules-5.14.0-1-parisc64-di
squashfs-modules-5.14.0-1-powerpc-di
squashfs-modules-5.14.0-1-powerpc64-di
squashfs-modules-5.14.0-1-powerpc64le-di
squashfs-modules-5.14.0-1-riscv64-di
squashfs-modules-5.14.0-1-sh7751r-di
squashfs-modules-5.14.0-1-sh7785lcr-di
squashfs-modules-5.14.0-1-sparc64-di
srm-modules-5.14.0-1-alpha-generic-di
udf-modules-5.14.0-1-4kc-malta-di
udf-modules-5.14.0-1-5kc-malta-di
udf-modules-5.14.0-1-686-di
udf-modules-5.14.0-1-686-pae-di
udf-modules-5.14.0-1-amd64-di
udf-modules-5.14.0-1-arm64-di
udf-modules-5.14.0-1-armmp-di
udf-modules-5.14.0-1-itanium-di
udf-modules-5.14.0-1-loongson-3-di
udf-modules-5.14.0-1-m68k-di
udf-modules-5.14.0-1-marvell-di
udf-modules-5.14.0-1-mips32r6-di
udf-modules-5.14.0-1-mips32r6el-di
udf-modules-5.14.0-1-mips64r6-di
udf-modules-5.14.0-1-mips64r6el-di
udf-modules-5.14.0-1-octeon-di
udf-modules-5.14.0-1-powerpc-di
udf-modules-5.14.0-1-powerpc64-di
udf-modules-5.14.0-1-powerpc64le-di
udf-modules-5.14.0-1-riscv64-di
udf-modules-5.14.0-1-s390x-di
udf-modules-5.14.0-1-sh7751r-di
udf-modules-5.14.0-1-sh7785lcr-di
udf-modules-5.14.0-1-sparc64-di
ufs-modules-5.14.0-1-sparc64-di
uinput-modules-5.14.0-1-686-di
uinput-modules-5.14.0-1-686-pae-di
uinput-modules-5.14.0-1-amd64-di
uinput-modules-5.14.0-1-arm64-di
uinput-modules-5.14.0-1-armmp-di
uinput-modules-5.14.0-1-itanium-di
uinput-modules-5.14.0-1-marvell-di
uinput-modules-5.14.0-1-powerpc-di
uinput-modules-5.14.0-1-powerpc64-di
uinput-modules-5.14.0-1-powerpc64le-di
usb-modules-5.14.0-1-4kc-malta-di
usb-modules-5.14.0-1-5kc-malta-di
usb-modules-5.14.0-1-686-di
usb-modules-5.14.0-1-686-pae-di
usb-modules-5.14.0-1-alpha-generic-di
usb-modules-5.14.0-1-amd64-di
usb-modules-5.14.0-1-arm64-di
usb-modules-5.14.0-1-armmp-di
usb-modules-5.14.0-1-itanium-di
usb-modules-5.14.0-1-loongson-3-di
usb-modules-5.14.0-1-marvell-di
usb-modules-5.14.0-1-octeon-di
usb-modules-5.14.0-1-parisc-di
usb-modules-5.14.0-1-parisc64-di
usb-modules-5.14.0-1-powerpc-di
usb-modules-5.14.0-1-powerpc64-di
usb-modules-5.14.0-1-powerpc64le-di
usb-modules-5.14.0-1-riscv64-di
usb-modules-5.14.0-1-sparc64-di
usb-serial-modules-5.14.0-1-4kc-malta-di
usb-serial-modules-5.14.0-1-5kc-malta-di
usb-serial-modules-5.14.0-1-686-di
usb-serial-modules-5.14.0-1-686-pae-di
usb-serial-modules-5.14.0-1-alpha-generic-di
usb-serial-modules-5.14.0-1-amd64-di
usb-serial-modules-5.14.0-1-arm64-di
usb-serial-modules-5.14.0-1-armmp-di
usb-serial-modules-5.14.0-1-itanium-di
usb-serial-modules-5.14.0-1-loongson-3-di
usb-serial-modules-5.14.0-1-marvell-di
usb-serial-modules-5.14.0-1-octeon-di
usb-serial-modules-5.14.0-1-parisc-di
usb-serial-modules-5.14.0-1-parisc64-di
usb-serial-modules-5.14.0-1-powerpc-di
usb-serial-modules-5.14.0-1-powerpc64-di
usb-serial-modules-5.14.0-1-powerpc64le-di
usb-serial-modules-5.14.0-1-riscv64-di
usb-serial-modules-5.14.0-1-sh7751r-di
usb-serial-modules-5.14.0-1-sh7785lcr-di
usb-serial-modules-5.14.0-1-sparc64-di
usb-storage-modules-5.14.0-1-4kc-malta-di
usb-storage-modules-5.14.0-1-5kc-malta-di
usb-storage-modules-5.14.0-1-686-di
usb-storage-modules-5.14.0-1-686-pae-di
usb-storage-modules-5.14.0-1-alpha-generic-di
usb-storage-modules-5.14.0-1-amd64-di
usb-storage-modules-5.14.0-1-arm64-di
usb-storage-modules-5.14.0-1-armmp-di
usb-storage-modules-5.14.0-1-itanium-di
usb-storage-modules-5.14.0-1-loongson-3-di
usb-storage-modules-5.14.0-1-marvell-di
usb-storage-modules-5.14.0-1-octeon-di
usb-storage-modules-5.14.0-1-parisc-di
usb-storage-modules-5.14.0-1-parisc64-di
usb-storage-modules-5.14.0-1-powerpc-di
usb-storage-modules-5.14.0-1-powerpc64-di
usb-storage-modules-5.14.0-1-powerpc64le-di
usb-storage-modules-5.14.0-1-riscv64-di
usb-storage-modules-5.14.0-1-sh7751r-di
usb-storage-modules-5.14.0-1-sparc64-di
usbip (5 bugs: 0, 5, 0, 0)
xfs-modules-5.14.0-1-4kc-malta-di
xfs-modules-5.14.0-1-5kc-malta-di
xfs-modules-5.14.0-1-686-di
xfs-modules-5.14.0-1-686-pae-di
xfs-modules-5.14.0-1-alpha-generic-di
xfs-modules-5.14.0-1-amd64-di
xfs-modules-5.14.0-1-arm64-di
xfs-modules-5.14.0-1-itanium-di
xfs-modules-5.14.0-1-loongson-3-di
xfs-modules-5.14.0-1-mips32r6-di
xfs-modules-5.14.0-1-mips32r6el-di
xfs-modules-5.14.0-1-mips64r6-di
xfs-modules-5.14.0-1-mips64r6el-di
xfs-modules-5.14.0-1-octeon-di
xfs-modules-5.14.0-1-parisc-di
xfs-modules-5.14.0-1-parisc64-di
xfs-modules-5.14.0-1-powerpc-di
xfs-modules-5.14.0-1-powerpc64-di
xfs-modules-5.14.0-1-powerpc64le-di
xfs-modules-5.14.0-1-s390x-di
xfs-modules-5.14.0-1-sh7751r-di
xfs-modules-5.14.0-1-sh7785lcr-di
xfs-modules-5.14.0-1-sparc64-di

action needed

Failed to analyze the VCS repository. Please troubleshoot and fix the issue. high

vcswatch reports that there is an error with this package's VCS, or the debian/changelog file inside it. Please check the error shown below and try to fix it. You might have to update the VCS URL in the debian/control file to point to the correct repository.

fatal: shallow file has changed since we read it

Created: 2021-09-20 Last update: 2021-09-20 22:04

91 security issues in stretch high

There are 91 open security issues in stretch.

72 important issues:

CVE-2018-10322: The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.
CVE-2018-12929: ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.
CVE-2018-12930: ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
CVE-2018-12931: ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
CVE-2018-13095: An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
CVE-2019-0145: Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
CVE-2019-0146: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0147: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0148: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0149: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-12984: A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.
CVE-2019-19036: btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.
CVE-2019-19039: ** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.”
CVE-2019-19377: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2019-2213: In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel
CVE-2020-0030: In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-27835: A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
CVE-2020-36385: An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-3702: u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
CVE-2021-22543: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-29264: An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.
CVE-2021-33033: The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2021-33624: In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
CVE-2021-34556: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
CVE-2021-3542:
CVE-2021-35477: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
CVE-2021-3600:
CVE-2021-3612: An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2021-3640:
CVE-2021-3653:
CVE-2021-3655: A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
CVE-2021-3669:
CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
CVE-2021-3732:
CVE-2021-3743:
CVE-2021-3744:
CVE-2021-3752:
CVE-2021-3753:
CVE-2021-3759:
CVE-2021-3764:
CVE-2021-3772:
CVE-2021-38160: ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.
CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
CVE-2021-38199: fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
CVE-2021-38203: btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.
CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
CVE-2021-38206: The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.
CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.
CVE-2021-38300:
CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

19 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2017-18232: The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
CVE-2018-1108: kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2018-20449: The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
CVE-2018-7273: In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR.
CVE-2018-7754: The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
CVE-2019-3874: The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
CVE-2019-9245: In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2019-9444: In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
CVE-2019-9453: In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
CVE-2020-0067: In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.
CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
CVE-2020-27777: A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2021-28972: In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.
CVE-2021-3506: An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.

Created: 2021-02-19 Last update: 2021-09-19 18:30

32 security issues in sid high

There are 32 open security issues in sid.

32 important issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2019-16089: An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2021-3542:
CVE-2021-3640:
CVE-2021-3669:
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
CVE-2021-3744:
CVE-2021-3752:
CVE-2021-3759:
CVE-2021-3764:
CVE-2021-3772:

Created: 2021-02-19 Last update: 2021-09-19 18:30

69 security issues in buster high

There are 69 open security issues in buster.

56 important issues:

CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-16120: Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: verify permissions in ovl_path_open()"), 48bd024 ("ovl: switch to mounter creds in readdir") and 05acefb ("ovl: check permission to open real file"). Additionally, commits 130fdbc ("ovl: pass correct flags for opening real directory") and 292f902 ("ovl: call secutiry hook in ovl_real_ioctl()") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da ("ovl: do not fail because of O_NOATIMEi") in kernel 5.11.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26541: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-27835: A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
CVE-2020-36310: An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.
CVE-2020-36322: An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
CVE-2020-36385: An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-3702: u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
CVE-2021-22543: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-28950: An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
CVE-2021-33624: In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
CVE-2021-3444: The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 ("bpf: Fix truncation handling for mod32 dst reg wrt zero") and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101.
CVE-2021-34556: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
CVE-2021-35039: kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.
CVE-2021-3542:
CVE-2021-35477: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
CVE-2021-3600:
CVE-2021-3612: An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2021-3640:
CVE-2021-3653:
CVE-2021-3655: A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
CVE-2021-3656:
CVE-2021-3669:
CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
CVE-2021-3732:
CVE-2021-3743:
CVE-2021-3744:
CVE-2021-3752:
CVE-2021-3753:
CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-3759:
CVE-2021-3764:
CVE-2021-3772:
CVE-2021-38160: ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.
CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
CVE-2021-38199: fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
CVE-2021-38203: btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.
CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
CVE-2021-38206: The mac80211 subsystem in the Linux kernel before 5.12.13, when a device supporting only 5 GHz is used, allows attackers to cause a denial of service (NULL pointer dereference in the radiotap parser) by injecting a frame with 802.11a rates.
CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.
CVE-2021-38300:
CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.

7 issues left for the package maintainer to handle:

CVE-2019-16089: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: (postponed; to be fixed through a stable update) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-15802: (postponed; to be fixed through a stable update) Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: (needs triaging) Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.

You can find information about how to handle these issues in the security team's documentation.

6 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

Created: 2021-02-19 Last update: 2021-09-19 18:30

53 security issues in bullseye high

There are 53 open security issues in bullseye.

38 important issues:

CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26541: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-3702: u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
CVE-2021-35039: kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.
CVE-2021-3542:
CVE-2021-3640:
CVE-2021-3653:
CVE-2021-3656:
CVE-2021-3669:
CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
CVE-2021-3732:
CVE-2021-3739:
CVE-2021-3743:
CVE-2021-3744:
CVE-2021-3752:
CVE-2021-3753:
CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-3759:
CVE-2021-3764:
CVE-2021-3772:
CVE-2021-38160: ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.
CVE-2021-38166: In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
CVE-2021-38199: fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
CVE-2021-38203: btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.
CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
CVE-2021-38300:
CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
CVE-2021-41073:

8 issues left for the package maintainer to handle:

CVE-2019-15213: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-16089: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: (postponed; to be fixed through a stable update) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-15802: (postponed; to be fixed through a stable update) Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: (needs triaging) Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.

You can find information about how to handle these issues in the security team's documentation.

7 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-24504: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.

Created: 2021-02-19 Last update: 2021-09-19 18:30

53 security issues in bookworm high

There are 53 open security issues in bookworm.

53 important issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2019-16089: An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-24504: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26541: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-3702: u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
CVE-2021-35039: kernel/module.c in the Linux kernel before 5.12.14 mishandles Signature Verification, aka CID-0c18f29aae7c. Without CONFIG_MODULE_SIG, verification that a kernel module is signed, for loading via init_module, does not occur for a module.sig_enforce=1 command-line argument.
CVE-2021-3542:
CVE-2021-3640:
CVE-2021-3653:
CVE-2021-3656:
CVE-2021-3669:
CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
CVE-2021-3732:
CVE-2021-3739:
CVE-2021-3743:
CVE-2021-3744:
CVE-2021-3752:
CVE-2021-3753:
CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-3759:
CVE-2021-3764:
CVE-2021-3772:
CVE-2021-38160: ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.
CVE-2021-38166: In kernel/bpf/hashtab.c in the Linux kernel through 5.13.8, there is an integer overflow and out-of-bounds write when many elements are placed in a single bucket. NOTE: exploitation might be impractical without the CAP_SYS_ADMIN capability.
CVE-2021-38199: fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
CVE-2021-38203: btrfs in the Linux kernel before 5.13.4 allows attackers to cause a denial of service (deadlock) via processes that trigger allocation of new system chunks during times when there is a shortage of free space in the system space_info.
CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
CVE-2021-38300:
CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
CVE-2021-41073:

Created: 2021-08-15 Last update: 2021-09-19 18:30

21 bugs tagged patch in the BTS normal

The BTS contains patches fixing 21 bugs, consider including or untagging them.

Created: 2021-08-14 Last update: 2021-09-21 01:01

Depends on packages which need a new maintainer normal

The packages that linux depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2021-09-21 00:00

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2021-04-16 Last update: 2021-09-20 19:32

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2021-03-20 Last update: 2021-03-20 06:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.2.0).

Created: 2017-12-02 Last update: 2021-09-19 20:36

testing migrations

This package will soon be part of the auto-perl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-libopencsd transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
excuses:
- Migrates after: glibc
- Migration status for linux (5.10.46-4 to 5.14.6-2): BLOCKED: Rejected/violates migration policy/introduces a regression
- Issues preventing migration:
- Updating linux introduces new bugs: #994453
- autopkgtest for cross-toolchain-base/56: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Regression ♻ (reference ♻)
- autopkgtest for glibc/2.32-4: amd64: Pass, arm64: Pass, armhf: Ignored failure, i386: Pass, ppc64el: Pass
- autopkgtest for linux/5.14.6-2: amd64: Regression ♻ (reference ♻), arm64: Regression ♻ (reference ♻), armhf: Regression ♻ (reference ♻), i386: Regression ♻ (reference ♻), ppc64el: Regression ♻ (reference ♻)
- autopkgtest for zfs-linux/2.0.3-9: amd64: Pass, arm64: Pass, armhf: Regression ♻ (reference ♻), i386: Pass, ppc64el: Regression ♻ (reference ♻)
- missing build on mipsel
- Too young, only 2 of 5 days old
- Depends: linux glibc
- Additional info:
- Updating linux fixes old bugs: #993978
- Piuparts tested OK - https://piuparts.debian.org/sid/source/l/linux.html
- Not considered

news

[rss feed]

[2021-09-19] Accepted linux 5.14.6-2 (source) into unstable (Salvatore Bonaccorso)
[2021-09-19] Accepted linux 5.14.6-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-09-12] Accepted linux 5.14.3-1~exp1 (source) into experimental (Salvatore Bonaccorso)
[2021-09-09] Accepted linux 5.14.2-1~exp1 (source) into experimental (Salvatore Bonaccorso)
[2021-09-07] Accepted linux 5.14.1-1~exp1 (source) into experimental (Salvatore Bonaccorso)
[2021-09-05] Accepted linux 5.14-1~exp2 (source) into experimental (Bastian Blank)
[2021-09-01] Accepted linux 5.14-1~exp1 (source) into experimental, experimental (Debian FTP Masters) (signed by: Bastian Blank)
[2021-08-20] Accepted linux 5.13.12-1~exp1 (source) into experimental (Bastian Blank)
[2021-08-16] Accepted linux 5.10.46-4~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-08-16] Accepted linux 5.10.46-3~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-08-10] Accepted linux 5.13.9-1~exp2 (source) into experimental (Bastian Blank)
[2021-08-10] Accepted linux 5.13.9-1~exp1 (source) into experimental, experimental (Debian FTP Masters) (signed by: Bastian Blank)
[2021-08-07] linux 5.10.46-4 MIGRATED to testing (Debian testing watch)
[2021-08-03] Accepted linux 5.10.46-4 (source) into unstable (Salvatore Bonaccorso)
[2021-07-31] linux 5.10.46-3 MIGRATED to testing (Debian testing watch)
[2021-07-28] Accepted linux 5.10.46-3 (source) into unstable (Salvatore Bonaccorso)
[2021-07-26] Accepted linux 5.10.46-2~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-07-24] Accepted linux 4.19.194-3 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-07-23] linux 5.10.46-2 MIGRATED to testing (Debian testing watch)
[2021-07-20] Accepted linux 4.19.194-3 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-07-20] Accepted linux 4.9.272-2 (source) into oldstable (Ben Hutchings)
[2021-07-20] Accepted linux 5.10.46-2 (source) into unstable (Salvatore Bonaccorso)
[2021-06-24] Accepted linux 5.10.46-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-06-22] Accepted linux 4.9.272-1 (source) into oldstable, oldstable (Debian FTP Masters) (signed by: Ben Hutchings)
[2021-06-21] Accepted linux 4.19.194-2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-06-11] Accepted linux 4.19.194-1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-06-06] Accepted linux 5.10.40-1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-06-04] linux 5.10.40-1 MIGRATED to testing (Debian testing watch)
[2021-05-28] Accepted linux 5.10.40-1 (source) into unstable (Salvatore Bonaccorso)
[2021-05-20] Accepted linux 5.10.38-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)

bugs [bug history graph]

all: 996 1039
RC: 2
I&N: 883 919
M&W: 111 118
F&P: 0
patch: 21

links

homepage
buildd: logs, exp, checks, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
l10n (-, 41)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.13.0-16.16
7553 bugs (282 patches)