linux - Debian Package Tracker

general

source: linux (main)
version: 5.15.3-1
maintainer: Debian Kernel Team (archive) (DMD)
uploaders: Bastian Blank [DMD] – Salvatore Bonaccorso [DMD] – maximilian attems [DMD] – Ben Hutchings [DMD]
arch: all
std-ver: 4.2.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

o-o-stable: 4.9.228-1
o-o-sec: 4.9.272-2
o-o-bpo: 4.19.118-2+deb10u1~bpo9+1
oldstable: 4.19.208-1
old-sec: 4.19.194-3
old-bpo: 5.10.70-1~bpo10+1
old-upd: 4.19.194-2
stable: 5.10.70-1
stable-sec: 5.10.46-5
stable-bpo: 5.14.9-2~bpo11+1
testing: 5.15.3-1
unstable: 5.15.3-1
exp: 5.16~rc1-1~exp1

versioned links

4.9.228-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.246-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.258-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.272-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.118-2+deb10u1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.171-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.194-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.194-3: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.208-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.46-5: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.70-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.70-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.14.9-2~bpo11+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.14.9-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.14.12-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.14.16-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.15.2-1~exp1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.15.3-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.15.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.16~rc1-1~exp1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

acpi-modules-5.15.0-1-686-di
acpi-modules-5.15.0-1-686-pae-di
acpi-modules-5.15.0-1-amd64-di
affs-modules-5.15.0-1-4kc-malta-di
affs-modules-5.15.0-1-5kc-malta-di
affs-modules-5.15.0-1-loongson-3-di
affs-modules-5.15.0-1-m68k-di
affs-modules-5.15.0-1-octeon-di
affs-modules-5.15.0-1-powerpc-di
affs-modules-5.15.0-1-powerpc64-di
ata-modules-5.15.0-1-4kc-malta-di
ata-modules-5.15.0-1-5kc-malta-di
ata-modules-5.15.0-1-686-di
ata-modules-5.15.0-1-686-pae-di
ata-modules-5.15.0-1-alpha-generic-di
ata-modules-5.15.0-1-amd64-di
ata-modules-5.15.0-1-arm64-di
ata-modules-5.15.0-1-armmp-di
ata-modules-5.15.0-1-itanium-di
ata-modules-5.15.0-1-loongson-3-di
ata-modules-5.15.0-1-m68k-di
ata-modules-5.15.0-1-parisc-di
ata-modules-5.15.0-1-parisc64-di
ata-modules-5.15.0-1-powerpc-di
ata-modules-5.15.0-1-powerpc64-di
ata-modules-5.15.0-1-powerpc64le-di
ata-modules-5.15.0-1-riscv64-di
ata-modules-5.15.0-1-sparc64-di
bpftool (2 bugs: 0, 0, 2, 0)
btrfs-modules-5.15.0-1-4kc-malta-di
btrfs-modules-5.15.0-1-5kc-malta-di
btrfs-modules-5.15.0-1-686-di
btrfs-modules-5.15.0-1-686-pae-di
btrfs-modules-5.15.0-1-alpha-generic-di
btrfs-modules-5.15.0-1-amd64-di
btrfs-modules-5.15.0-1-arm64-di
btrfs-modules-5.15.0-1-armmp-di
btrfs-modules-5.15.0-1-itanium-di
btrfs-modules-5.15.0-1-loongson-3-di
btrfs-modules-5.15.0-1-m68k-di
btrfs-modules-5.15.0-1-marvell-di
btrfs-modules-5.15.0-1-mips32r6-di
btrfs-modules-5.15.0-1-mips32r6el-di
btrfs-modules-5.15.0-1-mips64r6-di
btrfs-modules-5.15.0-1-mips64r6el-di
btrfs-modules-5.15.0-1-octeon-di
btrfs-modules-5.15.0-1-parisc-di
btrfs-modules-5.15.0-1-parisc64-di
btrfs-modules-5.15.0-1-powerpc-di
btrfs-modules-5.15.0-1-powerpc64-di
btrfs-modules-5.15.0-1-powerpc64le-di
btrfs-modules-5.15.0-1-riscv64-di
btrfs-modules-5.15.0-1-s390x-di
btrfs-modules-5.15.0-1-sh7751r-di
btrfs-modules-5.15.0-1-sh7785lcr-di
btrfs-modules-5.15.0-1-sparc64-di
cdrom-core-modules-5.15.0-1-4kc-malta-di
cdrom-core-modules-5.15.0-1-5kc-malta-di
cdrom-core-modules-5.15.0-1-686-di
cdrom-core-modules-5.15.0-1-686-pae-di
cdrom-core-modules-5.15.0-1-alpha-generic-di
cdrom-core-modules-5.15.0-1-amd64-di
cdrom-core-modules-5.15.0-1-arm64-di
cdrom-core-modules-5.15.0-1-armmp-di
cdrom-core-modules-5.15.0-1-itanium-di
cdrom-core-modules-5.15.0-1-loongson-3-di
cdrom-core-modules-5.15.0-1-m68k-di
cdrom-core-modules-5.15.0-1-marvell-di
cdrom-core-modules-5.15.0-1-octeon-di
cdrom-core-modules-5.15.0-1-parisc-di
cdrom-core-modules-5.15.0-1-parisc64-di
cdrom-core-modules-5.15.0-1-powerpc-di
cdrom-core-modules-5.15.0-1-powerpc64-di
cdrom-core-modules-5.15.0-1-powerpc64le-di
cdrom-core-modules-5.15.0-1-riscv64-di
cdrom-core-modules-5.15.0-1-s390x-di
cdrom-core-modules-5.15.0-1-sh7751r-di
cdrom-core-modules-5.15.0-1-sh7785lcr-di
cdrom-core-modules-5.15.0-1-sparc64-di
crc-modules-5.15.0-1-4kc-malta-di
crc-modules-5.15.0-1-5kc-malta-di
crc-modules-5.15.0-1-686-di
crc-modules-5.15.0-1-686-pae-di
crc-modules-5.15.0-1-alpha-generic-di
crc-modules-5.15.0-1-amd64-di
crc-modules-5.15.0-1-arm64-di
crc-modules-5.15.0-1-armmp-di
crc-modules-5.15.0-1-itanium-di
crc-modules-5.15.0-1-loongson-3-di
crc-modules-5.15.0-1-m68k-di
crc-modules-5.15.0-1-marvell-di
crc-modules-5.15.0-1-mips32r6-di
crc-modules-5.15.0-1-mips32r6el-di
crc-modules-5.15.0-1-mips64r6-di
crc-modules-5.15.0-1-mips64r6el-di
crc-modules-5.15.0-1-octeon-di
crc-modules-5.15.0-1-parisc-di
crc-modules-5.15.0-1-parisc64-di
crc-modules-5.15.0-1-powerpc-di
crc-modules-5.15.0-1-powerpc64-di
crc-modules-5.15.0-1-powerpc64le-di
crc-modules-5.15.0-1-riscv64-di
crc-modules-5.15.0-1-s390x-di
crc-modules-5.15.0-1-sh7751r-di
crc-modules-5.15.0-1-sh7785lcr-di
crc-modules-5.15.0-1-sparc64-di
crypto-dm-modules-5.15.0-1-4kc-malta-di
crypto-dm-modules-5.15.0-1-5kc-malta-di
crypto-dm-modules-5.15.0-1-686-di
crypto-dm-modules-5.15.0-1-686-pae-di
crypto-dm-modules-5.15.0-1-alpha-generic-di
crypto-dm-modules-5.15.0-1-amd64-di
crypto-dm-modules-5.15.0-1-arm64-di
crypto-dm-modules-5.15.0-1-armmp-di
crypto-dm-modules-5.15.0-1-itanium-di
crypto-dm-modules-5.15.0-1-loongson-3-di
crypto-dm-modules-5.15.0-1-marvell-di
crypto-dm-modules-5.15.0-1-mips32r6-di
crypto-dm-modules-5.15.0-1-mips32r6el-di
crypto-dm-modules-5.15.0-1-mips64r6-di
crypto-dm-modules-5.15.0-1-mips64r6el-di
crypto-dm-modules-5.15.0-1-octeon-di
crypto-dm-modules-5.15.0-1-parisc-di
crypto-dm-modules-5.15.0-1-parisc64-di
crypto-dm-modules-5.15.0-1-powerpc-di
crypto-dm-modules-5.15.0-1-powerpc64-di
crypto-dm-modules-5.15.0-1-powerpc64le-di
crypto-dm-modules-5.15.0-1-riscv64-di
crypto-dm-modules-5.15.0-1-s390x-di
crypto-dm-modules-5.15.0-1-sh7751r-di
crypto-dm-modules-5.15.0-1-sh7785lcr-di
crypto-dm-modules-5.15.0-1-sparc64-di
crypto-modules-5.15.0-1-4kc-malta-di
crypto-modules-5.15.0-1-5kc-malta-di
crypto-modules-5.15.0-1-686-di
crypto-modules-5.15.0-1-686-pae-di
crypto-modules-5.15.0-1-alpha-generic-di
crypto-modules-5.15.0-1-amd64-di
crypto-modules-5.15.0-1-arm64-di
crypto-modules-5.15.0-1-armmp-di
crypto-modules-5.15.0-1-itanium-di
crypto-modules-5.15.0-1-loongson-3-di
crypto-modules-5.15.0-1-m68k-di
crypto-modules-5.15.0-1-marvell-di
crypto-modules-5.15.0-1-mips32r6-di
crypto-modules-5.15.0-1-mips32r6el-di
crypto-modules-5.15.0-1-mips64r6-di
crypto-modules-5.15.0-1-mips64r6el-di
crypto-modules-5.15.0-1-octeon-di
crypto-modules-5.15.0-1-parisc-di
crypto-modules-5.15.0-1-parisc64-di
crypto-modules-5.15.0-1-powerpc-di
crypto-modules-5.15.0-1-powerpc64-di
crypto-modules-5.15.0-1-powerpc64le-di
crypto-modules-5.15.0-1-riscv64-di
crypto-modules-5.15.0-1-s390x-di
crypto-modules-5.15.0-1-sh7751r-di
crypto-modules-5.15.0-1-sh7785lcr-di
crypto-modules-5.15.0-1-sparc64-di
dasd-extra-modules-5.15.0-1-s390x-di
dasd-modules-5.15.0-1-s390x-di
efi-modules-5.15.0-1-686-di
efi-modules-5.15.0-1-686-pae-di
efi-modules-5.15.0-1-amd64-di
efi-modules-5.15.0-1-arm64-di
efi-modules-5.15.0-1-armmp-di
event-modules-5.15.0-1-4kc-malta-di
event-modules-5.15.0-1-5kc-malta-di
event-modules-5.15.0-1-686-di
event-modules-5.15.0-1-686-pae-di
event-modules-5.15.0-1-alpha-generic-di
event-modules-5.15.0-1-amd64-di
event-modules-5.15.0-1-arm64-di
event-modules-5.15.0-1-armmp-di
event-modules-5.15.0-1-itanium-di
event-modules-5.15.0-1-loongson-3-di
event-modules-5.15.0-1-marvell-di
event-modules-5.15.0-1-octeon-di
event-modules-5.15.0-1-parisc-di
event-modules-5.15.0-1-parisc64-di
event-modules-5.15.0-1-powerpc-di
event-modules-5.15.0-1-powerpc64-di
event-modules-5.15.0-1-powerpc64le-di
event-modules-5.15.0-1-riscv64-di
ext4-modules-5.15.0-1-4kc-malta-di
ext4-modules-5.15.0-1-5kc-malta-di
ext4-modules-5.15.0-1-686-di
ext4-modules-5.15.0-1-686-pae-di
ext4-modules-5.15.0-1-alpha-generic-di
ext4-modules-5.15.0-1-amd64-di
ext4-modules-5.15.0-1-arm64-di
ext4-modules-5.15.0-1-armmp-di
ext4-modules-5.15.0-1-itanium-di
ext4-modules-5.15.0-1-loongson-3-di
ext4-modules-5.15.0-1-m68k-di
ext4-modules-5.15.0-1-marvell-di
ext4-modules-5.15.0-1-mips32r6-di
ext4-modules-5.15.0-1-mips32r6el-di
ext4-modules-5.15.0-1-mips64r6-di
ext4-modules-5.15.0-1-mips64r6el-di
ext4-modules-5.15.0-1-octeon-di
ext4-modules-5.15.0-1-parisc-di
ext4-modules-5.15.0-1-parisc64-di
ext4-modules-5.15.0-1-powerpc-di
ext4-modules-5.15.0-1-powerpc64-di
ext4-modules-5.15.0-1-powerpc64le-di
ext4-modules-5.15.0-1-riscv64-di
ext4-modules-5.15.0-1-s390x-di
ext4-modules-5.15.0-1-sh7751r-di
ext4-modules-5.15.0-1-sh7785lcr-di
ext4-modules-5.15.0-1-sparc64-di
f2fs-modules-5.15.0-1-4kc-malta-di
f2fs-modules-5.15.0-1-5kc-malta-di
f2fs-modules-5.15.0-1-686-di
f2fs-modules-5.15.0-1-686-pae-di
f2fs-modules-5.15.0-1-alpha-generic-di
f2fs-modules-5.15.0-1-amd64-di
f2fs-modules-5.15.0-1-arm64-di
f2fs-modules-5.15.0-1-armmp-di
f2fs-modules-5.15.0-1-itanium-di
f2fs-modules-5.15.0-1-loongson-3-di
f2fs-modules-5.15.0-1-marvell-di
f2fs-modules-5.15.0-1-mips32r6-di
f2fs-modules-5.15.0-1-mips32r6el-di
f2fs-modules-5.15.0-1-mips64r6-di
f2fs-modules-5.15.0-1-mips64r6el-di
f2fs-modules-5.15.0-1-octeon-di
f2fs-modules-5.15.0-1-parisc-di
f2fs-modules-5.15.0-1-parisc64-di
f2fs-modules-5.15.0-1-powerpc-di
f2fs-modules-5.15.0-1-powerpc64-di
f2fs-modules-5.15.0-1-powerpc64le-di
f2fs-modules-5.15.0-1-riscv64-di
f2fs-modules-5.15.0-1-s390x-di
f2fs-modules-5.15.0-1-sh7751r-di
f2fs-modules-5.15.0-1-sh7785lcr-di
f2fs-modules-5.15.0-1-sparc64-di
fancontrol-modules-5.15.0-1-powerpc64-di
fancontrol-modules-5.15.0-1-powerpc64le-di
fat-modules-5.15.0-1-4kc-malta-di
fat-modules-5.15.0-1-5kc-malta-di
fat-modules-5.15.0-1-686-di
fat-modules-5.15.0-1-686-pae-di
fat-modules-5.15.0-1-alpha-generic-di
fat-modules-5.15.0-1-amd64-di
fat-modules-5.15.0-1-arm64-di
fat-modules-5.15.0-1-armmp-di
fat-modules-5.15.0-1-itanium-di
fat-modules-5.15.0-1-loongson-3-di
fat-modules-5.15.0-1-m68k-di
fat-modules-5.15.0-1-marvell-di
fat-modules-5.15.0-1-octeon-di
fat-modules-5.15.0-1-parisc-di
fat-modules-5.15.0-1-parisc64-di
fat-modules-5.15.0-1-powerpc-di
fat-modules-5.15.0-1-powerpc64-di
fat-modules-5.15.0-1-powerpc64le-di
fat-modules-5.15.0-1-riscv64-di
fat-modules-5.15.0-1-s390x-di
fat-modules-5.15.0-1-sh7751r-di
fat-modules-5.15.0-1-sh7785lcr-di
fat-modules-5.15.0-1-sparc64-di
fb-modules-5.15.0-1-4kc-malta-di
fb-modules-5.15.0-1-5kc-malta-di
fb-modules-5.15.0-1-686-di
fb-modules-5.15.0-1-686-pae-di
fb-modules-5.15.0-1-alpha-generic-di
fb-modules-5.15.0-1-amd64-di
fb-modules-5.15.0-1-arm64-di
fb-modules-5.15.0-1-armmp-di
fb-modules-5.15.0-1-itanium-di
fb-modules-5.15.0-1-loongson-3-di
fb-modules-5.15.0-1-marvell-di
fb-modules-5.15.0-1-parisc64-di
fb-modules-5.15.0-1-powerpc-di
fb-modules-5.15.0-1-powerpc64-di
fb-modules-5.15.0-1-powerpc64le-di
fb-modules-5.15.0-1-riscv64-di
fb-modules-5.15.0-1-sparc64-di
firewire-core-modules-5.15.0-1-686-di
firewire-core-modules-5.15.0-1-686-pae-di
firewire-core-modules-5.15.0-1-amd64-di
firewire-core-modules-5.15.0-1-itanium-di
firewire-core-modules-5.15.0-1-loongson-3-di
firewire-core-modules-5.15.0-1-powerpc-di
firewire-core-modules-5.15.0-1-powerpc64-di
firewire-core-modules-5.15.0-1-powerpc64le-di
firewire-core-modules-5.15.0-1-sh7751r-di
firewire-core-modules-5.15.0-1-sh7785lcr-di
fuse-modules-5.15.0-1-4kc-malta-di
fuse-modules-5.15.0-1-5kc-malta-di
fuse-modules-5.15.0-1-686-di
fuse-modules-5.15.0-1-686-pae-di
fuse-modules-5.15.0-1-alpha-generic-di
fuse-modules-5.15.0-1-amd64-di
fuse-modules-5.15.0-1-arm64-di
fuse-modules-5.15.0-1-armmp-di
fuse-modules-5.15.0-1-itanium-di
fuse-modules-5.15.0-1-loongson-3-di
fuse-modules-5.15.0-1-m68k-di
fuse-modules-5.15.0-1-marvell-di
fuse-modules-5.15.0-1-mips32r6-di
fuse-modules-5.15.0-1-mips32r6el-di
fuse-modules-5.15.0-1-mips64r6-di
fuse-modules-5.15.0-1-mips64r6el-di
fuse-modules-5.15.0-1-octeon-di
fuse-modules-5.15.0-1-parisc-di
fuse-modules-5.15.0-1-parisc64-di
fuse-modules-5.15.0-1-powerpc-di
fuse-modules-5.15.0-1-powerpc64-di
fuse-modules-5.15.0-1-powerpc64le-di
fuse-modules-5.15.0-1-riscv64-di
fuse-modules-5.15.0-1-s390x-di
fuse-modules-5.15.0-1-sh7751r-di
fuse-modules-5.15.0-1-sh7785lcr-di
fuse-modules-5.15.0-1-sparc64-di
hfs-modules-5.15.0-1-m68k-di
hfs-modules-5.15.0-1-powerpc-di
hfs-modules-5.15.0-1-powerpc64-di
hyperv-daemons (1 bugs: 0, 1, 0, 0)
hypervisor-modules-5.15.0-1-powerpc64-di
hypervisor-modules-5.15.0-1-powerpc64le-di
i2c-modules-5.15.0-1-4kc-malta-di
i2c-modules-5.15.0-1-5kc-malta-di
i2c-modules-5.15.0-1-686-di
i2c-modules-5.15.0-1-686-pae-di
i2c-modules-5.15.0-1-alpha-generic-di
i2c-modules-5.15.0-1-amd64-di
i2c-modules-5.15.0-1-arm64-di
i2c-modules-5.15.0-1-armmp-di
i2c-modules-5.15.0-1-itanium-di
i2c-modules-5.15.0-1-powerpc64-di
i2c-modules-5.15.0-1-powerpc64le-di
i2c-modules-5.15.0-1-riscv64-di
i2c-modules-5.15.0-1-sh7751r-di
i2c-modules-5.15.0-1-sparc64-di
input-modules-5.15.0-1-4kc-malta-di
input-modules-5.15.0-1-5kc-malta-di
input-modules-5.15.0-1-686-di
input-modules-5.15.0-1-686-pae-di
input-modules-5.15.0-1-alpha-generic-di
input-modules-5.15.0-1-amd64-di
input-modules-5.15.0-1-arm64-di
input-modules-5.15.0-1-armmp-di
input-modules-5.15.0-1-itanium-di
input-modules-5.15.0-1-loongson-3-di
input-modules-5.15.0-1-marvell-di
input-modules-5.15.0-1-octeon-di
input-modules-5.15.0-1-parisc-di
input-modules-5.15.0-1-parisc64-di
input-modules-5.15.0-1-powerpc-di
input-modules-5.15.0-1-powerpc64-di
input-modules-5.15.0-1-powerpc64le-di
input-modules-5.15.0-1-riscv64-di
input-modules-5.15.0-1-sparc64-di
ipv6-modules-5.15.0-1-marvell-di
isofs-modules-5.15.0-1-4kc-malta-di
isofs-modules-5.15.0-1-5kc-malta-di
isofs-modules-5.15.0-1-686-di
isofs-modules-5.15.0-1-686-pae-di
isofs-modules-5.15.0-1-alpha-generic-di
isofs-modules-5.15.0-1-amd64-di
isofs-modules-5.15.0-1-arm64-di
isofs-modules-5.15.0-1-armmp-di
isofs-modules-5.15.0-1-itanium-di
isofs-modules-5.15.0-1-loongson-3-di
isofs-modules-5.15.0-1-m68k-di
isofs-modules-5.15.0-1-marvell-di
isofs-modules-5.15.0-1-mips32r6-di
isofs-modules-5.15.0-1-mips32r6el-di
isofs-modules-5.15.0-1-mips64r6-di
isofs-modules-5.15.0-1-mips64r6el-di
isofs-modules-5.15.0-1-octeon-di
isofs-modules-5.15.0-1-parisc-di
isofs-modules-5.15.0-1-parisc64-di
isofs-modules-5.15.0-1-powerpc-di
isofs-modules-5.15.0-1-powerpc64-di
isofs-modules-5.15.0-1-powerpc64le-di
isofs-modules-5.15.0-1-riscv64-di
isofs-modules-5.15.0-1-s390x-di
isofs-modules-5.15.0-1-sh7751r-di
isofs-modules-5.15.0-1-sh7785lcr-di
isofs-modules-5.15.0-1-sparc64-di
jffs2-modules-5.15.0-1-marvell-di
jfs-modules-5.15.0-1-4kc-malta-di
jfs-modules-5.15.0-1-5kc-malta-di
jfs-modules-5.15.0-1-686-di
jfs-modules-5.15.0-1-686-pae-di
jfs-modules-5.15.0-1-alpha-generic-di
jfs-modules-5.15.0-1-amd64-di
jfs-modules-5.15.0-1-arm64-di
jfs-modules-5.15.0-1-armmp-di
jfs-modules-5.15.0-1-itanium-di
jfs-modules-5.15.0-1-loongson-3-di
jfs-modules-5.15.0-1-marvell-di
jfs-modules-5.15.0-1-mips32r6-di
jfs-modules-5.15.0-1-mips32r6el-di
jfs-modules-5.15.0-1-mips64r6-di
jfs-modules-5.15.0-1-mips64r6el-di
jfs-modules-5.15.0-1-octeon-di
jfs-modules-5.15.0-1-parisc-di
jfs-modules-5.15.0-1-parisc64-di
jfs-modules-5.15.0-1-powerpc-di
jfs-modules-5.15.0-1-powerpc64-di
jfs-modules-5.15.0-1-powerpc64le-di
jfs-modules-5.15.0-1-riscv64-di
jfs-modules-5.15.0-1-sh7751r-di
jfs-modules-5.15.0-1-sh7785lcr-di
jfs-modules-5.15.0-1-sparc64-di
kernel-image-5.15.0-1-4kc-malta-di
kernel-image-5.15.0-1-5kc-malta-di
kernel-image-5.15.0-1-686-di
kernel-image-5.15.0-1-686-pae-di
kernel-image-5.15.0-1-alpha-generic-di
kernel-image-5.15.0-1-amd64-di
kernel-image-5.15.0-1-arm64-di
kernel-image-5.15.0-1-armmp-di
kernel-image-5.15.0-1-itanium-di
kernel-image-5.15.0-1-loongson-3-di
kernel-image-5.15.0-1-m68k-di
kernel-image-5.15.0-1-marvell-di
kernel-image-5.15.0-1-mips32r6-di
kernel-image-5.15.0-1-mips32r6el-di
kernel-image-5.15.0-1-mips64r6-di
kernel-image-5.15.0-1-mips64r6el-di
kernel-image-5.15.0-1-octeon-di
kernel-image-5.15.0-1-parisc-di
kernel-image-5.15.0-1-parisc64-di
kernel-image-5.15.0-1-powerpc-di
kernel-image-5.15.0-1-powerpc64-di
kernel-image-5.15.0-1-powerpc64le-di
kernel-image-5.15.0-1-riscv64-di
kernel-image-5.15.0-1-s390x-di
kernel-image-5.15.0-1-sh7751r-di
kernel-image-5.15.0-1-sh7785lcr-di
kernel-image-5.15.0-1-sparc64-di
leds-modules-5.15.0-1-arm64-di
leds-modules-5.15.0-1-armmp-di
leds-modules-5.15.0-1-marvell-di
libcpupower-dev
libcpupower1
linux-bootwrapper-5.15.0-1
linux-compiler-gcc-11-arm
linux-compiler-gcc-11-s390
linux-compiler-gcc-11-x86
linux-config-5.15
linux-cpupower (2 bugs: 0, 1, 1, 0)
linux-doc
linux-doc-5.15
linux-headers-4kc-malta
linux-headers-5.15.0-1-4kc-malta
linux-headers-5.15.0-1-5kc-malta
linux-headers-5.15.0-1-686
linux-headers-5.15.0-1-686-pae
linux-headers-5.15.0-1-alpha-generic
linux-headers-5.15.0-1-alpha-smp
linux-headers-5.15.0-1-amd64
linux-headers-5.15.0-1-arm64
linux-headers-5.15.0-1-armmp
linux-headers-5.15.0-1-armmp-lpae
linux-headers-5.15.0-1-cloud-amd64
linux-headers-5.15.0-1-cloud-arm64
linux-headers-5.15.0-1-common
linux-headers-5.15.0-1-common-rt
linux-headers-5.15.0-1-itanium
linux-headers-5.15.0-1-loongson-3
linux-headers-5.15.0-1-m68k
linux-headers-5.15.0-1-marvell
linux-headers-5.15.0-1-mckinley
linux-headers-5.15.0-1-mips32r6
linux-headers-5.15.0-1-mips32r6el
linux-headers-5.15.0-1-mips64r6
linux-headers-5.15.0-1-mips64r6el
linux-headers-5.15.0-1-octeon
linux-headers-5.15.0-1-parisc
linux-headers-5.15.0-1-parisc64
linux-headers-5.15.0-1-powerpc
linux-headers-5.15.0-1-powerpc-smp
linux-headers-5.15.0-1-powerpc64
linux-headers-5.15.0-1-powerpc64le
linux-headers-5.15.0-1-riscv64
linux-headers-5.15.0-1-rpi
linux-headers-5.15.0-1-rt-686-pae
linux-headers-5.15.0-1-rt-amd64
linux-headers-5.15.0-1-rt-arm64
linux-headers-5.15.0-1-rt-armmp
linux-headers-5.15.0-1-s390x
linux-headers-5.15.0-1-sh7751r
linux-headers-5.15.0-1-sh7785lcr
linux-headers-5.15.0-1-sparc64
linux-headers-5.15.0-1-sparc64-smp
linux-headers-5kc-malta
linux-headers-alpha-generic
linux-headers-alpha-smp
linux-headers-armmp
linux-headers-armmp-lpae
linux-headers-itanium
linux-headers-loongson-3
linux-headers-m68k
linux-headers-marvell
linux-headers-mckinley
linux-headers-mips32r6
linux-headers-mips32r6el
linux-headers-mips64r6
linux-headers-mips64r6el
linux-headers-octeon
linux-headers-parisc
linux-headers-parisc64
linux-headers-powerpc
linux-headers-powerpc-smp
linux-headers-powerpc64
linux-headers-powerpc64le
linux-headers-riscv64
linux-headers-rpi
linux-headers-rt-armmp
linux-headers-s390x
linux-headers-sh7751r
linux-headers-sh7785lcr
linux-headers-sparc64
linux-headers-sparc64-smp
linux-image-4kc-malta
linux-image-4kc-malta-dbg
linux-image-5.15.0-1-4kc-malta
linux-image-5.15.0-1-4kc-malta-dbg
linux-image-5.15.0-1-5kc-malta
linux-image-5.15.0-1-5kc-malta-dbg
linux-image-5.15.0-1-686-dbg
linux-image-5.15.0-1-686-pae-dbg
linux-image-5.15.0-1-686-pae-unsigned
linux-image-5.15.0-1-686-unsigned
linux-image-5.15.0-1-alpha-generic
linux-image-5.15.0-1-alpha-generic-dbg
linux-image-5.15.0-1-alpha-smp
linux-image-5.15.0-1-alpha-smp-dbg
linux-image-5.15.0-1-amd64-dbg
linux-image-5.15.0-1-amd64-unsigned
linux-image-5.15.0-1-arm64-dbg
linux-image-5.15.0-1-arm64-unsigned
linux-image-5.15.0-1-armmp
linux-image-5.15.0-1-armmp-dbg
linux-image-5.15.0-1-armmp-lpae
linux-image-5.15.0-1-armmp-lpae-dbg
linux-image-5.15.0-1-cloud-amd64-dbg
linux-image-5.15.0-1-cloud-amd64-unsigned
linux-image-5.15.0-1-cloud-arm64-dbg
linux-image-5.15.0-1-cloud-arm64-unsigned
linux-image-5.15.0-1-itanium
linux-image-5.15.0-1-itanium-dbg
linux-image-5.15.0-1-loongson-3
linux-image-5.15.0-1-loongson-3-dbg
linux-image-5.15.0-1-m68k
linux-image-5.15.0-1-m68k-dbg
linux-image-5.15.0-1-marvell
linux-image-5.15.0-1-marvell-dbg
linux-image-5.15.0-1-mckinley
linux-image-5.15.0-1-mckinley-dbg
linux-image-5.15.0-1-mips32r6
linux-image-5.15.0-1-mips32r6-dbg
linux-image-5.15.0-1-mips32r6el
linux-image-5.15.0-1-mips32r6el-dbg
linux-image-5.15.0-1-mips64r6
linux-image-5.15.0-1-mips64r6-dbg
linux-image-5.15.0-1-mips64r6el
linux-image-5.15.0-1-mips64r6el-dbg
linux-image-5.15.0-1-octeon
linux-image-5.15.0-1-octeon-dbg
linux-image-5.15.0-1-parisc
linux-image-5.15.0-1-parisc64
linux-image-5.15.0-1-powerpc
linux-image-5.15.0-1-powerpc-dbg
linux-image-5.15.0-1-powerpc-smp
linux-image-5.15.0-1-powerpc-smp-dbg
linux-image-5.15.0-1-powerpc64
linux-image-5.15.0-1-powerpc64-dbg
linux-image-5.15.0-1-powerpc64le
linux-image-5.15.0-1-powerpc64le-dbg
linux-image-5.15.0-1-riscv64
linux-image-5.15.0-1-riscv64-dbg
linux-image-5.15.0-1-rpi
linux-image-5.15.0-1-rpi-dbg
linux-image-5.15.0-1-rt-686-pae-dbg
linux-image-5.15.0-1-rt-686-pae-unsigned
linux-image-5.15.0-1-rt-amd64-dbg
linux-image-5.15.0-1-rt-amd64-unsigned
linux-image-5.15.0-1-rt-arm64-dbg
linux-image-5.15.0-1-rt-arm64-unsigned
linux-image-5.15.0-1-rt-armmp
linux-image-5.15.0-1-rt-armmp-dbg
linux-image-5.15.0-1-s390x
linux-image-5.15.0-1-s390x-dbg
linux-image-5.15.0-1-sh7751r
linux-image-5.15.0-1-sh7751r-dbg
linux-image-5.15.0-1-sh7785lcr
linux-image-5.15.0-1-sh7785lcr-dbg
linux-image-5.15.0-1-sparc64
linux-image-5.15.0-1-sparc64-dbg
linux-image-5.15.0-1-sparc64-smp
linux-image-5.15.0-1-sparc64-smp-dbg
linux-image-5kc-malta
linux-image-5kc-malta-dbg
linux-image-686-dbg
linux-image-686-pae-dbg
linux-image-alpha-generic
linux-image-alpha-generic-dbg
linux-image-alpha-smp
linux-image-alpha-smp-dbg
linux-image-amd64-dbg
linux-image-amd64-signed-template
linux-image-arm64-dbg
linux-image-arm64-signed-template
linux-image-armmp (1 bugs: 0, 1, 0, 0)
linux-image-armmp-dbg
linux-image-armmp-lpae
linux-image-armmp-lpae-dbg
linux-image-cloud-amd64-dbg
linux-image-cloud-arm64-dbg
linux-image-i386-signed-template
linux-image-itanium
linux-image-itanium-dbg
linux-image-loongson-3
linux-image-loongson-3-dbg
linux-image-m68k
linux-image-m68k-dbg
linux-image-marvell
linux-image-marvell-dbg
linux-image-mckinley
linux-image-mckinley-dbg
linux-image-mips32r6
linux-image-mips32r6-dbg
linux-image-mips32r6el
linux-image-mips32r6el-dbg
linux-image-mips64r6
linux-image-mips64r6-dbg
linux-image-mips64r6el
linux-image-mips64r6el-dbg
linux-image-octeon
linux-image-octeon-dbg
linux-image-parisc
linux-image-parisc-smp
linux-image-parisc64
linux-image-parisc64-smp
linux-image-powerpc
linux-image-powerpc-dbg
linux-image-powerpc-smp
linux-image-powerpc-smp-dbg
linux-image-powerpc64
linux-image-powerpc64-dbg
linux-image-powerpc64le
linux-image-powerpc64le-dbg
linux-image-riscv64
linux-image-riscv64-dbg
linux-image-rpi
linux-image-rpi-dbg
linux-image-rt-686-pae-dbg
linux-image-rt-amd64-dbg
linux-image-rt-arm64-dbg
linux-image-rt-armmp
linux-image-rt-armmp-dbg
linux-image-s390x
linux-image-s390x-dbg
linux-image-sh7751r
linux-image-sh7751r-dbg
linux-image-sh7785lcr
linux-image-sh7785lcr-dbg
linux-image-sparc64
linux-image-sparc64-dbg
linux-image-sparc64-smp
linux-image-sparc64-smp-dbg
linux-kbuild-5.15
linux-libc-dev (6 bugs: 0, 2, 4, 0)
linux-perf
linux-perf-5.15
linux-source (1 bugs: 0, 1, 0, 0)
linux-source-5.15
linux-support-5.15.0-1
loop-modules-5.15.0-1-4kc-malta-di
loop-modules-5.15.0-1-5kc-malta-di
loop-modules-5.15.0-1-686-di
loop-modules-5.15.0-1-686-pae-di
loop-modules-5.15.0-1-alpha-generic-di
loop-modules-5.15.0-1-amd64-di
loop-modules-5.15.0-1-arm64-di
loop-modules-5.15.0-1-armmp-di
loop-modules-5.15.0-1-itanium-di
loop-modules-5.15.0-1-loongson-3-di
loop-modules-5.15.0-1-m68k-di
loop-modules-5.15.0-1-marvell-di
loop-modules-5.15.0-1-mips32r6-di
loop-modules-5.15.0-1-mips32r6el-di
loop-modules-5.15.0-1-mips64r6-di
loop-modules-5.15.0-1-mips64r6el-di
loop-modules-5.15.0-1-octeon-di
loop-modules-5.15.0-1-parisc-di
loop-modules-5.15.0-1-parisc64-di
loop-modules-5.15.0-1-powerpc-di
loop-modules-5.15.0-1-powerpc64-di
loop-modules-5.15.0-1-powerpc64le-di
loop-modules-5.15.0-1-riscv64-di
loop-modules-5.15.0-1-s390x-di
loop-modules-5.15.0-1-sh7751r-di
loop-modules-5.15.0-1-sh7785lcr-di
md-modules-5.15.0-1-4kc-malta-di
md-modules-5.15.0-1-5kc-malta-di
md-modules-5.15.0-1-686-di
md-modules-5.15.0-1-686-pae-di
md-modules-5.15.0-1-alpha-generic-di
md-modules-5.15.0-1-amd64-di
md-modules-5.15.0-1-arm64-di
md-modules-5.15.0-1-armmp-di
md-modules-5.15.0-1-itanium-di
md-modules-5.15.0-1-loongson-3-di
md-modules-5.15.0-1-m68k-di
md-modules-5.15.0-1-marvell-di
md-modules-5.15.0-1-mips32r6-di
md-modules-5.15.0-1-mips32r6el-di
md-modules-5.15.0-1-mips64r6-di
md-modules-5.15.0-1-mips64r6el-di
md-modules-5.15.0-1-octeon-di
md-modules-5.15.0-1-parisc-di
md-modules-5.15.0-1-parisc64-di
md-modules-5.15.0-1-powerpc-di
md-modules-5.15.0-1-powerpc64-di
md-modules-5.15.0-1-powerpc64le-di
md-modules-5.15.0-1-riscv64-di
md-modules-5.15.0-1-s390x-di
md-modules-5.15.0-1-sh7751r-di
md-modules-5.15.0-1-sh7785lcr-di
md-modules-5.15.0-1-sparc64-di
minix-modules-5.15.0-1-4kc-malta-di
minix-modules-5.15.0-1-5kc-malta-di
minix-modules-5.15.0-1-loongson-3-di
minix-modules-5.15.0-1-marvell-di
minix-modules-5.15.0-1-octeon-di
minix-modules-5.15.0-1-sh7751r-di
minix-modules-5.15.0-1-sh7785lcr-di
mmc-core-modules-5.15.0-1-4kc-malta-di
mmc-core-modules-5.15.0-1-5kc-malta-di
mmc-core-modules-5.15.0-1-686-di
mmc-core-modules-5.15.0-1-686-pae-di
mmc-core-modules-5.15.0-1-amd64-di
mmc-core-modules-5.15.0-1-marvell-di
mmc-core-modules-5.15.0-1-powerpc-di
mmc-core-modules-5.15.0-1-powerpc64-di
mmc-core-modules-5.15.0-1-riscv64-di
mmc-modules-5.15.0-1-4kc-malta-di
mmc-modules-5.15.0-1-5kc-malta-di
mmc-modules-5.15.0-1-686-di
mmc-modules-5.15.0-1-686-pae-di
mmc-modules-5.15.0-1-amd64-di
mmc-modules-5.15.0-1-arm64-di
mmc-modules-5.15.0-1-armmp-di
mmc-modules-5.15.0-1-marvell-di
mmc-modules-5.15.0-1-riscv64-di
mouse-modules-5.15.0-1-4kc-malta-di
mouse-modules-5.15.0-1-5kc-malta-di
mouse-modules-5.15.0-1-686-di
mouse-modules-5.15.0-1-686-pae-di
mouse-modules-5.15.0-1-alpha-generic-di
mouse-modules-5.15.0-1-amd64-di
mouse-modules-5.15.0-1-itanium-di
mouse-modules-5.15.0-1-marvell-di
mouse-modules-5.15.0-1-parisc-di
mouse-modules-5.15.0-1-parisc64-di
mouse-modules-5.15.0-1-powerpc-di
mouse-modules-5.15.0-1-powerpc64-di
mouse-modules-5.15.0-1-powerpc64le-di
mtd-core-modules-5.15.0-1-4kc-malta-di
mtd-core-modules-5.15.0-1-5kc-malta-di
mtd-core-modules-5.15.0-1-686-di
mtd-core-modules-5.15.0-1-686-pae-di
mtd-core-modules-5.15.0-1-amd64-di
mtd-core-modules-5.15.0-1-arm64-di
mtd-core-modules-5.15.0-1-itanium-di
mtd-core-modules-5.15.0-1-loongson-3-di
mtd-core-modules-5.15.0-1-marvell-di
mtd-core-modules-5.15.0-1-powerpc64-di
mtd-core-modules-5.15.0-1-powerpc64le-di
mtd-core-modules-5.15.0-1-riscv64-di
mtd-core-modules-5.15.0-1-s390x-di
mtd-modules-5.15.0-1-armmp-di
mtd-modules-5.15.0-1-marvell-di
mtd-modules-5.15.0-1-riscv64-di
multipath-modules-5.15.0-1-4kc-malta-di
multipath-modules-5.15.0-1-5kc-malta-di
multipath-modules-5.15.0-1-686-di
multipath-modules-5.15.0-1-686-pae-di
multipath-modules-5.15.0-1-alpha-generic-di
multipath-modules-5.15.0-1-amd64-di
multipath-modules-5.15.0-1-arm64-di
multipath-modules-5.15.0-1-armmp-di
multipath-modules-5.15.0-1-itanium-di
multipath-modules-5.15.0-1-loongson-3-di
multipath-modules-5.15.0-1-marvell-di
multipath-modules-5.15.0-1-mips32r6-di
multipath-modules-5.15.0-1-mips32r6el-di
multipath-modules-5.15.0-1-mips64r6-di
multipath-modules-5.15.0-1-mips64r6el-di
multipath-modules-5.15.0-1-octeon-di
multipath-modules-5.15.0-1-parisc-di
multipath-modules-5.15.0-1-parisc64-di
multipath-modules-5.15.0-1-powerpc-di
multipath-modules-5.15.0-1-powerpc64-di
multipath-modules-5.15.0-1-powerpc64le-di
multipath-modules-5.15.0-1-riscv64-di
multipath-modules-5.15.0-1-s390x-di
multipath-modules-5.15.0-1-sh7751r-di
multipath-modules-5.15.0-1-sh7785lcr-di
multipath-modules-5.15.0-1-sparc64-di
nbd-modules-5.15.0-1-4kc-malta-di
nbd-modules-5.15.0-1-5kc-malta-di
nbd-modules-5.15.0-1-686-di
nbd-modules-5.15.0-1-686-pae-di
nbd-modules-5.15.0-1-alpha-generic-di
nbd-modules-5.15.0-1-amd64-di
nbd-modules-5.15.0-1-arm64-di
nbd-modules-5.15.0-1-armmp-di
nbd-modules-5.15.0-1-itanium-di
nbd-modules-5.15.0-1-loongson-3-di
nbd-modules-5.15.0-1-m68k-di
nbd-modules-5.15.0-1-marvell-di
nbd-modules-5.15.0-1-mips32r6-di
nbd-modules-5.15.0-1-mips32r6el-di
nbd-modules-5.15.0-1-mips64r6-di
nbd-modules-5.15.0-1-mips64r6el-di
nbd-modules-5.15.0-1-octeon-di
nbd-modules-5.15.0-1-parisc-di
nbd-modules-5.15.0-1-parisc64-di
nbd-modules-5.15.0-1-powerpc-di
nbd-modules-5.15.0-1-powerpc64-di
nbd-modules-5.15.0-1-powerpc64le-di
nbd-modules-5.15.0-1-riscv64-di
nbd-modules-5.15.0-1-s390x-di
nbd-modules-5.15.0-1-sh7751r-di
nbd-modules-5.15.0-1-sh7785lcr-di
nbd-modules-5.15.0-1-sparc64-di
nfs-modules-5.15.0-1-loongson-3-di
nic-modules-5.15.0-1-4kc-malta-di
nic-modules-5.15.0-1-5kc-malta-di
nic-modules-5.15.0-1-686-di
nic-modules-5.15.0-1-686-pae-di
nic-modules-5.15.0-1-alpha-generic-di
nic-modules-5.15.0-1-amd64-di
nic-modules-5.15.0-1-arm64-di
nic-modules-5.15.0-1-armmp-di
nic-modules-5.15.0-1-itanium-di
nic-modules-5.15.0-1-loongson-3-di
nic-modules-5.15.0-1-m68k-di
nic-modules-5.15.0-1-marvell-di
nic-modules-5.15.0-1-octeon-di
nic-modules-5.15.0-1-parisc-di
nic-modules-5.15.0-1-parisc64-di
nic-modules-5.15.0-1-powerpc-di
nic-modules-5.15.0-1-powerpc64-di
nic-modules-5.15.0-1-powerpc64le-di
nic-modules-5.15.0-1-riscv64-di
nic-modules-5.15.0-1-s390x-di
nic-modules-5.15.0-1-sh7751r-di
nic-modules-5.15.0-1-sh7785lcr-di
nic-modules-5.15.0-1-sparc64-di
nic-pcmcia-modules-5.15.0-1-686-di
nic-pcmcia-modules-5.15.0-1-686-pae-di
nic-pcmcia-modules-5.15.0-1-alpha-generic-di
nic-pcmcia-modules-5.15.0-1-amd64-di
nic-pcmcia-modules-5.15.0-1-powerpc-di
nic-pcmcia-modules-5.15.0-1-powerpc64-di
nic-shared-modules-5.15.0-1-4kc-malta-di
nic-shared-modules-5.15.0-1-5kc-malta-di
nic-shared-modules-5.15.0-1-686-di
nic-shared-modules-5.15.0-1-686-pae-di
nic-shared-modules-5.15.0-1-alpha-generic-di
nic-shared-modules-5.15.0-1-amd64-di
nic-shared-modules-5.15.0-1-arm64-di
nic-shared-modules-5.15.0-1-armmp-di
nic-shared-modules-5.15.0-1-itanium-di
nic-shared-modules-5.15.0-1-loongson-3-di
nic-shared-modules-5.15.0-1-m68k-di
nic-shared-modules-5.15.0-1-marvell-di
nic-shared-modules-5.15.0-1-mips32r6-di
nic-shared-modules-5.15.0-1-mips32r6el-di
nic-shared-modules-5.15.0-1-mips64r6-di
nic-shared-modules-5.15.0-1-mips64r6el-di
nic-shared-modules-5.15.0-1-octeon-di
nic-shared-modules-5.15.0-1-parisc-di
nic-shared-modules-5.15.0-1-parisc64-di
nic-shared-modules-5.15.0-1-powerpc-di
nic-shared-modules-5.15.0-1-powerpc64-di
nic-shared-modules-5.15.0-1-powerpc64le-di
nic-shared-modules-5.15.0-1-riscv64-di
nic-shared-modules-5.15.0-1-sh7751r-di
nic-shared-modules-5.15.0-1-sh7785lcr-di
nic-shared-modules-5.15.0-1-sparc64-di
nic-usb-modules-5.15.0-1-4kc-malta-di
nic-usb-modules-5.15.0-1-5kc-malta-di
nic-usb-modules-5.15.0-1-686-di
nic-usb-modules-5.15.0-1-686-pae-di
nic-usb-modules-5.15.0-1-alpha-generic-di
nic-usb-modules-5.15.0-1-amd64-di
nic-usb-modules-5.15.0-1-arm64-di
nic-usb-modules-5.15.0-1-armmp-di
nic-usb-modules-5.15.0-1-itanium-di
nic-usb-modules-5.15.0-1-loongson-3-di
nic-usb-modules-5.15.0-1-marvell-di
nic-usb-modules-5.15.0-1-octeon-di
nic-usb-modules-5.15.0-1-parisc-di
nic-usb-modules-5.15.0-1-parisc64-di
nic-usb-modules-5.15.0-1-powerpc-di
nic-usb-modules-5.15.0-1-powerpc64-di
nic-usb-modules-5.15.0-1-powerpc64le-di
nic-usb-modules-5.15.0-1-riscv64-di
nic-usb-modules-5.15.0-1-sh7751r-di
nic-usb-modules-5.15.0-1-sh7785lcr-di
nic-usb-modules-5.15.0-1-sparc64-di
nic-wireless-modules-5.15.0-1-4kc-malta-di
nic-wireless-modules-5.15.0-1-5kc-malta-di
nic-wireless-modules-5.15.0-1-686-di
nic-wireless-modules-5.15.0-1-686-pae-di
nic-wireless-modules-5.15.0-1-alpha-generic-di
nic-wireless-modules-5.15.0-1-amd64-di
nic-wireless-modules-5.15.0-1-arm64-di
nic-wireless-modules-5.15.0-1-armmp-di
nic-wireless-modules-5.15.0-1-loongson-3-di
nic-wireless-modules-5.15.0-1-octeon-di
nic-wireless-modules-5.15.0-1-powerpc-di
nic-wireless-modules-5.15.0-1-powerpc64-di
nic-wireless-modules-5.15.0-1-powerpc64le-di
nic-wireless-modules-5.15.0-1-riscv64-di
pata-modules-5.15.0-1-4kc-malta-di
pata-modules-5.15.0-1-5kc-malta-di
pata-modules-5.15.0-1-686-di
pata-modules-5.15.0-1-686-pae-di
pata-modules-5.15.0-1-alpha-generic-di
pata-modules-5.15.0-1-amd64-di
pata-modules-5.15.0-1-armmp-di
pata-modules-5.15.0-1-itanium-di
pata-modules-5.15.0-1-loongson-3-di
pata-modules-5.15.0-1-m68k-di
pata-modules-5.15.0-1-octeon-di
pata-modules-5.15.0-1-parisc-di
pata-modules-5.15.0-1-parisc64-di
pata-modules-5.15.0-1-powerpc-di
pata-modules-5.15.0-1-powerpc64-di
pata-modules-5.15.0-1-riscv64-di
pata-modules-5.15.0-1-sh7751r-di
pata-modules-5.15.0-1-sh7785lcr-di
pata-modules-5.15.0-1-sparc64-di
pcmcia-modules-5.15.0-1-686-di
pcmcia-modules-5.15.0-1-686-pae-di
pcmcia-modules-5.15.0-1-alpha-generic-di
pcmcia-modules-5.15.0-1-amd64-di
pcmcia-modules-5.15.0-1-itanium-di
pcmcia-modules-5.15.0-1-powerpc-di
pcmcia-modules-5.15.0-1-powerpc64-di
pcmcia-storage-modules-5.15.0-1-686-di
pcmcia-storage-modules-5.15.0-1-686-pae-di
pcmcia-storage-modules-5.15.0-1-amd64-di
pcmcia-storage-modules-5.15.0-1-powerpc-di
pcmcia-storage-modules-5.15.0-1-powerpc64-di
ppp-modules-5.15.0-1-4kc-malta-di
ppp-modules-5.15.0-1-5kc-malta-di
ppp-modules-5.15.0-1-686-di
ppp-modules-5.15.0-1-686-pae-di
ppp-modules-5.15.0-1-alpha-generic-di
ppp-modules-5.15.0-1-amd64-di
ppp-modules-5.15.0-1-arm64-di
ppp-modules-5.15.0-1-armmp-di
ppp-modules-5.15.0-1-itanium-di
ppp-modules-5.15.0-1-loongson-3-di
ppp-modules-5.15.0-1-m68k-di
ppp-modules-5.15.0-1-marvell-di
ppp-modules-5.15.0-1-octeon-di
ppp-modules-5.15.0-1-parisc-di
ppp-modules-5.15.0-1-parisc64-di
ppp-modules-5.15.0-1-powerpc-di
ppp-modules-5.15.0-1-powerpc64-di
ppp-modules-5.15.0-1-powerpc64le-di
ppp-modules-5.15.0-1-riscv64-di
ppp-modules-5.15.0-1-sh7751r-di
ppp-modules-5.15.0-1-sh7785lcr-di
ppp-modules-5.15.0-1-sparc64-di
rfkill-modules-5.15.0-1-686-di
rfkill-modules-5.15.0-1-686-pae-di
rfkill-modules-5.15.0-1-amd64-di
rtc-modules-5.15.0-1-octeon-di
sata-modules-5.15.0-1-4kc-malta-di
sata-modules-5.15.0-1-5kc-malta-di
sata-modules-5.15.0-1-686-di
sata-modules-5.15.0-1-686-pae-di
sata-modules-5.15.0-1-alpha-generic-di
sata-modules-5.15.0-1-amd64-di
sata-modules-5.15.0-1-arm64-di
sata-modules-5.15.0-1-armmp-di
sata-modules-5.15.0-1-itanium-di
sata-modules-5.15.0-1-loongson-3-di
sata-modules-5.15.0-1-marvell-di
sata-modules-5.15.0-1-octeon-di
sata-modules-5.15.0-1-parisc-di
sata-modules-5.15.0-1-parisc64-di
sata-modules-5.15.0-1-powerpc-di
sata-modules-5.15.0-1-powerpc64-di
sata-modules-5.15.0-1-powerpc64le-di
sata-modules-5.15.0-1-riscv64-di
sata-modules-5.15.0-1-sh7751r-di
sata-modules-5.15.0-1-sh7785lcr-di
sata-modules-5.15.0-1-sparc64-di
scsi-core-modules-5.15.0-1-4kc-malta-di
scsi-core-modules-5.15.0-1-5kc-malta-di
scsi-core-modules-5.15.0-1-686-di
scsi-core-modules-5.15.0-1-686-pae-di
scsi-core-modules-5.15.0-1-alpha-generic-di
scsi-core-modules-5.15.0-1-amd64-di
scsi-core-modules-5.15.0-1-arm64-di
scsi-core-modules-5.15.0-1-armmp-di
scsi-core-modules-5.15.0-1-itanium-di
scsi-core-modules-5.15.0-1-loongson-3-di
scsi-core-modules-5.15.0-1-m68k-di
scsi-core-modules-5.15.0-1-marvell-di
scsi-core-modules-5.15.0-1-octeon-di
scsi-core-modules-5.15.0-1-parisc-di
scsi-core-modules-5.15.0-1-parisc64-di
scsi-core-modules-5.15.0-1-powerpc-di
scsi-core-modules-5.15.0-1-powerpc64-di
scsi-core-modules-5.15.0-1-powerpc64le-di
scsi-core-modules-5.15.0-1-riscv64-di
scsi-core-modules-5.15.0-1-s390x-di
scsi-core-modules-5.15.0-1-sparc64-di
scsi-modules-5.15.0-1-4kc-malta-di
scsi-modules-5.15.0-1-5kc-malta-di
scsi-modules-5.15.0-1-686-di
scsi-modules-5.15.0-1-686-pae-di
scsi-modules-5.15.0-1-alpha-generic-di
scsi-modules-5.15.0-1-amd64-di
scsi-modules-5.15.0-1-arm64-di
scsi-modules-5.15.0-1-armmp-di
scsi-modules-5.15.0-1-itanium-di
scsi-modules-5.15.0-1-loongson-3-di
scsi-modules-5.15.0-1-m68k-di
scsi-modules-5.15.0-1-octeon-di
scsi-modules-5.15.0-1-parisc-di
scsi-modules-5.15.0-1-parisc64-di
scsi-modules-5.15.0-1-powerpc-di
scsi-modules-5.15.0-1-powerpc64-di
scsi-modules-5.15.0-1-powerpc64le-di
scsi-modules-5.15.0-1-riscv64-di
scsi-modules-5.15.0-1-s390x-di
scsi-modules-5.15.0-1-sparc64-di
scsi-nic-modules-5.15.0-1-4kc-malta-di
scsi-nic-modules-5.15.0-1-5kc-malta-di
scsi-nic-modules-5.15.0-1-686-di
scsi-nic-modules-5.15.0-1-686-pae-di
scsi-nic-modules-5.15.0-1-alpha-generic-di
scsi-nic-modules-5.15.0-1-amd64-di
scsi-nic-modules-5.15.0-1-arm64-di
scsi-nic-modules-5.15.0-1-armmp-di
scsi-nic-modules-5.15.0-1-itanium-di
scsi-nic-modules-5.15.0-1-loongson-3-di
scsi-nic-modules-5.15.0-1-octeon-di
scsi-nic-modules-5.15.0-1-powerpc-di
scsi-nic-modules-5.15.0-1-powerpc64-di
scsi-nic-modules-5.15.0-1-powerpc64le-di
scsi-nic-modules-5.15.0-1-riscv64-di
serial-modules-5.15.0-1-686-di
serial-modules-5.15.0-1-686-pae-di
serial-modules-5.15.0-1-alpha-generic-di
serial-modules-5.15.0-1-amd64-di
serial-modules-5.15.0-1-itanium-di
serial-modules-5.15.0-1-parisc-di
serial-modules-5.15.0-1-parisc64-di
serial-modules-5.15.0-1-powerpc-di
serial-modules-5.15.0-1-powerpc64-di
serial-modules-5.15.0-1-powerpc64le-di
sound-modules-5.15.0-1-4kc-malta-di
sound-modules-5.15.0-1-5kc-malta-di
sound-modules-5.15.0-1-686-di
sound-modules-5.15.0-1-686-pae-di
sound-modules-5.15.0-1-amd64-di
sound-modules-5.15.0-1-loongson-3-di
sound-modules-5.15.0-1-octeon-di
sound-modules-5.15.0-1-sh7751r-di
sound-modules-5.15.0-1-sh7785lcr-di
speakup-modules-5.15.0-1-686-di
speakup-modules-5.15.0-1-686-pae-di
speakup-modules-5.15.0-1-amd64-di
speakup-modules-5.15.0-1-loongson-3-di
speakup-modules-5.15.0-1-sh7751r-di
speakup-modules-5.15.0-1-sh7785lcr-di
squashfs-modules-5.15.0-1-4kc-malta-di
squashfs-modules-5.15.0-1-5kc-malta-di
squashfs-modules-5.15.0-1-686-di
squashfs-modules-5.15.0-1-686-pae-di
squashfs-modules-5.15.0-1-alpha-generic-di
squashfs-modules-5.15.0-1-amd64-di
squashfs-modules-5.15.0-1-arm64-di
squashfs-modules-5.15.0-1-armmp-di
squashfs-modules-5.15.0-1-itanium-di
squashfs-modules-5.15.0-1-loongson-3-di
squashfs-modules-5.15.0-1-m68k-di
squashfs-modules-5.15.0-1-marvell-di
squashfs-modules-5.15.0-1-mips32r6-di
squashfs-modules-5.15.0-1-mips32r6el-di
squashfs-modules-5.15.0-1-mips64r6-di
squashfs-modules-5.15.0-1-mips64r6el-di
squashfs-modules-5.15.0-1-octeon-di
squashfs-modules-5.15.0-1-parisc-di
squashfs-modules-5.15.0-1-parisc64-di
squashfs-modules-5.15.0-1-powerpc-di
squashfs-modules-5.15.0-1-powerpc64-di
squashfs-modules-5.15.0-1-powerpc64le-di
squashfs-modules-5.15.0-1-riscv64-di
squashfs-modules-5.15.0-1-sh7751r-di
squashfs-modules-5.15.0-1-sh7785lcr-di
squashfs-modules-5.15.0-1-sparc64-di
srm-modules-5.15.0-1-alpha-generic-di
udf-modules-5.15.0-1-4kc-malta-di
udf-modules-5.15.0-1-5kc-malta-di
udf-modules-5.15.0-1-686-di
udf-modules-5.15.0-1-686-pae-di
udf-modules-5.15.0-1-amd64-di
udf-modules-5.15.0-1-arm64-di
udf-modules-5.15.0-1-armmp-di
udf-modules-5.15.0-1-itanium-di
udf-modules-5.15.0-1-loongson-3-di
udf-modules-5.15.0-1-m68k-di
udf-modules-5.15.0-1-marvell-di
udf-modules-5.15.0-1-mips32r6-di
udf-modules-5.15.0-1-mips32r6el-di
udf-modules-5.15.0-1-mips64r6-di
udf-modules-5.15.0-1-mips64r6el-di
udf-modules-5.15.0-1-octeon-di
udf-modules-5.15.0-1-powerpc-di
udf-modules-5.15.0-1-powerpc64-di
udf-modules-5.15.0-1-powerpc64le-di
udf-modules-5.15.0-1-riscv64-di
udf-modules-5.15.0-1-s390x-di
udf-modules-5.15.0-1-sh7751r-di
udf-modules-5.15.0-1-sh7785lcr-di
udf-modules-5.15.0-1-sparc64-di
ufs-modules-5.15.0-1-sparc64-di
uinput-modules-5.15.0-1-686-di
uinput-modules-5.15.0-1-686-pae-di
uinput-modules-5.15.0-1-amd64-di
uinput-modules-5.15.0-1-arm64-di
uinput-modules-5.15.0-1-armmp-di
uinput-modules-5.15.0-1-itanium-di
uinput-modules-5.15.0-1-marvell-di
uinput-modules-5.15.0-1-powerpc-di
uinput-modules-5.15.0-1-powerpc64-di
uinput-modules-5.15.0-1-powerpc64le-di
usb-modules-5.15.0-1-4kc-malta-di
usb-modules-5.15.0-1-5kc-malta-di
usb-modules-5.15.0-1-686-di
usb-modules-5.15.0-1-686-pae-di
usb-modules-5.15.0-1-alpha-generic-di
usb-modules-5.15.0-1-amd64-di
usb-modules-5.15.0-1-arm64-di
usb-modules-5.15.0-1-armmp-di
usb-modules-5.15.0-1-itanium-di
usb-modules-5.15.0-1-loongson-3-di
usb-modules-5.15.0-1-marvell-di
usb-modules-5.15.0-1-octeon-di
usb-modules-5.15.0-1-parisc-di
usb-modules-5.15.0-1-parisc64-di
usb-modules-5.15.0-1-powerpc-di
usb-modules-5.15.0-1-powerpc64-di
usb-modules-5.15.0-1-powerpc64le-di
usb-modules-5.15.0-1-riscv64-di
usb-modules-5.15.0-1-sparc64-di
usb-serial-modules-5.15.0-1-4kc-malta-di
usb-serial-modules-5.15.0-1-5kc-malta-di
usb-serial-modules-5.15.0-1-686-di
usb-serial-modules-5.15.0-1-686-pae-di
usb-serial-modules-5.15.0-1-alpha-generic-di
usb-serial-modules-5.15.0-1-amd64-di
usb-serial-modules-5.15.0-1-arm64-di
usb-serial-modules-5.15.0-1-armmp-di
usb-serial-modules-5.15.0-1-itanium-di
usb-serial-modules-5.15.0-1-loongson-3-di
usb-serial-modules-5.15.0-1-marvell-di
usb-serial-modules-5.15.0-1-octeon-di
usb-serial-modules-5.15.0-1-parisc-di
usb-serial-modules-5.15.0-1-parisc64-di
usb-serial-modules-5.15.0-1-powerpc-di
usb-serial-modules-5.15.0-1-powerpc64-di
usb-serial-modules-5.15.0-1-powerpc64le-di
usb-serial-modules-5.15.0-1-riscv64-di
usb-serial-modules-5.15.0-1-sh7751r-di
usb-serial-modules-5.15.0-1-sh7785lcr-di
usb-serial-modules-5.15.0-1-sparc64-di
usb-storage-modules-5.15.0-1-4kc-malta-di
usb-storage-modules-5.15.0-1-5kc-malta-di
usb-storage-modules-5.15.0-1-686-di
usb-storage-modules-5.15.0-1-686-pae-di
usb-storage-modules-5.15.0-1-alpha-generic-di
usb-storage-modules-5.15.0-1-amd64-di
usb-storage-modules-5.15.0-1-arm64-di
usb-storage-modules-5.15.0-1-armmp-di
usb-storage-modules-5.15.0-1-itanium-di
usb-storage-modules-5.15.0-1-loongson-3-di
usb-storage-modules-5.15.0-1-marvell-di
usb-storage-modules-5.15.0-1-octeon-di
usb-storage-modules-5.15.0-1-parisc-di
usb-storage-modules-5.15.0-1-parisc64-di
usb-storage-modules-5.15.0-1-powerpc-di
usb-storage-modules-5.15.0-1-powerpc64-di
usb-storage-modules-5.15.0-1-powerpc64le-di
usb-storage-modules-5.15.0-1-riscv64-di
usb-storage-modules-5.15.0-1-sh7751r-di
usb-storage-modules-5.15.0-1-sparc64-di
usbip (5 bugs: 0, 5, 0, 0)
xfs-modules-5.15.0-1-4kc-malta-di
xfs-modules-5.15.0-1-5kc-malta-di
xfs-modules-5.15.0-1-686-di
xfs-modules-5.15.0-1-686-pae-di
xfs-modules-5.15.0-1-alpha-generic-di
xfs-modules-5.15.0-1-amd64-di
xfs-modules-5.15.0-1-arm64-di
xfs-modules-5.15.0-1-itanium-di
xfs-modules-5.15.0-1-loongson-3-di
xfs-modules-5.15.0-1-mips32r6-di
xfs-modules-5.15.0-1-mips32r6el-di
xfs-modules-5.15.0-1-mips64r6-di
xfs-modules-5.15.0-1-mips64r6el-di
xfs-modules-5.15.0-1-octeon-di
xfs-modules-5.15.0-1-parisc-di
xfs-modules-5.15.0-1-parisc64-di
xfs-modules-5.15.0-1-powerpc-di
xfs-modules-5.15.0-1-powerpc64-di
xfs-modules-5.15.0-1-powerpc64le-di
xfs-modules-5.15.0-1-s390x-di
xfs-modules-5.15.0-1-sh7751r-di
xfs-modules-5.15.0-1-sh7785lcr-di
xfs-modules-5.15.0-1-sparc64-di

action needed

99 security issues in stretch high

There are 99 open security issues in stretch.

77 important issues:

CVE-2019-0145: Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
CVE-2019-0146: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0147: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0148: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0149: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-2213: In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel
CVE-2020-0030: In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-3702: u'Specifically timed and handcrafted traffic can cause internal errors in a WLAN device that lead to improper layer 2 Wi-Fi encryption with a consequent possibility of information disclosure over the air for a discrete set of traffic' in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, Snapdragon Consumer IOT, Snapdragon Industrial IOT, Snapdragon Mobile, Snapdragon Voice & Music, Snapdragon Wearables, Snapdragon Wired Infrastructure and Networking in APQ8053, IPQ4019, IPQ8064, MSM8909W, MSM8996AU, QCA9531, QCN5502, QCS405, SDX20, SM6150, SM7150
CVE-2021-0920:
CVE-2021-3600:
CVE-2021-3612: An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2021-3640:
CVE-2021-3653: A flaw was found in the KVM's AMD code for supporting SVM nested virtualization. The flaw occurs when processing the VMCB (virtual machine control block) provided by the L1 guest to spawn/handle a nested guest (L2). Due to improper validation of the "int_ctl" field, this issue could allow a malicious L1 to enable AVIC support (Advanced Virtual Interrupt Controller) for the L2 guest. As a result, the L2 guest would be allowed to read/write physical pages of the host, resulting in a crash of the entire system, leak of sensitive data or potential guest-to-host escape. This flaw affects Linux kernel versions prior to 5.14-rc7.
CVE-2021-3655: A vulnerability was found in the Linux kernel in versions prior to v5.14-rc1. Missing size validations on inbound SCTP packets may allow the kernel to read uninitialized memory.
CVE-2021-3669:
CVE-2021-3679: A lack of CPU resource in the Linux kernel tracing module functionality in versions prior to 5.14-rc3 was found in the way user uses trace ring buffer in a specific way. Only privileged local users (with CAP_SYS_ADMIN capability) could use this flaw to starve the resources causing denial of service.
CVE-2021-3732:
CVE-2021-3752:
CVE-2021-3753:
CVE-2021-3759:
CVE-2021-3772:
CVE-2021-3847:
CVE-2021-3892:
CVE-2021-4002:
CVE-2018-10322: The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.
CVE-2018-12929: ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.
CVE-2018-12930: ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
CVE-2018-12931: ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
CVE-2018-13095: An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
CVE-2019-12984: A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.
CVE-2019-19036: btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.
CVE-2019-19039: ** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.”
CVE-2019-19377: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-27835: A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
CVE-2020-36385: An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2021-20317: A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
CVE-2021-20321:
CVE-2021-20322:
CVE-2021-22543: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-29264: An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.
CVE-2021-33033: The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2021-33624: In kernel/bpf/verifier.c in the Linux kernel before 5.12.13, a branch can be mispredicted (e.g., because of type confusion) and consequently an unprivileged BPF program can read arbitrary memory locations via a side-channel attack, aka CID-9183671af6db.
CVE-2021-34556: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because the protection mechanism neglects the possibility of uninitialized memory locations on the BPF stack.
CVE-2021-35477: In the Linux kernel through 5.13.7, an unprivileged BPF program can obtain sensitive information from kernel memory via a Speculative Store Bypass side-channel attack because a certain preempting store operation does not necessarily occur before a store operation that has an attacker-controlled value.
CVE-2021-37159: hso_free_net_device in drivers/net/usb/hso.c in the Linux kernel through 5.13.4 calls unregister_netdev without checking for the NETREG_REGISTERED state, leading to a use-after-free and a double free.
CVE-2021-38160: ** DISPUTED ** In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior.
CVE-2021-38198: arch/x86/kvm/mmu/paging_tmpl.h in the Linux kernel before 5.12.11 incorrectly computes the access permissions of a shadow page, leading to a missing guest protection page fault.
CVE-2021-38199: fs/nfs/nfs4client.c in the Linux kernel before 5.13.4 has incorrect connection-setup ordering, which allows operators of remote NFSv4 servers to cause a denial of service (hanging of mounts) by arranging for those servers to be unreachable during trunking detection.
CVE-2021-38205: drivers/net/ethernet/xilinx/xilinx_emaclite.c in the Linux kernel before 5.13.3 makes it easier for attackers to defeat an ASLR protection mechanism because it prints a kernel pointer (i.e., the real IOMEM pointer).
CVE-2021-40490: A race condition was discovered in ext4_write_inline_data_end in fs/ext4/inline.c in the ext4 subsystem in the Linux kernel through 5.13.13.
CVE-2021-41864: prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
CVE-2021-42008: The decode_data function in drivers/net/hamradio/6pack.c in the Linux kernel before 5.13.13 has a slab out-of-bounds write. Input from a process that has the CAP_NET_ADMIN capability can lead to root access.
CVE-2021-42739: The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2021-43389: An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
CVE-2021-43975: In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976: In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

22 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-1108: kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
CVE-2018-7273: In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR.
CVE-2018-7754: The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
CVE-2019-3874: The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
CVE-2019-9245: In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2019-9444: In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
CVE-2019-9453: In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
CVE-2020-0067: In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.
CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2021-3506: An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CVE-2017-18232: The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2018-20449: The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
CVE-2020-27777: A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
CVE-2021-20320:
CVE-2021-28972: In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.
CVE-2021-37576: arch/powerpc/kvm/book3s_rtas.c in the Linux kernel through 5.13.5 on the powerpc platform allows KVM guest OS users to cause host OS memory corruption via rtas_args.nargs, aka CID-f62f3c20647e.
CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.
CVE-2021-38300: arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.

Created: 2021-02-19 Last update: 2021-11-27 00:00

28 security issues in sid high

There are 28 open security issues in sid.

28 important issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2021-3752:
CVE-2021-3847:
CVE-2021-3892:
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2019-16089: An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2021-43975: In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976: In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

Created: 2021-02-19 Last update: 2021-11-27 00:00

53 security issues in buster high

There are 53 open security issues in buster.

40 important issues:

CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
CVE-2021-3640:
CVE-2021-3669:
CVE-2021-3744:
CVE-2021-3752:
CVE-2021-3759:
CVE-2021-3764:
CVE-2021-3772:
CVE-2021-3847:
CVE-2021-3892:
CVE-2021-4002:
CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2020-16120: Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: verify permissions in ovl_path_open()"), 48bd024 ("ovl: switch to mounter creds in readdir") and 05acefb ("ovl: check permission to open real file"). Additionally, commits 130fdbc ("ovl: pass correct flags for opening real directory") and 292f902 ("ovl: call secutiry hook in ovl_real_ioctl()") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da ("ovl: do not fail because of O_NOATIMEi") in kernel 5.11.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26541: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-27835: A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
CVE-2020-36310: An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.
CVE-2020-36322: An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
CVE-2020-36385: An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2021-20317: A flaw was found in the Linux kernel. A corrupted timer tree caused the task wakeup to be missing in the timerqueue_add function in lib/timerqueue.c. This flaw allows a local attacker with special user privileges to cause a denial of service, slowing and eventually stopping the system while running OSP.
CVE-2021-20321:
CVE-2021-20322:
CVE-2021-28950: An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
CVE-2021-38300: arch/mips/net/bpf_jit.c in the Linux kernel before 5.4.10 can generate undesirable machine code when transforming unprivileged cBPF programs, allowing execution of arbitrary code within the kernel context. This occurs because conditional branches can exceed the 128 KB limit of the MIPS architecture.
CVE-2021-41864: prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
CVE-2021-42739: The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2021-43389: An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
CVE-2021-43975: In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976: In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

6 issues left for the package maintainer to handle:

CVE-2019-16089: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: (postponed; to be fixed through a stable update) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-15802: (postponed; to be fixed through a stable update) Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.

You can find information about how to handle these issues in the security team's documentation.

7 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2021-38207: drivers/net/ethernet/xilinx/ll_temac_main.c in the Linux kernel before 5.12.13 allows remote attackers to cause a denial of service (buffer overflow and lockup) by sending heavy network traffic for about ten minutes.

Created: 2021-02-19 Last update: 2021-11-27 00:00

44 security issues in bullseye high

There are 44 open security issues in bullseye.

30 important issues:

CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2021-3640:
CVE-2021-3669:
CVE-2021-3744:
CVE-2021-3752:
CVE-2021-3759:
CVE-2021-3764:
CVE-2021-3772:
CVE-2021-3847:
CVE-2021-3892:
CVE-2021-4001:
CVE-2021-4002:
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2021-20321:
CVE-2021-41864: prealloc_elems_and_freelist in kernel/bpf/stackmap.c in the Linux kernel through 5.14.9 allows unprivileged users to trigger an eBPF multiplication integer overflow with a resultant out-of-bounds write.
CVE-2021-42327: dp_link_settings_write in drivers/gpu/drm/amd/display/amdgpu_dm/amdgpu_dm_debugfs.c in the Linux kernel through 5.14.14 allows a heap-based buffer overflow by an attacker who can write a string to the AMD GPU display drivers debug filesystem. There are no checks on size within parse_write_buffer_into_params when it uses the size of copy_from_user to copy a userspace buffer into a 40-byte heap buffer.
CVE-2021-42739: The firewire subsystem in the Linux kernel through 5.14.13 has a buffer overflow related to drivers/media/firewire/firedtv-avc.c and drivers/media/firewire/firedtv-ci.c, because avc_ca_pmt mishandles bounds checking.
CVE-2021-43056: An issue was discovered in the Linux kernel for powerpc before 5.14.15. It allows a malicious KVM guest to crash the host, when the host is running on Power8, due to an arch/powerpc/kvm/book3s_hv_rmhandlers.S implementation bug in the handling of the SRR1 register values.
CVE-2021-43267: An issue was discovered in net/tipc/crypto.c in the Linux kernel before 5.14.16. The Transparent Inter-Process Communication (TIPC) functionality allows remote attackers to exploit insufficient validation of user-supplied sizes for the MSG_CRYPTO message type.
CVE-2021-43389: An issue was discovered in the Linux kernel before 5.14.15. There is an array-index-out-of-bounds flaw in the detach_capi_ctr function in drivers/isdn/capi/kcapi.c.
CVE-2021-43975: In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976: In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

7 issues left for the package maintainer to handle:

CVE-2019-15213: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-16089: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: (postponed; to be fixed through a stable update) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-15802: (postponed; to be fixed through a stable update) Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.

You can find information about how to handle these issues in the security team's documentation.

7 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-24504: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.

Created: 2021-02-19 Last update: 2021-11-27 00:00

30 security issues in bookworm high

There are 30 open security issues in bookworm.

30 important issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2021-3752:
CVE-2021-3847:
CVE-2021-3892:
CVE-2021-4001:
CVE-2021-4002:
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2019-16089: An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2021-43975: In the Linux kernel through 5.15.2, hw_atl_utils_fw_rpc_wait in drivers/net/ethernet/aquantia/atlantic/hw_atl/hw_atl_utils.c allows an attacker (who can introduce a crafted device) to trigger an out-of-bounds write via a crafted length value.
CVE-2021-43976: In the Linux kernel through 5.15.2, mwifiex_usb_recv in drivers/net/wireless/marvell/mwifiex/usb.c allows an attacker (who can connect a crafted USB device) to cause a denial of service (skb_over_panic).

Created: 2021-08-15 Last update: 2021-11-27 00:00

A new upstream version is available: 5.15.4 high

A new upstream version 5.15.4 is available, you should consider packaging it.

Created: 2021-11-23 Last update: 2021-11-26 19:31

17 bugs tagged patch in the BTS normal

The BTS contains patches fixing 17 bugs, consider including or untagging them.

Created: 2021-08-14 Last update: 2021-11-27 01:01

Depends on packages which need a new maintainer normal

The packages that linux depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2021-11-27 00:32

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

libcpupower-dev could be marked Multi-Arch: same
libcpupower1 could be marked Multi-Arch: same

Created: 2021-11-21 Last update: 2021-11-26 21:04

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2021-04-16 Last update: 2021-11-26 13:07

version in VCS is newer than in repository, is it time to upload? normal

vcswatch reports that this package seems to have a new changelog entry (version 5.16~rc2-1~exp1, distribution UNRELEASED) and new commits in its VCS. You should consider whether it's time to make an upload.

Here are the relevant commit messages:

commit 289ab9ca9a4dcf62b8ef85e02c79a8b3e2e594ad
Merge: 9ca50d21f c31934df4
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Fri Nov 26 10:34:59 2021 +0100

    Merge tag 'debian/5.15.5-1'
    
    Release linux (5.15.5-1).

commit 9ca50d21f88089e363ff0de1eceba235f33d136f
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Mon Nov 22 21:09:21 2021 +0100

    [rt] Update to 5.16-rc2-rt4

commit 99156534b7782eab3cdcc1265b0bbef693cca05e
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Mon Nov 22 12:57:55 2021 +0100

    Update to 5.16-rc2
    
    Drop patches applied upstream

commit 210389fdac5258488acede48b84761cc17e46b40
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Fri Nov 19 22:45:28 2021 +0100

    Prepare to release linux (5.16~rc1-1~exp1).

commit e68c66d9a3fa25a1f1e575bebd9afc9322891edd
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Fri Nov 19 20:30:09 2021 +0100

    fs/ksmbd: Enable SMB_SERVER as module
    
    Closes: #998835

commit 8151c7ccc6a8072bfdc1f88dad4c36994d5cf394
Author: Aurelien Jarno <aurelien@aurel32.net>
Date:   Fri Nov 19 20:03:42 2021 +0100

    [riscv64] Enable VIRTUALIZATION and KVM.

commit 3a85153d0344e219b974ce599a415f4575576c6a
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Fri Nov 19 15:47:11 2021 +0100

    debian/config: Clean up with the help of kconfigeditor2
    
    Gbp-Dch: Ignore

commit 74b63d0e905a2b15b83941974f906e269a3b1f62
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Fri Nov 19 15:41:24 2021 +0100

    [rt] Update to 5.16-rc1-rt2

commit 4e349c06e109496a5194b5a41737e46ba9a4b1c3
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Fri Nov 19 15:21:44 2021 +0100

    Update to 5.16-rc1

commit 6bf54c230502669bb835e1354490cb85ac15afc0
Merge: 332629373 00a0efdb5
Author: Salvatore Bonaccorso <carnil@debian.org>
Date:   Thu Nov 18 22:52:29 2021 +0100

    Merge tag 'debian/5.15.3-1'
    
    Release linux (5.15.3-1).
    
    Set ABI to trunk

Created: 2021-11-22 Last update: 2021-11-26 10:07

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2021-03-20 Last update: 2021-10-14 18:58

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.6.0 instead of 4.2.0).

Created: 2017-12-02 Last update: 2021-11-19 23:39

testing migrations

excuses:
- Migration status for linux (5.15.3-1 to 5.15.5-1): BLOCKED: Maybe temporary, maybe blocked but Britney is missing information (check below)
- Issues preventing migration:
- missing build on arm64
- missing build on armel
- missing build on armhf
- missing build on mips64el
- missing build on mipsel
- missing build on ppc64el
- Waiting for piuparts test results (stalls migration) - https://piuparts.debian.org/sid/source/l/linux.html
- arch:arm64 not built yet, autopkgtest delayed there
- arch:armhf not built yet, autopkgtest delayed there
- arch:ppc64el not built yet, autopkgtest delayed there
- autopkgtest for linux/5.15.5-1: amd64: No test results, i386: No test results
- Too young, only 0 of 5 days old
- Not considered

news

[rss feed]

[2021-11-26] Accepted linux 5.15.5-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-11-26] linux 5.15.3-1 MIGRATED to testing (Debian testing watch)
[2021-11-20] Accepted linux 5.16~rc1-1~exp1 (source) into experimental, experimental (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-11-19] Accepted linux 5.15.3-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-11-15] Accepted linux 5.15.2-1~exp1 (source) into experimental, experimental (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-11-15] linux 5.14.16-1 MIGRATED to testing (Debian testing watch)
[2021-11-07] Accepted linux 5.15.1-1~exp1 (source) into experimental (Salvatore Bonaccorso)
[2021-11-04] Accepted linux 5.15-1~exp1 (source) into experimental, experimental (Debian FTP Masters) (signed by: Bastian Blank)
[2021-11-03] Accepted linux 5.14.16-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-10-20] Accepted linux 5.10.70-1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Ben Hutchings)
[2021-10-15] Accepted linux 5.14.9-2~bpo11+1 (source) into bullseye-backports, bullseye-backports (Debian FTP Masters) (signed by: Ben Hutchings)
[2021-10-14] Accepted linux 5.14.12-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-10-09] linux 5.14.9-2 MIGRATED to testing (Debian testing watch)
[2021-10-03] Accepted linux 5.14.9-2 (source) into unstable (Salvatore Bonaccorso)
[2021-10-03] Accepted linux 5.14.9-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-09-30] Accepted linux 5.10.70-1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-09-30] Accepted linux 4.19.208-1 (source) into oldstable-proposed-updates->oldstable-new, oldstable-proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-09-28] Accepted linux 5.14.6-3 (source) into unstable (Salvatore Bonaccorso)
[2021-09-28] linux 5.14.6-2 MIGRATED to testing (Debian testing watch)
[2021-09-25] Accepted linux 5.10.46-5 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-09-25] Accepted linux 5.10.46-5 (source) into stable-security->embargoed, stable-security (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-09-19] Accepted linux 5.14.6-2 (source) into unstable (Salvatore Bonaccorso)
[2021-09-19] Accepted linux 5.14.6-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-09-12] Accepted linux 5.14.3-1~exp1 (source) into experimental (Salvatore Bonaccorso)
[2021-09-09] Accepted linux 5.14.2-1~exp1 (source) into experimental (Salvatore Bonaccorso)
[2021-09-07] Accepted linux 5.14.1-1~exp1 (source) into experimental (Salvatore Bonaccorso)
[2021-09-05] Accepted linux 5.14-1~exp2 (source) into experimental (Bastian Blank)
[2021-09-01] Accepted linux 5.14-1~exp1 (source) into experimental, experimental (Debian FTP Masters) (signed by: Bastian Blank)
[2021-08-20] Accepted linux 5.13.12-1~exp1 (source) into experimental (Bastian Blank)
[2021-08-16] Accepted linux 5.10.46-4~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)

bugs [bug history graph]

all: 813 854
RC: 1
I&N: 706 741
M&W: 106 112
F&P: 0
patch: 17

links

homepage
buildd: logs, exp, checks, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
l10n (-, 41)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.13.0-19.19
7651 bugs (286 patches)