linux - Debian Package Tracker

general

source: linux (main)
version: 5.10.40-1
maintainer: Debian Kernel Team (archive) (DMD)
uploaders: maximilian attems [DMD] – Salvatore Bonaccorso [DMD] – Ben Hutchings [DMD] – Bastian Blank [DMD]
arch: all
std-ver: 4.2.0
VCS: Git (Browse, QA)

versions [more versions can be listed by madison] [old versions available from snapshot.debian.org]

[pool directory]

oldstable: 4.9.228-1
old-sec: 4.9.258-1
old-bpo: 4.19.118-2+deb10u1~bpo9+1
stable: 4.19.171-2
stable-sec: 4.19.171-2
stable-bpo: 5.10.40-1~bpo10+1
stable-p-u: 4.19.194-1
testing: 5.10.40-1
unstable: 5.10.40-1

versioned links

4.9.228-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.246-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.9.258-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.118-2+deb10u1~bpo9+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.160-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.171-2: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
4.19.194-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9.1-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9.6-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9.11-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9.15-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.9.15-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.5-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.9-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.13-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.13-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.19-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.19-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.24-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.26-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.28-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.40-1~bpo10+1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]
5.10.40-1: [.dsc, use dget on this link to retrieve source package] [changelog] [copyright] [rules] [control]

binaries

acpi-modules-5.10.0-7-686-di
acpi-modules-5.10.0-7-686-pae-di
acpi-modules-5.10.0-7-amd64-di
affs-modules-5.10.0-7-4kc-malta-di
affs-modules-5.10.0-7-5kc-malta-di
affs-modules-5.10.0-7-loongson-3-di
affs-modules-5.10.0-7-m68k-di
affs-modules-5.10.0-7-octeon-di
affs-modules-5.10.0-7-powerpc-di
affs-modules-5.10.0-7-powerpc64-di
ata-modules-5.10.0-7-4kc-malta-di
ata-modules-5.10.0-7-5kc-malta-di
ata-modules-5.10.0-7-686-di
ata-modules-5.10.0-7-686-pae-di
ata-modules-5.10.0-7-alpha-generic-di
ata-modules-5.10.0-7-amd64-di
ata-modules-5.10.0-7-arm64-di
ata-modules-5.10.0-7-armmp-di
ata-modules-5.10.0-7-itanium-di
ata-modules-5.10.0-7-loongson-3-di
ata-modules-5.10.0-7-m68k-di
ata-modules-5.10.0-7-parisc-di
ata-modules-5.10.0-7-parisc64-di
ata-modules-5.10.0-7-powerpc-di
ata-modules-5.10.0-7-powerpc64-di
ata-modules-5.10.0-7-powerpc64le-di
ata-modules-5.10.0-7-riscv64-di
ata-modules-5.10.0-7-sparc64-di
bpftool (1 bugs: 0, 0, 1, 0)
btrfs-modules-5.10.0-7-4kc-malta-di
btrfs-modules-5.10.0-7-5kc-malta-di
btrfs-modules-5.10.0-7-686-di
btrfs-modules-5.10.0-7-686-pae-di
btrfs-modules-5.10.0-7-alpha-generic-di
btrfs-modules-5.10.0-7-amd64-di
btrfs-modules-5.10.0-7-arm64-di
btrfs-modules-5.10.0-7-armmp-di
btrfs-modules-5.10.0-7-itanium-di
btrfs-modules-5.10.0-7-loongson-3-di
btrfs-modules-5.10.0-7-m68k-di
btrfs-modules-5.10.0-7-marvell-di
btrfs-modules-5.10.0-7-mips32r6-di
btrfs-modules-5.10.0-7-mips32r6el-di
btrfs-modules-5.10.0-7-mips64r6-di
btrfs-modules-5.10.0-7-mips64r6el-di
btrfs-modules-5.10.0-7-octeon-di
btrfs-modules-5.10.0-7-parisc-di
btrfs-modules-5.10.0-7-parisc64-di
btrfs-modules-5.10.0-7-powerpc-di
btrfs-modules-5.10.0-7-powerpc64-di
btrfs-modules-5.10.0-7-powerpc64le-di
btrfs-modules-5.10.0-7-riscv64-di
btrfs-modules-5.10.0-7-s390x-di
btrfs-modules-5.10.0-7-sh7751r-di
btrfs-modules-5.10.0-7-sh7785lcr-di
btrfs-modules-5.10.0-7-sparc64-di
cdrom-core-modules-5.10.0-7-4kc-malta-di
cdrom-core-modules-5.10.0-7-5kc-malta-di
cdrom-core-modules-5.10.0-7-686-di
cdrom-core-modules-5.10.0-7-686-pae-di
cdrom-core-modules-5.10.0-7-alpha-generic-di
cdrom-core-modules-5.10.0-7-amd64-di
cdrom-core-modules-5.10.0-7-arm64-di
cdrom-core-modules-5.10.0-7-armmp-di
cdrom-core-modules-5.10.0-7-itanium-di
cdrom-core-modules-5.10.0-7-loongson-3-di
cdrom-core-modules-5.10.0-7-m68k-di
cdrom-core-modules-5.10.0-7-marvell-di
cdrom-core-modules-5.10.0-7-octeon-di
cdrom-core-modules-5.10.0-7-parisc-di
cdrom-core-modules-5.10.0-7-parisc64-di
cdrom-core-modules-5.10.0-7-powerpc-di
cdrom-core-modules-5.10.0-7-powerpc64-di
cdrom-core-modules-5.10.0-7-powerpc64le-di
cdrom-core-modules-5.10.0-7-riscv64-di
cdrom-core-modules-5.10.0-7-s390x-di
cdrom-core-modules-5.10.0-7-sh7751r-di
cdrom-core-modules-5.10.0-7-sh7785lcr-di
cdrom-core-modules-5.10.0-7-sparc64-di
crc-modules-5.10.0-7-4kc-malta-di
crc-modules-5.10.0-7-5kc-malta-di
crc-modules-5.10.0-7-686-di
crc-modules-5.10.0-7-686-pae-di
crc-modules-5.10.0-7-alpha-generic-di
crc-modules-5.10.0-7-amd64-di
crc-modules-5.10.0-7-arm64-di
crc-modules-5.10.0-7-armmp-di
crc-modules-5.10.0-7-itanium-di
crc-modules-5.10.0-7-loongson-3-di
crc-modules-5.10.0-7-m68k-di
crc-modules-5.10.0-7-marvell-di
crc-modules-5.10.0-7-mips32r6-di
crc-modules-5.10.0-7-mips32r6el-di
crc-modules-5.10.0-7-mips64r6-di
crc-modules-5.10.0-7-mips64r6el-di
crc-modules-5.10.0-7-octeon-di
crc-modules-5.10.0-7-parisc-di
crc-modules-5.10.0-7-parisc64-di
crc-modules-5.10.0-7-powerpc-di
crc-modules-5.10.0-7-powerpc64-di
crc-modules-5.10.0-7-powerpc64le-di
crc-modules-5.10.0-7-riscv64-di
crc-modules-5.10.0-7-s390x-di
crc-modules-5.10.0-7-sh7751r-di
crc-modules-5.10.0-7-sh7785lcr-di
crc-modules-5.10.0-7-sparc64-di
crypto-dm-modules-5.10.0-7-4kc-malta-di
crypto-dm-modules-5.10.0-7-5kc-malta-di
crypto-dm-modules-5.10.0-7-686-di
crypto-dm-modules-5.10.0-7-686-pae-di
crypto-dm-modules-5.10.0-7-alpha-generic-di
crypto-dm-modules-5.10.0-7-amd64-di
crypto-dm-modules-5.10.0-7-arm64-di
crypto-dm-modules-5.10.0-7-armmp-di
crypto-dm-modules-5.10.0-7-itanium-di
crypto-dm-modules-5.10.0-7-loongson-3-di
crypto-dm-modules-5.10.0-7-marvell-di
crypto-dm-modules-5.10.0-7-mips32r6-di
crypto-dm-modules-5.10.0-7-mips32r6el-di
crypto-dm-modules-5.10.0-7-mips64r6-di
crypto-dm-modules-5.10.0-7-mips64r6el-di
crypto-dm-modules-5.10.0-7-octeon-di
crypto-dm-modules-5.10.0-7-parisc-di
crypto-dm-modules-5.10.0-7-parisc64-di
crypto-dm-modules-5.10.0-7-powerpc-di
crypto-dm-modules-5.10.0-7-powerpc64-di
crypto-dm-modules-5.10.0-7-powerpc64le-di
crypto-dm-modules-5.10.0-7-riscv64-di
crypto-dm-modules-5.10.0-7-s390x-di
crypto-dm-modules-5.10.0-7-sh7751r-di
crypto-dm-modules-5.10.0-7-sh7785lcr-di
crypto-dm-modules-5.10.0-7-sparc64-di
crypto-modules-5.10.0-7-4kc-malta-di
crypto-modules-5.10.0-7-5kc-malta-di
crypto-modules-5.10.0-7-686-di
crypto-modules-5.10.0-7-686-pae-di
crypto-modules-5.10.0-7-alpha-generic-di
crypto-modules-5.10.0-7-amd64-di
crypto-modules-5.10.0-7-arm64-di
crypto-modules-5.10.0-7-armmp-di
crypto-modules-5.10.0-7-itanium-di
crypto-modules-5.10.0-7-loongson-3-di
crypto-modules-5.10.0-7-m68k-di
crypto-modules-5.10.0-7-marvell-di
crypto-modules-5.10.0-7-mips32r6-di
crypto-modules-5.10.0-7-mips32r6el-di
crypto-modules-5.10.0-7-mips64r6-di
crypto-modules-5.10.0-7-mips64r6el-di
crypto-modules-5.10.0-7-octeon-di
crypto-modules-5.10.0-7-parisc-di
crypto-modules-5.10.0-7-parisc64-di
crypto-modules-5.10.0-7-powerpc-di
crypto-modules-5.10.0-7-powerpc64-di
crypto-modules-5.10.0-7-powerpc64le-di
crypto-modules-5.10.0-7-riscv64-di
crypto-modules-5.10.0-7-s390x-di
crypto-modules-5.10.0-7-sh7751r-di
crypto-modules-5.10.0-7-sh7785lcr-di
crypto-modules-5.10.0-7-sparc64-di
dasd-extra-modules-5.10.0-7-s390x-di
dasd-modules-5.10.0-7-s390x-di
efi-modules-5.10.0-7-686-di
efi-modules-5.10.0-7-686-pae-di
efi-modules-5.10.0-7-amd64-di
efi-modules-5.10.0-7-arm64-di
efi-modules-5.10.0-7-armmp-di
event-modules-5.10.0-7-4kc-malta-di
event-modules-5.10.0-7-5kc-malta-di
event-modules-5.10.0-7-686-di
event-modules-5.10.0-7-686-pae-di
event-modules-5.10.0-7-alpha-generic-di
event-modules-5.10.0-7-amd64-di
event-modules-5.10.0-7-arm64-di
event-modules-5.10.0-7-armmp-di
event-modules-5.10.0-7-itanium-di
event-modules-5.10.0-7-loongson-3-di
event-modules-5.10.0-7-marvell-di
event-modules-5.10.0-7-octeon-di
event-modules-5.10.0-7-parisc-di
event-modules-5.10.0-7-parisc64-di
event-modules-5.10.0-7-powerpc-di
event-modules-5.10.0-7-powerpc64-di
event-modules-5.10.0-7-powerpc64le-di
event-modules-5.10.0-7-riscv64-di
ext4-modules-5.10.0-7-4kc-malta-di
ext4-modules-5.10.0-7-5kc-malta-di
ext4-modules-5.10.0-7-686-di
ext4-modules-5.10.0-7-686-pae-di
ext4-modules-5.10.0-7-alpha-generic-di
ext4-modules-5.10.0-7-amd64-di
ext4-modules-5.10.0-7-arm64-di
ext4-modules-5.10.0-7-armmp-di
ext4-modules-5.10.0-7-itanium-di
ext4-modules-5.10.0-7-loongson-3-di
ext4-modules-5.10.0-7-m68k-di
ext4-modules-5.10.0-7-marvell-di
ext4-modules-5.10.0-7-mips32r6-di
ext4-modules-5.10.0-7-mips32r6el-di
ext4-modules-5.10.0-7-mips64r6-di
ext4-modules-5.10.0-7-mips64r6el-di
ext4-modules-5.10.0-7-octeon-di
ext4-modules-5.10.0-7-parisc-di
ext4-modules-5.10.0-7-parisc64-di
ext4-modules-5.10.0-7-powerpc-di
ext4-modules-5.10.0-7-powerpc64-di
ext4-modules-5.10.0-7-powerpc64le-di
ext4-modules-5.10.0-7-riscv64-di
ext4-modules-5.10.0-7-s390x-di
ext4-modules-5.10.0-7-sh7751r-di
ext4-modules-5.10.0-7-sh7785lcr-di
ext4-modules-5.10.0-7-sparc64-di
f2fs-modules-5.10.0-7-4kc-malta-di
f2fs-modules-5.10.0-7-5kc-malta-di
f2fs-modules-5.10.0-7-686-di
f2fs-modules-5.10.0-7-686-pae-di
f2fs-modules-5.10.0-7-alpha-generic-di
f2fs-modules-5.10.0-7-amd64-di
f2fs-modules-5.10.0-7-arm64-di
f2fs-modules-5.10.0-7-armmp-di
f2fs-modules-5.10.0-7-itanium-di
f2fs-modules-5.10.0-7-loongson-3-di
f2fs-modules-5.10.0-7-marvell-di
f2fs-modules-5.10.0-7-mips32r6-di
f2fs-modules-5.10.0-7-mips32r6el-di
f2fs-modules-5.10.0-7-mips64r6-di
f2fs-modules-5.10.0-7-mips64r6el-di
f2fs-modules-5.10.0-7-octeon-di
f2fs-modules-5.10.0-7-parisc-di
f2fs-modules-5.10.0-7-parisc64-di
f2fs-modules-5.10.0-7-powerpc-di
f2fs-modules-5.10.0-7-powerpc64-di
f2fs-modules-5.10.0-7-powerpc64le-di
f2fs-modules-5.10.0-7-riscv64-di
f2fs-modules-5.10.0-7-s390x-di
f2fs-modules-5.10.0-7-sh7751r-di
f2fs-modules-5.10.0-7-sh7785lcr-di
f2fs-modules-5.10.0-7-sparc64-di
fancontrol-modules-5.10.0-7-powerpc64-di
fancontrol-modules-5.10.0-7-powerpc64le-di
fat-modules-5.10.0-7-4kc-malta-di
fat-modules-5.10.0-7-5kc-malta-di
fat-modules-5.10.0-7-686-di
fat-modules-5.10.0-7-686-pae-di
fat-modules-5.10.0-7-alpha-generic-di
fat-modules-5.10.0-7-amd64-di
fat-modules-5.10.0-7-arm64-di
fat-modules-5.10.0-7-armmp-di
fat-modules-5.10.0-7-itanium-di
fat-modules-5.10.0-7-loongson-3-di
fat-modules-5.10.0-7-m68k-di
fat-modules-5.10.0-7-marvell-di
fat-modules-5.10.0-7-octeon-di
fat-modules-5.10.0-7-parisc-di
fat-modules-5.10.0-7-parisc64-di
fat-modules-5.10.0-7-powerpc-di
fat-modules-5.10.0-7-powerpc64-di
fat-modules-5.10.0-7-powerpc64le-di
fat-modules-5.10.0-7-riscv64-di
fat-modules-5.10.0-7-s390x-di
fat-modules-5.10.0-7-sh7751r-di
fat-modules-5.10.0-7-sh7785lcr-di
fat-modules-5.10.0-7-sparc64-di
fb-modules-5.10.0-7-4kc-malta-di
fb-modules-5.10.0-7-5kc-malta-di
fb-modules-5.10.0-7-686-di
fb-modules-5.10.0-7-686-pae-di
fb-modules-5.10.0-7-alpha-generic-di
fb-modules-5.10.0-7-amd64-di
fb-modules-5.10.0-7-arm64-di
fb-modules-5.10.0-7-armmp-di
fb-modules-5.10.0-7-itanium-di
fb-modules-5.10.0-7-loongson-3-di
fb-modules-5.10.0-7-marvell-di
fb-modules-5.10.0-7-parisc64-di
fb-modules-5.10.0-7-powerpc-di
fb-modules-5.10.0-7-powerpc64-di
fb-modules-5.10.0-7-powerpc64le-di
fb-modules-5.10.0-7-riscv64-di
fb-modules-5.10.0-7-sparc64-di
firewire-core-modules-5.10.0-7-686-di
firewire-core-modules-5.10.0-7-686-pae-di
firewire-core-modules-5.10.0-7-amd64-di
firewire-core-modules-5.10.0-7-itanium-di
firewire-core-modules-5.10.0-7-loongson-3-di
firewire-core-modules-5.10.0-7-powerpc-di
firewire-core-modules-5.10.0-7-powerpc64-di
firewire-core-modules-5.10.0-7-powerpc64le-di
firewire-core-modules-5.10.0-7-sh7751r-di
firewire-core-modules-5.10.0-7-sh7785lcr-di
fuse-modules-5.10.0-7-4kc-malta-di
fuse-modules-5.10.0-7-5kc-malta-di
fuse-modules-5.10.0-7-686-di
fuse-modules-5.10.0-7-686-pae-di
fuse-modules-5.10.0-7-alpha-generic-di
fuse-modules-5.10.0-7-amd64-di
fuse-modules-5.10.0-7-arm64-di
fuse-modules-5.10.0-7-armmp-di
fuse-modules-5.10.0-7-itanium-di
fuse-modules-5.10.0-7-loongson-3-di
fuse-modules-5.10.0-7-m68k-di
fuse-modules-5.10.0-7-marvell-di
fuse-modules-5.10.0-7-mips32r6-di
fuse-modules-5.10.0-7-mips32r6el-di
fuse-modules-5.10.0-7-mips64r6-di
fuse-modules-5.10.0-7-mips64r6el-di
fuse-modules-5.10.0-7-octeon-di
fuse-modules-5.10.0-7-parisc-di
fuse-modules-5.10.0-7-parisc64-di
fuse-modules-5.10.0-7-powerpc-di
fuse-modules-5.10.0-7-powerpc64-di
fuse-modules-5.10.0-7-powerpc64le-di
fuse-modules-5.10.0-7-riscv64-di
fuse-modules-5.10.0-7-s390x-di
fuse-modules-5.10.0-7-sh7751r-di
fuse-modules-5.10.0-7-sh7785lcr-di
fuse-modules-5.10.0-7-sparc64-di
hfs-modules-5.10.0-7-m68k-di
hfs-modules-5.10.0-7-powerpc-di
hfs-modules-5.10.0-7-powerpc64-di
hyperv-daemons (1 bugs: 0, 1, 0, 0)
hypervisor-modules-5.10.0-7-powerpc64-di
hypervisor-modules-5.10.0-7-powerpc64le-di
i2c-modules-5.10.0-7-4kc-malta-di
i2c-modules-5.10.0-7-5kc-malta-di
i2c-modules-5.10.0-7-686-di
i2c-modules-5.10.0-7-686-pae-di
i2c-modules-5.10.0-7-alpha-generic-di
i2c-modules-5.10.0-7-amd64-di
i2c-modules-5.10.0-7-arm64-di
i2c-modules-5.10.0-7-armmp-di
i2c-modules-5.10.0-7-itanium-di
i2c-modules-5.10.0-7-powerpc64-di
i2c-modules-5.10.0-7-powerpc64le-di
i2c-modules-5.10.0-7-riscv64-di
i2c-modules-5.10.0-7-sh7751r-di
i2c-modules-5.10.0-7-sparc64-di
ide-core-modules-5.10.0-7-itanium-di
ide-core-modules-5.10.0-7-m68k-di
ide-modules-5.10.0-7-itanium-di
ide-modules-5.10.0-7-m68k-di
input-modules-5.10.0-7-4kc-malta-di
input-modules-5.10.0-7-5kc-malta-di
input-modules-5.10.0-7-686-di
input-modules-5.10.0-7-686-pae-di
input-modules-5.10.0-7-alpha-generic-di
input-modules-5.10.0-7-amd64-di
input-modules-5.10.0-7-arm64-di
input-modules-5.10.0-7-armmp-di
input-modules-5.10.0-7-itanium-di
input-modules-5.10.0-7-loongson-3-di
input-modules-5.10.0-7-marvell-di
input-modules-5.10.0-7-octeon-di
input-modules-5.10.0-7-parisc-di
input-modules-5.10.0-7-parisc64-di
input-modules-5.10.0-7-powerpc-di
input-modules-5.10.0-7-powerpc64-di
input-modules-5.10.0-7-powerpc64le-di
input-modules-5.10.0-7-riscv64-di
input-modules-5.10.0-7-sparc64-di
ipv6-modules-5.10.0-7-marvell-di
isofs-modules-5.10.0-7-4kc-malta-di
isofs-modules-5.10.0-7-5kc-malta-di
isofs-modules-5.10.0-7-686-di
isofs-modules-5.10.0-7-686-pae-di
isofs-modules-5.10.0-7-alpha-generic-di
isofs-modules-5.10.0-7-amd64-di
isofs-modules-5.10.0-7-arm64-di
isofs-modules-5.10.0-7-armmp-di
isofs-modules-5.10.0-7-itanium-di
isofs-modules-5.10.0-7-loongson-3-di
isofs-modules-5.10.0-7-m68k-di
isofs-modules-5.10.0-7-marvell-di
isofs-modules-5.10.0-7-mips32r6-di
isofs-modules-5.10.0-7-mips32r6el-di
isofs-modules-5.10.0-7-mips64r6-di
isofs-modules-5.10.0-7-mips64r6el-di
isofs-modules-5.10.0-7-octeon-di
isofs-modules-5.10.0-7-parisc-di
isofs-modules-5.10.0-7-parisc64-di
isofs-modules-5.10.0-7-powerpc-di
isofs-modules-5.10.0-7-powerpc64-di
isofs-modules-5.10.0-7-powerpc64le-di
isofs-modules-5.10.0-7-riscv64-di
isofs-modules-5.10.0-7-s390x-di
isofs-modules-5.10.0-7-sh7751r-di
isofs-modules-5.10.0-7-sh7785lcr-di
isofs-modules-5.10.0-7-sparc64-di
jffs2-modules-5.10.0-7-marvell-di
jfs-modules-5.10.0-7-4kc-malta-di
jfs-modules-5.10.0-7-5kc-malta-di
jfs-modules-5.10.0-7-686-di
jfs-modules-5.10.0-7-686-pae-di
jfs-modules-5.10.0-7-alpha-generic-di
jfs-modules-5.10.0-7-amd64-di
jfs-modules-5.10.0-7-arm64-di
jfs-modules-5.10.0-7-armmp-di
jfs-modules-5.10.0-7-itanium-di
jfs-modules-5.10.0-7-loongson-3-di
jfs-modules-5.10.0-7-marvell-di
jfs-modules-5.10.0-7-mips32r6-di
jfs-modules-5.10.0-7-mips32r6el-di
jfs-modules-5.10.0-7-mips64r6-di
jfs-modules-5.10.0-7-mips64r6el-di
jfs-modules-5.10.0-7-octeon-di
jfs-modules-5.10.0-7-parisc-di
jfs-modules-5.10.0-7-parisc64-di
jfs-modules-5.10.0-7-powerpc-di
jfs-modules-5.10.0-7-powerpc64-di
jfs-modules-5.10.0-7-powerpc64le-di
jfs-modules-5.10.0-7-riscv64-di
jfs-modules-5.10.0-7-sh7751r-di
jfs-modules-5.10.0-7-sh7785lcr-di
jfs-modules-5.10.0-7-sparc64-di
kernel-image-5.10.0-7-4kc-malta-di
kernel-image-5.10.0-7-5kc-malta-di
kernel-image-5.10.0-7-686-di
kernel-image-5.10.0-7-686-pae-di
kernel-image-5.10.0-7-alpha-generic-di
kernel-image-5.10.0-7-amd64-di
kernel-image-5.10.0-7-arm64-di
kernel-image-5.10.0-7-armmp-di
kernel-image-5.10.0-7-itanium-di
kernel-image-5.10.0-7-loongson-3-di
kernel-image-5.10.0-7-m68k-di
kernel-image-5.10.0-7-marvell-di
kernel-image-5.10.0-7-mips32r6-di
kernel-image-5.10.0-7-mips32r6el-di
kernel-image-5.10.0-7-mips64r6-di
kernel-image-5.10.0-7-mips64r6el-di
kernel-image-5.10.0-7-octeon-di
kernel-image-5.10.0-7-parisc-di
kernel-image-5.10.0-7-parisc64-di
kernel-image-5.10.0-7-powerpc-di
kernel-image-5.10.0-7-powerpc64-di
kernel-image-5.10.0-7-powerpc64le-di
kernel-image-5.10.0-7-riscv64-di
kernel-image-5.10.0-7-s390x-di
kernel-image-5.10.0-7-sh7751r-di
kernel-image-5.10.0-7-sh7785lcr-di
kernel-image-5.10.0-7-sparc64-di
leds-modules-5.10.0-7-arm64-di
leds-modules-5.10.0-7-armmp-di
leds-modules-5.10.0-7-marvell-di
libcpupower-dev
libcpupower1
linux-bootwrapper-5.10.0-7
linux-compiler-gcc-10-arm
linux-compiler-gcc-10-s390
linux-compiler-gcc-10-x86
linux-config-5.10
linux-cpupower (2 bugs: 0, 1, 1, 0)
linux-doc
linux-doc-5.10
linux-headers-4kc-malta
linux-headers-5.10.0-7-4kc-malta
linux-headers-5.10.0-7-5kc-malta
linux-headers-5.10.0-7-686
linux-headers-5.10.0-7-686-pae
linux-headers-5.10.0-7-alpha-generic
linux-headers-5.10.0-7-alpha-smp
linux-headers-5.10.0-7-amd64
linux-headers-5.10.0-7-arm64
linux-headers-5.10.0-7-armmp
linux-headers-5.10.0-7-armmp-lpae
linux-headers-5.10.0-7-cloud-amd64
linux-headers-5.10.0-7-cloud-arm64
linux-headers-5.10.0-7-common
linux-headers-5.10.0-7-common-rt
linux-headers-5.10.0-7-itanium
linux-headers-5.10.0-7-loongson-3
linux-headers-5.10.0-7-m68k
linux-headers-5.10.0-7-marvell
linux-headers-5.10.0-7-mckinley
linux-headers-5.10.0-7-mips32r6
linux-headers-5.10.0-7-mips32r6el
linux-headers-5.10.0-7-mips64r6
linux-headers-5.10.0-7-mips64r6el
linux-headers-5.10.0-7-octeon
linux-headers-5.10.0-7-parisc
linux-headers-5.10.0-7-parisc64
linux-headers-5.10.0-7-powerpc
linux-headers-5.10.0-7-powerpc-smp
linux-headers-5.10.0-7-powerpc64
linux-headers-5.10.0-7-powerpc64le
linux-headers-5.10.0-7-riscv64
linux-headers-5.10.0-7-rpi
linux-headers-5.10.0-7-rt-686-pae
linux-headers-5.10.0-7-rt-amd64
linux-headers-5.10.0-7-rt-arm64
linux-headers-5.10.0-7-rt-armmp
linux-headers-5.10.0-7-s390x
linux-headers-5.10.0-7-sh7751r
linux-headers-5.10.0-7-sh7785lcr
linux-headers-5.10.0-7-sparc64
linux-headers-5.10.0-7-sparc64-smp
linux-headers-5kc-malta
linux-headers-alpha-generic
linux-headers-alpha-smp
linux-headers-armmp
linux-headers-armmp-lpae
linux-headers-itanium
linux-headers-loongson-3
linux-headers-m68k
linux-headers-marvell
linux-headers-mckinley
linux-headers-mips32r6
linux-headers-mips32r6el
linux-headers-mips64r6
linux-headers-mips64r6el
linux-headers-octeon
linux-headers-parisc
linux-headers-parisc64
linux-headers-powerpc
linux-headers-powerpc-smp
linux-headers-powerpc64
linux-headers-powerpc64le
linux-headers-riscv64
linux-headers-rpi
linux-headers-rt-armmp
linux-headers-s390x
linux-headers-sh7751r
linux-headers-sh7785lcr
linux-headers-sparc64
linux-headers-sparc64-smp
linux-image-4kc-malta
linux-image-4kc-malta-dbg
linux-image-5.10.0-7-4kc-malta
linux-image-5.10.0-7-4kc-malta-dbg
linux-image-5.10.0-7-5kc-malta
linux-image-5.10.0-7-5kc-malta-dbg
linux-image-5.10.0-7-686-dbg
linux-image-5.10.0-7-686-pae-dbg
linux-image-5.10.0-7-686-pae-unsigned
linux-image-5.10.0-7-686-unsigned
linux-image-5.10.0-7-alpha-generic
linux-image-5.10.0-7-alpha-generic-dbg
linux-image-5.10.0-7-alpha-smp
linux-image-5.10.0-7-alpha-smp-dbg
linux-image-5.10.0-7-amd64-dbg
linux-image-5.10.0-7-amd64-unsigned
linux-image-5.10.0-7-arm64-dbg
linux-image-5.10.0-7-arm64-unsigned
linux-image-5.10.0-7-armmp
linux-image-5.10.0-7-armmp-dbg
linux-image-5.10.0-7-armmp-lpae
linux-image-5.10.0-7-armmp-lpae-dbg
linux-image-5.10.0-7-cloud-amd64-dbg
linux-image-5.10.0-7-cloud-amd64-unsigned
linux-image-5.10.0-7-cloud-arm64-dbg
linux-image-5.10.0-7-cloud-arm64-unsigned
linux-image-5.10.0-7-itanium
linux-image-5.10.0-7-itanium-dbg
linux-image-5.10.0-7-loongson-3
linux-image-5.10.0-7-loongson-3-dbg
linux-image-5.10.0-7-m68k
linux-image-5.10.0-7-m68k-dbg
linux-image-5.10.0-7-marvell
linux-image-5.10.0-7-marvell-dbg
linux-image-5.10.0-7-mckinley
linux-image-5.10.0-7-mckinley-dbg
linux-image-5.10.0-7-mips32r6
linux-image-5.10.0-7-mips32r6-dbg
linux-image-5.10.0-7-mips32r6el
linux-image-5.10.0-7-mips32r6el-dbg
linux-image-5.10.0-7-mips64r6
linux-image-5.10.0-7-mips64r6-dbg
linux-image-5.10.0-7-mips64r6el
linux-image-5.10.0-7-mips64r6el-dbg
linux-image-5.10.0-7-octeon
linux-image-5.10.0-7-octeon-dbg
linux-image-5.10.0-7-parisc
linux-image-5.10.0-7-parisc64
linux-image-5.10.0-7-powerpc
linux-image-5.10.0-7-powerpc-dbg
linux-image-5.10.0-7-powerpc-smp
linux-image-5.10.0-7-powerpc-smp-dbg
linux-image-5.10.0-7-powerpc64
linux-image-5.10.0-7-powerpc64-dbg
linux-image-5.10.0-7-powerpc64le
linux-image-5.10.0-7-powerpc64le-dbg
linux-image-5.10.0-7-riscv64
linux-image-5.10.0-7-riscv64-dbg
linux-image-5.10.0-7-rpi
linux-image-5.10.0-7-rpi-dbg
linux-image-5.10.0-7-rt-686-pae-dbg
linux-image-5.10.0-7-rt-686-pae-unsigned
linux-image-5.10.0-7-rt-amd64-dbg
linux-image-5.10.0-7-rt-amd64-unsigned
linux-image-5.10.0-7-rt-arm64-dbg
linux-image-5.10.0-7-rt-arm64-unsigned
linux-image-5.10.0-7-rt-armmp
linux-image-5.10.0-7-rt-armmp-dbg
linux-image-5.10.0-7-s390x
linux-image-5.10.0-7-s390x-dbg
linux-image-5.10.0-7-sh7751r
linux-image-5.10.0-7-sh7751r-dbg
linux-image-5.10.0-7-sh7785lcr
linux-image-5.10.0-7-sh7785lcr-dbg
linux-image-5.10.0-7-sparc64
linux-image-5.10.0-7-sparc64-dbg
linux-image-5.10.0-7-sparc64-smp
linux-image-5.10.0-7-sparc64-smp-dbg
linux-image-5kc-malta
linux-image-5kc-malta-dbg
linux-image-686-dbg
linux-image-686-pae-dbg
linux-image-alpha-generic
linux-image-alpha-generic-dbg
linux-image-alpha-smp
linux-image-alpha-smp-dbg
linux-image-amd64-dbg
linux-image-amd64-signed-template
linux-image-arm64-dbg
linux-image-arm64-signed-template
linux-image-armmp (1 bugs: 0, 1, 0, 0)
linux-image-armmp-dbg
linux-image-armmp-lpae
linux-image-armmp-lpae-dbg
linux-image-cloud-amd64-dbg
linux-image-cloud-arm64-dbg
linux-image-i386-signed-template
linux-image-itanium
linux-image-itanium-dbg
linux-image-loongson-3
linux-image-loongson-3-dbg
linux-image-m68k
linux-image-m68k-dbg
linux-image-marvell
linux-image-marvell-dbg
linux-image-mckinley
linux-image-mckinley-dbg
linux-image-mips32r6
linux-image-mips32r6-dbg
linux-image-mips32r6el
linux-image-mips32r6el-dbg
linux-image-mips64r6
linux-image-mips64r6-dbg
linux-image-mips64r6el
linux-image-mips64r6el-dbg
linux-image-octeon
linux-image-octeon-dbg
linux-image-parisc
linux-image-parisc-smp
linux-image-parisc64
linux-image-parisc64-smp
linux-image-powerpc
linux-image-powerpc-dbg
linux-image-powerpc-smp
linux-image-powerpc-smp-dbg
linux-image-powerpc64
linux-image-powerpc64-dbg
linux-image-powerpc64le
linux-image-powerpc64le-dbg
linux-image-riscv64
linux-image-riscv64-dbg
linux-image-rpi
linux-image-rpi-dbg
linux-image-rt-686-pae-dbg
linux-image-rt-amd64-dbg
linux-image-rt-arm64-dbg
linux-image-rt-armmp
linux-image-rt-armmp-dbg
linux-image-s390x
linux-image-s390x-dbg
linux-image-sh7751r
linux-image-sh7751r-dbg
linux-image-sh7785lcr
linux-image-sh7785lcr-dbg
linux-image-sparc64
linux-image-sparc64-dbg
linux-image-sparc64-smp
linux-image-sparc64-smp-dbg
linux-kbuild-5.10
linux-libc-dev (7 bugs: 0, 3, 4, 0)
linux-perf
linux-perf-5.10 (1 bugs: 0, 0, 1, 0)
linux-source
linux-source-5.10
linux-support-5.10.0-7
loop-modules-5.10.0-7-4kc-malta-di
loop-modules-5.10.0-7-5kc-malta-di
loop-modules-5.10.0-7-686-di
loop-modules-5.10.0-7-686-pae-di
loop-modules-5.10.0-7-alpha-generic-di
loop-modules-5.10.0-7-amd64-di
loop-modules-5.10.0-7-arm64-di
loop-modules-5.10.0-7-armmp-di
loop-modules-5.10.0-7-itanium-di
loop-modules-5.10.0-7-loongson-3-di
loop-modules-5.10.0-7-m68k-di
loop-modules-5.10.0-7-marvell-di
loop-modules-5.10.0-7-mips32r6-di
loop-modules-5.10.0-7-mips32r6el-di
loop-modules-5.10.0-7-mips64r6-di
loop-modules-5.10.0-7-mips64r6el-di
loop-modules-5.10.0-7-octeon-di
loop-modules-5.10.0-7-parisc-di
loop-modules-5.10.0-7-parisc64-di
loop-modules-5.10.0-7-powerpc-di
loop-modules-5.10.0-7-powerpc64-di
loop-modules-5.10.0-7-powerpc64le-di
loop-modules-5.10.0-7-riscv64-di
loop-modules-5.10.0-7-s390x-di
loop-modules-5.10.0-7-sh7751r-di
loop-modules-5.10.0-7-sh7785lcr-di
md-modules-5.10.0-7-4kc-malta-di
md-modules-5.10.0-7-5kc-malta-di
md-modules-5.10.0-7-686-di
md-modules-5.10.0-7-686-pae-di
md-modules-5.10.0-7-alpha-generic-di
md-modules-5.10.0-7-amd64-di
md-modules-5.10.0-7-arm64-di
md-modules-5.10.0-7-armmp-di
md-modules-5.10.0-7-itanium-di
md-modules-5.10.0-7-loongson-3-di
md-modules-5.10.0-7-m68k-di
md-modules-5.10.0-7-marvell-di
md-modules-5.10.0-7-mips32r6-di
md-modules-5.10.0-7-mips32r6el-di
md-modules-5.10.0-7-mips64r6-di
md-modules-5.10.0-7-mips64r6el-di
md-modules-5.10.0-7-octeon-di
md-modules-5.10.0-7-parisc-di
md-modules-5.10.0-7-parisc64-di
md-modules-5.10.0-7-powerpc-di
md-modules-5.10.0-7-powerpc64-di
md-modules-5.10.0-7-powerpc64le-di
md-modules-5.10.0-7-riscv64-di
md-modules-5.10.0-7-s390x-di
md-modules-5.10.0-7-sh7751r-di
md-modules-5.10.0-7-sh7785lcr-di
md-modules-5.10.0-7-sparc64-di
minix-modules-5.10.0-7-4kc-malta-di
minix-modules-5.10.0-7-5kc-malta-di
minix-modules-5.10.0-7-loongson-3-di
minix-modules-5.10.0-7-marvell-di
minix-modules-5.10.0-7-octeon-di
minix-modules-5.10.0-7-sh7751r-di
minix-modules-5.10.0-7-sh7785lcr-di
mmc-core-modules-5.10.0-7-4kc-malta-di
mmc-core-modules-5.10.0-7-5kc-malta-di
mmc-core-modules-5.10.0-7-686-di
mmc-core-modules-5.10.0-7-686-pae-di
mmc-core-modules-5.10.0-7-amd64-di
mmc-core-modules-5.10.0-7-marvell-di
mmc-core-modules-5.10.0-7-powerpc-di
mmc-core-modules-5.10.0-7-powerpc64-di
mmc-core-modules-5.10.0-7-riscv64-di
mmc-modules-5.10.0-7-4kc-malta-di
mmc-modules-5.10.0-7-5kc-malta-di
mmc-modules-5.10.0-7-686-di
mmc-modules-5.10.0-7-686-pae-di
mmc-modules-5.10.0-7-amd64-di
mmc-modules-5.10.0-7-arm64-di
mmc-modules-5.10.0-7-armmp-di
mmc-modules-5.10.0-7-marvell-di
mmc-modules-5.10.0-7-riscv64-di
mouse-modules-5.10.0-7-4kc-malta-di
mouse-modules-5.10.0-7-5kc-malta-di
mouse-modules-5.10.0-7-686-di
mouse-modules-5.10.0-7-686-pae-di
mouse-modules-5.10.0-7-alpha-generic-di
mouse-modules-5.10.0-7-amd64-di
mouse-modules-5.10.0-7-itanium-di
mouse-modules-5.10.0-7-marvell-di
mouse-modules-5.10.0-7-parisc-di
mouse-modules-5.10.0-7-parisc64-di
mouse-modules-5.10.0-7-powerpc-di
mouse-modules-5.10.0-7-powerpc64-di
mouse-modules-5.10.0-7-powerpc64le-di
mtd-core-modules-5.10.0-7-4kc-malta-di
mtd-core-modules-5.10.0-7-5kc-malta-di
mtd-core-modules-5.10.0-7-686-di
mtd-core-modules-5.10.0-7-686-pae-di
mtd-core-modules-5.10.0-7-amd64-di
mtd-core-modules-5.10.0-7-arm64-di
mtd-core-modules-5.10.0-7-itanium-di
mtd-core-modules-5.10.0-7-loongson-3-di
mtd-core-modules-5.10.0-7-marvell-di
mtd-core-modules-5.10.0-7-powerpc64-di
mtd-core-modules-5.10.0-7-powerpc64le-di
mtd-core-modules-5.10.0-7-riscv64-di
mtd-core-modules-5.10.0-7-s390x-di
mtd-modules-5.10.0-7-armmp-di
mtd-modules-5.10.0-7-marvell-di
mtd-modules-5.10.0-7-riscv64-di
multipath-modules-5.10.0-7-4kc-malta-di
multipath-modules-5.10.0-7-5kc-malta-di
multipath-modules-5.10.0-7-686-di
multipath-modules-5.10.0-7-686-pae-di
multipath-modules-5.10.0-7-alpha-generic-di
multipath-modules-5.10.0-7-amd64-di
multipath-modules-5.10.0-7-arm64-di
multipath-modules-5.10.0-7-armmp-di
multipath-modules-5.10.0-7-itanium-di
multipath-modules-5.10.0-7-loongson-3-di
multipath-modules-5.10.0-7-marvell-di
multipath-modules-5.10.0-7-mips32r6-di
multipath-modules-5.10.0-7-mips32r6el-di
multipath-modules-5.10.0-7-mips64r6-di
multipath-modules-5.10.0-7-mips64r6el-di
multipath-modules-5.10.0-7-octeon-di
multipath-modules-5.10.0-7-parisc-di
multipath-modules-5.10.0-7-parisc64-di
multipath-modules-5.10.0-7-powerpc-di
multipath-modules-5.10.0-7-powerpc64-di
multipath-modules-5.10.0-7-powerpc64le-di
multipath-modules-5.10.0-7-riscv64-di
multipath-modules-5.10.0-7-s390x-di
multipath-modules-5.10.0-7-sh7751r-di
multipath-modules-5.10.0-7-sh7785lcr-di
multipath-modules-5.10.0-7-sparc64-di
nbd-modules-5.10.0-7-4kc-malta-di
nbd-modules-5.10.0-7-5kc-malta-di
nbd-modules-5.10.0-7-686-di
nbd-modules-5.10.0-7-686-pae-di
nbd-modules-5.10.0-7-alpha-generic-di
nbd-modules-5.10.0-7-amd64-di
nbd-modules-5.10.0-7-arm64-di
nbd-modules-5.10.0-7-armmp-di
nbd-modules-5.10.0-7-itanium-di
nbd-modules-5.10.0-7-loongson-3-di
nbd-modules-5.10.0-7-m68k-di
nbd-modules-5.10.0-7-marvell-di
nbd-modules-5.10.0-7-mips32r6-di
nbd-modules-5.10.0-7-mips32r6el-di
nbd-modules-5.10.0-7-mips64r6-di
nbd-modules-5.10.0-7-mips64r6el-di
nbd-modules-5.10.0-7-octeon-di
nbd-modules-5.10.0-7-parisc-di
nbd-modules-5.10.0-7-parisc64-di
nbd-modules-5.10.0-7-powerpc-di
nbd-modules-5.10.0-7-powerpc64-di
nbd-modules-5.10.0-7-powerpc64le-di
nbd-modules-5.10.0-7-riscv64-di
nbd-modules-5.10.0-7-s390x-di
nbd-modules-5.10.0-7-sh7751r-di
nbd-modules-5.10.0-7-sh7785lcr-di
nbd-modules-5.10.0-7-sparc64-di
nfs-modules-5.10.0-7-loongson-3-di
nic-modules-5.10.0-7-4kc-malta-di
nic-modules-5.10.0-7-5kc-malta-di
nic-modules-5.10.0-7-686-di
nic-modules-5.10.0-7-686-pae-di
nic-modules-5.10.0-7-alpha-generic-di
nic-modules-5.10.0-7-amd64-di
nic-modules-5.10.0-7-arm64-di
nic-modules-5.10.0-7-armmp-di
nic-modules-5.10.0-7-itanium-di
nic-modules-5.10.0-7-loongson-3-di
nic-modules-5.10.0-7-m68k-di
nic-modules-5.10.0-7-marvell-di
nic-modules-5.10.0-7-octeon-di
nic-modules-5.10.0-7-parisc-di
nic-modules-5.10.0-7-parisc64-di
nic-modules-5.10.0-7-powerpc-di
nic-modules-5.10.0-7-powerpc64-di
nic-modules-5.10.0-7-powerpc64le-di
nic-modules-5.10.0-7-riscv64-di
nic-modules-5.10.0-7-s390x-di
nic-modules-5.10.0-7-sh7751r-di
nic-modules-5.10.0-7-sh7785lcr-di
nic-modules-5.10.0-7-sparc64-di
nic-pcmcia-modules-5.10.0-7-686-di
nic-pcmcia-modules-5.10.0-7-686-pae-di
nic-pcmcia-modules-5.10.0-7-alpha-generic-di
nic-pcmcia-modules-5.10.0-7-amd64-di
nic-pcmcia-modules-5.10.0-7-powerpc-di
nic-pcmcia-modules-5.10.0-7-powerpc64-di
nic-shared-modules-5.10.0-7-4kc-malta-di
nic-shared-modules-5.10.0-7-5kc-malta-di
nic-shared-modules-5.10.0-7-686-di
nic-shared-modules-5.10.0-7-686-pae-di
nic-shared-modules-5.10.0-7-alpha-generic-di
nic-shared-modules-5.10.0-7-amd64-di
nic-shared-modules-5.10.0-7-arm64-di
nic-shared-modules-5.10.0-7-armmp-di
nic-shared-modules-5.10.0-7-itanium-di
nic-shared-modules-5.10.0-7-loongson-3-di
nic-shared-modules-5.10.0-7-m68k-di
nic-shared-modules-5.10.0-7-marvell-di
nic-shared-modules-5.10.0-7-mips32r6-di
nic-shared-modules-5.10.0-7-mips32r6el-di
nic-shared-modules-5.10.0-7-mips64r6-di
nic-shared-modules-5.10.0-7-mips64r6el-di
nic-shared-modules-5.10.0-7-octeon-di
nic-shared-modules-5.10.0-7-parisc-di
nic-shared-modules-5.10.0-7-parisc64-di
nic-shared-modules-5.10.0-7-powerpc-di
nic-shared-modules-5.10.0-7-powerpc64-di
nic-shared-modules-5.10.0-7-powerpc64le-di
nic-shared-modules-5.10.0-7-riscv64-di
nic-shared-modules-5.10.0-7-sh7751r-di
nic-shared-modules-5.10.0-7-sh7785lcr-di
nic-shared-modules-5.10.0-7-sparc64-di
nic-usb-modules-5.10.0-7-4kc-malta-di
nic-usb-modules-5.10.0-7-5kc-malta-di
nic-usb-modules-5.10.0-7-686-di
nic-usb-modules-5.10.0-7-686-pae-di
nic-usb-modules-5.10.0-7-alpha-generic-di
nic-usb-modules-5.10.0-7-amd64-di
nic-usb-modules-5.10.0-7-arm64-di
nic-usb-modules-5.10.0-7-armmp-di
nic-usb-modules-5.10.0-7-itanium-di
nic-usb-modules-5.10.0-7-loongson-3-di
nic-usb-modules-5.10.0-7-marvell-di
nic-usb-modules-5.10.0-7-octeon-di
nic-usb-modules-5.10.0-7-parisc-di
nic-usb-modules-5.10.0-7-parisc64-di
nic-usb-modules-5.10.0-7-powerpc-di
nic-usb-modules-5.10.0-7-powerpc64-di
nic-usb-modules-5.10.0-7-powerpc64le-di
nic-usb-modules-5.10.0-7-riscv64-di
nic-usb-modules-5.10.0-7-sh7751r-di
nic-usb-modules-5.10.0-7-sh7785lcr-di
nic-usb-modules-5.10.0-7-sparc64-di
nic-wireless-modules-5.10.0-7-4kc-malta-di
nic-wireless-modules-5.10.0-7-5kc-malta-di
nic-wireless-modules-5.10.0-7-686-di
nic-wireless-modules-5.10.0-7-686-pae-di
nic-wireless-modules-5.10.0-7-alpha-generic-di
nic-wireless-modules-5.10.0-7-amd64-di
nic-wireless-modules-5.10.0-7-arm64-di
nic-wireless-modules-5.10.0-7-armmp-di
nic-wireless-modules-5.10.0-7-loongson-3-di
nic-wireless-modules-5.10.0-7-octeon-di
nic-wireless-modules-5.10.0-7-powerpc-di
nic-wireless-modules-5.10.0-7-powerpc64-di
nic-wireless-modules-5.10.0-7-powerpc64le-di
nic-wireless-modules-5.10.0-7-riscv64-di
pata-modules-5.10.0-7-4kc-malta-di
pata-modules-5.10.0-7-5kc-malta-di
pata-modules-5.10.0-7-686-di
pata-modules-5.10.0-7-686-pae-di
pata-modules-5.10.0-7-alpha-generic-di
pata-modules-5.10.0-7-amd64-di
pata-modules-5.10.0-7-armmp-di
pata-modules-5.10.0-7-itanium-di
pata-modules-5.10.0-7-loongson-3-di
pata-modules-5.10.0-7-m68k-di
pata-modules-5.10.0-7-octeon-di
pata-modules-5.10.0-7-parisc-di
pata-modules-5.10.0-7-parisc64-di
pata-modules-5.10.0-7-powerpc-di
pata-modules-5.10.0-7-powerpc64-di
pata-modules-5.10.0-7-riscv64-di
pata-modules-5.10.0-7-sh7751r-di
pata-modules-5.10.0-7-sh7785lcr-di
pata-modules-5.10.0-7-sparc64-di
pcmcia-modules-5.10.0-7-686-di
pcmcia-modules-5.10.0-7-686-pae-di
pcmcia-modules-5.10.0-7-alpha-generic-di
pcmcia-modules-5.10.0-7-amd64-di
pcmcia-modules-5.10.0-7-itanium-di
pcmcia-modules-5.10.0-7-powerpc-di
pcmcia-modules-5.10.0-7-powerpc64-di
pcmcia-storage-modules-5.10.0-7-686-di
pcmcia-storage-modules-5.10.0-7-686-pae-di
pcmcia-storage-modules-5.10.0-7-amd64-di
pcmcia-storage-modules-5.10.0-7-powerpc-di
pcmcia-storage-modules-5.10.0-7-powerpc64-di
ppp-modules-5.10.0-7-4kc-malta-di
ppp-modules-5.10.0-7-5kc-malta-di
ppp-modules-5.10.0-7-686-di
ppp-modules-5.10.0-7-686-pae-di
ppp-modules-5.10.0-7-alpha-generic-di
ppp-modules-5.10.0-7-amd64-di
ppp-modules-5.10.0-7-arm64-di
ppp-modules-5.10.0-7-armmp-di
ppp-modules-5.10.0-7-itanium-di
ppp-modules-5.10.0-7-loongson-3-di
ppp-modules-5.10.0-7-m68k-di
ppp-modules-5.10.0-7-marvell-di
ppp-modules-5.10.0-7-octeon-di
ppp-modules-5.10.0-7-parisc-di
ppp-modules-5.10.0-7-parisc64-di
ppp-modules-5.10.0-7-powerpc-di
ppp-modules-5.10.0-7-powerpc64-di
ppp-modules-5.10.0-7-powerpc64le-di
ppp-modules-5.10.0-7-riscv64-di
ppp-modules-5.10.0-7-sh7751r-di
ppp-modules-5.10.0-7-sh7785lcr-di
ppp-modules-5.10.0-7-sparc64-di
rfkill-modules-5.10.0-7-686-di
rfkill-modules-5.10.0-7-686-pae-di
rfkill-modules-5.10.0-7-amd64-di
rtc-modules-5.10.0-7-octeon-di
sata-modules-5.10.0-7-4kc-malta-di
sata-modules-5.10.0-7-5kc-malta-di
sata-modules-5.10.0-7-686-di
sata-modules-5.10.0-7-686-pae-di
sata-modules-5.10.0-7-alpha-generic-di
sata-modules-5.10.0-7-amd64-di
sata-modules-5.10.0-7-arm64-di
sata-modules-5.10.0-7-armmp-di
sata-modules-5.10.0-7-itanium-di
sata-modules-5.10.0-7-loongson-3-di
sata-modules-5.10.0-7-marvell-di
sata-modules-5.10.0-7-octeon-di
sata-modules-5.10.0-7-parisc-di
sata-modules-5.10.0-7-parisc64-di
sata-modules-5.10.0-7-powerpc-di
sata-modules-5.10.0-7-powerpc64-di
sata-modules-5.10.0-7-powerpc64le-di
sata-modules-5.10.0-7-riscv64-di
sata-modules-5.10.0-7-sh7751r-di
sata-modules-5.10.0-7-sh7785lcr-di
sata-modules-5.10.0-7-sparc64-di
scsi-core-modules-5.10.0-7-4kc-malta-di
scsi-core-modules-5.10.0-7-5kc-malta-di
scsi-core-modules-5.10.0-7-686-di
scsi-core-modules-5.10.0-7-686-pae-di
scsi-core-modules-5.10.0-7-alpha-generic-di
scsi-core-modules-5.10.0-7-amd64-di
scsi-core-modules-5.10.0-7-arm64-di
scsi-core-modules-5.10.0-7-armmp-di
scsi-core-modules-5.10.0-7-itanium-di
scsi-core-modules-5.10.0-7-loongson-3-di
scsi-core-modules-5.10.0-7-m68k-di
scsi-core-modules-5.10.0-7-marvell-di
scsi-core-modules-5.10.0-7-octeon-di
scsi-core-modules-5.10.0-7-parisc-di
scsi-core-modules-5.10.0-7-parisc64-di
scsi-core-modules-5.10.0-7-powerpc-di
scsi-core-modules-5.10.0-7-powerpc64-di
scsi-core-modules-5.10.0-7-powerpc64le-di
scsi-core-modules-5.10.0-7-riscv64-di
scsi-core-modules-5.10.0-7-s390x-di
scsi-core-modules-5.10.0-7-sparc64-di
scsi-modules-5.10.0-7-4kc-malta-di
scsi-modules-5.10.0-7-5kc-malta-di
scsi-modules-5.10.0-7-686-di
scsi-modules-5.10.0-7-686-pae-di
scsi-modules-5.10.0-7-alpha-generic-di
scsi-modules-5.10.0-7-amd64-di
scsi-modules-5.10.0-7-arm64-di
scsi-modules-5.10.0-7-armmp-di
scsi-modules-5.10.0-7-itanium-di
scsi-modules-5.10.0-7-loongson-3-di
scsi-modules-5.10.0-7-m68k-di
scsi-modules-5.10.0-7-octeon-di
scsi-modules-5.10.0-7-parisc-di
scsi-modules-5.10.0-7-parisc64-di
scsi-modules-5.10.0-7-powerpc-di
scsi-modules-5.10.0-7-powerpc64-di
scsi-modules-5.10.0-7-powerpc64le-di
scsi-modules-5.10.0-7-riscv64-di
scsi-modules-5.10.0-7-s390x-di
scsi-modules-5.10.0-7-sparc64-di
scsi-nic-modules-5.10.0-7-4kc-malta-di
scsi-nic-modules-5.10.0-7-5kc-malta-di
scsi-nic-modules-5.10.0-7-686-di
scsi-nic-modules-5.10.0-7-686-pae-di
scsi-nic-modules-5.10.0-7-alpha-generic-di
scsi-nic-modules-5.10.0-7-amd64-di
scsi-nic-modules-5.10.0-7-arm64-di
scsi-nic-modules-5.10.0-7-armmp-di
scsi-nic-modules-5.10.0-7-itanium-di
scsi-nic-modules-5.10.0-7-loongson-3-di
scsi-nic-modules-5.10.0-7-octeon-di
scsi-nic-modules-5.10.0-7-powerpc-di
scsi-nic-modules-5.10.0-7-powerpc64-di
scsi-nic-modules-5.10.0-7-powerpc64le-di
scsi-nic-modules-5.10.0-7-riscv64-di
serial-modules-5.10.0-7-686-di
serial-modules-5.10.0-7-686-pae-di
serial-modules-5.10.0-7-alpha-generic-di
serial-modules-5.10.0-7-amd64-di
serial-modules-5.10.0-7-itanium-di
serial-modules-5.10.0-7-parisc-di
serial-modules-5.10.0-7-parisc64-di
serial-modules-5.10.0-7-powerpc-di
serial-modules-5.10.0-7-powerpc64-di
serial-modules-5.10.0-7-powerpc64le-di
sound-modules-5.10.0-7-4kc-malta-di
sound-modules-5.10.0-7-5kc-malta-di
sound-modules-5.10.0-7-686-di
sound-modules-5.10.0-7-686-pae-di
sound-modules-5.10.0-7-amd64-di
sound-modules-5.10.0-7-loongson-3-di
sound-modules-5.10.0-7-octeon-di
sound-modules-5.10.0-7-sh7751r-di
sound-modules-5.10.0-7-sh7785lcr-di
speakup-modules-5.10.0-7-686-di
speakup-modules-5.10.0-7-686-pae-di
speakup-modules-5.10.0-7-amd64-di
speakup-modules-5.10.0-7-loongson-3-di
speakup-modules-5.10.0-7-sh7751r-di
speakup-modules-5.10.0-7-sh7785lcr-di
squashfs-modules-5.10.0-7-4kc-malta-di
squashfs-modules-5.10.0-7-5kc-malta-di
squashfs-modules-5.10.0-7-686-di
squashfs-modules-5.10.0-7-686-pae-di
squashfs-modules-5.10.0-7-alpha-generic-di
squashfs-modules-5.10.0-7-amd64-di
squashfs-modules-5.10.0-7-arm64-di
squashfs-modules-5.10.0-7-armmp-di
squashfs-modules-5.10.0-7-itanium-di
squashfs-modules-5.10.0-7-loongson-3-di
squashfs-modules-5.10.0-7-m68k-di
squashfs-modules-5.10.0-7-marvell-di
squashfs-modules-5.10.0-7-mips32r6-di
squashfs-modules-5.10.0-7-mips32r6el-di
squashfs-modules-5.10.0-7-mips64r6-di
squashfs-modules-5.10.0-7-mips64r6el-di
squashfs-modules-5.10.0-7-octeon-di
squashfs-modules-5.10.0-7-parisc-di
squashfs-modules-5.10.0-7-parisc64-di
squashfs-modules-5.10.0-7-powerpc-di
squashfs-modules-5.10.0-7-powerpc64-di
squashfs-modules-5.10.0-7-powerpc64le-di
squashfs-modules-5.10.0-7-riscv64-di
squashfs-modules-5.10.0-7-sh7751r-di
squashfs-modules-5.10.0-7-sh7785lcr-di
squashfs-modules-5.10.0-7-sparc64-di
srm-modules-5.10.0-7-alpha-generic-di
udf-modules-5.10.0-7-4kc-malta-di
udf-modules-5.10.0-7-5kc-malta-di
udf-modules-5.10.0-7-686-di
udf-modules-5.10.0-7-686-pae-di
udf-modules-5.10.0-7-amd64-di
udf-modules-5.10.0-7-arm64-di
udf-modules-5.10.0-7-armmp-di
udf-modules-5.10.0-7-itanium-di
udf-modules-5.10.0-7-loongson-3-di
udf-modules-5.10.0-7-m68k-di
udf-modules-5.10.0-7-marvell-di
udf-modules-5.10.0-7-mips32r6-di
udf-modules-5.10.0-7-mips32r6el-di
udf-modules-5.10.0-7-mips64r6-di
udf-modules-5.10.0-7-mips64r6el-di
udf-modules-5.10.0-7-octeon-di
udf-modules-5.10.0-7-powerpc-di
udf-modules-5.10.0-7-powerpc64-di
udf-modules-5.10.0-7-powerpc64le-di
udf-modules-5.10.0-7-riscv64-di
udf-modules-5.10.0-7-s390x-di
udf-modules-5.10.0-7-sh7751r-di
udf-modules-5.10.0-7-sh7785lcr-di
udf-modules-5.10.0-7-sparc64-di
ufs-modules-5.10.0-7-sparc64-di
uinput-modules-5.10.0-7-686-di
uinput-modules-5.10.0-7-686-pae-di
uinput-modules-5.10.0-7-amd64-di
uinput-modules-5.10.0-7-arm64-di
uinput-modules-5.10.0-7-armmp-di
uinput-modules-5.10.0-7-itanium-di
uinput-modules-5.10.0-7-marvell-di
uinput-modules-5.10.0-7-powerpc-di
uinput-modules-5.10.0-7-powerpc64-di
uinput-modules-5.10.0-7-powerpc64le-di
usb-modules-5.10.0-7-4kc-malta-di
usb-modules-5.10.0-7-5kc-malta-di
usb-modules-5.10.0-7-686-di
usb-modules-5.10.0-7-686-pae-di
usb-modules-5.10.0-7-alpha-generic-di
usb-modules-5.10.0-7-amd64-di
usb-modules-5.10.0-7-arm64-di
usb-modules-5.10.0-7-armmp-di
usb-modules-5.10.0-7-itanium-di
usb-modules-5.10.0-7-loongson-3-di
usb-modules-5.10.0-7-marvell-di
usb-modules-5.10.0-7-octeon-di
usb-modules-5.10.0-7-parisc-di
usb-modules-5.10.0-7-parisc64-di
usb-modules-5.10.0-7-powerpc-di
usb-modules-5.10.0-7-powerpc64-di
usb-modules-5.10.0-7-powerpc64le-di
usb-modules-5.10.0-7-riscv64-di
usb-modules-5.10.0-7-sparc64-di
usb-serial-modules-5.10.0-7-4kc-malta-di
usb-serial-modules-5.10.0-7-5kc-malta-di
usb-serial-modules-5.10.0-7-686-di
usb-serial-modules-5.10.0-7-686-pae-di
usb-serial-modules-5.10.0-7-alpha-generic-di
usb-serial-modules-5.10.0-7-amd64-di
usb-serial-modules-5.10.0-7-arm64-di
usb-serial-modules-5.10.0-7-armmp-di
usb-serial-modules-5.10.0-7-itanium-di
usb-serial-modules-5.10.0-7-loongson-3-di
usb-serial-modules-5.10.0-7-marvell-di
usb-serial-modules-5.10.0-7-octeon-di
usb-serial-modules-5.10.0-7-parisc-di
usb-serial-modules-5.10.0-7-parisc64-di
usb-serial-modules-5.10.0-7-powerpc-di
usb-serial-modules-5.10.0-7-powerpc64-di
usb-serial-modules-5.10.0-7-powerpc64le-di
usb-serial-modules-5.10.0-7-riscv64-di
usb-serial-modules-5.10.0-7-sh7751r-di
usb-serial-modules-5.10.0-7-sh7785lcr-di
usb-serial-modules-5.10.0-7-sparc64-di
usb-storage-modules-5.10.0-7-4kc-malta-di
usb-storage-modules-5.10.0-7-5kc-malta-di
usb-storage-modules-5.10.0-7-686-di
usb-storage-modules-5.10.0-7-686-pae-di
usb-storage-modules-5.10.0-7-alpha-generic-di
usb-storage-modules-5.10.0-7-amd64-di
usb-storage-modules-5.10.0-7-arm64-di
usb-storage-modules-5.10.0-7-armmp-di
usb-storage-modules-5.10.0-7-itanium-di
usb-storage-modules-5.10.0-7-loongson-3-di
usb-storage-modules-5.10.0-7-marvell-di
usb-storage-modules-5.10.0-7-octeon-di
usb-storage-modules-5.10.0-7-parisc-di
usb-storage-modules-5.10.0-7-parisc64-di
usb-storage-modules-5.10.0-7-powerpc-di
usb-storage-modules-5.10.0-7-powerpc64-di
usb-storage-modules-5.10.0-7-powerpc64le-di
usb-storage-modules-5.10.0-7-riscv64-di
usb-storage-modules-5.10.0-7-sh7751r-di
usb-storage-modules-5.10.0-7-sparc64-di
usbip (5 bugs: 0, 5, 0, 0)
xfs-modules-5.10.0-7-4kc-malta-di
xfs-modules-5.10.0-7-5kc-malta-di
xfs-modules-5.10.0-7-686-di
xfs-modules-5.10.0-7-686-pae-di
xfs-modules-5.10.0-7-alpha-generic-di
xfs-modules-5.10.0-7-amd64-di
xfs-modules-5.10.0-7-arm64-di
xfs-modules-5.10.0-7-itanium-di
xfs-modules-5.10.0-7-loongson-3-di
xfs-modules-5.10.0-7-mips32r6-di
xfs-modules-5.10.0-7-mips32r6el-di
xfs-modules-5.10.0-7-mips64r6-di
xfs-modules-5.10.0-7-mips64r6el-di
xfs-modules-5.10.0-7-octeon-di
xfs-modules-5.10.0-7-parisc-di
xfs-modules-5.10.0-7-parisc64-di
xfs-modules-5.10.0-7-powerpc-di
xfs-modules-5.10.0-7-powerpc64-di
xfs-modules-5.10.0-7-powerpc64le-di
xfs-modules-5.10.0-7-s390x-di
xfs-modules-5.10.0-7-sh7751r-di
xfs-modules-5.10.0-7-sh7785lcr-di
xfs-modules-5.10.0-7-sparc64-di

action needed

A new upstream version is available: 5.12.10 high

A new upstream version 5.12.10 is available, you should consider packaging it.

Created: 2021-02-10 Last update: 2021-06-15 09:03

The VCS repository is not up to date, push the missing commits. high

vcswatch reports that the current version of the package is not in its VCS.
Either you need to push your commits and/or your tags, or the information about the package's VCS are out of date. A common cause of the latter issue when using the Git VCS is not specifying the correct branch when the packaging is not in the default one (remote HEAD branch), which is usually "master" but can be modified in salsa.debian.org in the project's general settings with the "Default Branch" field). Alternatively the Vcs-Git field in debian/control can contain a "-b <branch-name>" suffix to indicate what branch is used for the Debian packaging.

Created: 2021-05-27 Last update: 2021-06-14 12:42

97 security issues in stretch high

There are 97 open security issues in stretch.

79 important issues:

CVE-2018-10322: The xfs_dinode_verify function in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.16.3 allows local users to cause a denial of service (xfs_ilock_attr_map_shared invalid pointer dereference) via a crafted xfs image.
CVE-2018-12929: ntfs_read_locked_inode in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a use-after-free read and possibly cause a denial of service (kernel oops or panic) via a crafted ntfs filesystem.
CVE-2018-12930: ntfs_end_buffer_async_read in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
CVE-2018-12931: ntfs_attr_find in the ntfs.ko filesystem driver in the Linux kernel 4.15.0 allows attackers to trigger a stack-based out-of-bounds write and cause a denial of service (kernel oops or panic) or possibly have unspecified other impact via a crafted ntfs filesystem.
CVE-2018-13095: An issue was discovered in fs/xfs/libxfs/xfs_inode_buf.c in the Linux kernel through 4.17.3. A denial of service (memory corruption and BUG) can occur for a corrupted xfs image upon encountering an inode that is in extent format, but has more extents than fit in the inode fork.
CVE-2019-0145: Buffer overflow in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable an escalation of privilege via local access.
CVE-2019-0146: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0147: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0148: Resource leak in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 7.0 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-0149: Insufficient input validation in i40e driver for Intel(R) Ethernet 700 Series Controllers versions before 2.8.43 may allow an authenticated user to potentially enable a denial of service via local access.
CVE-2019-12984: A NULL pointer dereference vulnerability in the function nfc_genl_deactivate_target() in net/nfc/netlink.c in the Linux kernel before 5.1.13 can be triggered by a malicious user-mode program that omits certain NFC attributes, leading to denial of service.
CVE-2019-19036: btrfs_root_node in fs/btrfs/ctree.c in the Linux kernel through 5.3.12 allows a NULL pointer dereference because rcu_dereference(root->node) can be zero.
CVE-2019-19039: ** DISPUTED ** __btrfs_free_extent in fs/btrfs/extent-tree.c in the Linux kernel through 5.3.12 calls btrfs_print_leaf in a certain ENOENT case, which allows local users to obtain potentially sensitive information about register values via the dmesg program. NOTE: The BTRFS development team disputes this issues as not being a vulnerability because “1) The kernel provide facilities to restrict access to dmesg - dmesg_restrict=1 sysctl option. So it's really up to the system administrator to judge whether dmesg access shall be disallowed or not. 2) WARN/WARN_ON are widely used macros in the linux kernel. If this CVE is considered valid this would mean there are literally thousands CVE lurking in the kernel - something which clearly is not the case.”
CVE-2019-19377: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2019-2213: In binder_free_transaction of binder.c, there is a possible use-after-free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-133758011References: Upstream kernel
CVE-2020-0030: In binder_thread_release of binder.c, there is a possible use after free due to a race condition. This could lead to local escalation of privilege with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android kernelAndroid ID: A-145286050References: Upstream kernel
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
CVE-2020-25670: A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
CVE-2020-25671: A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
CVE-2020-25672: A memory leak vulnerability was found in Linux kernel in llcp_sock_connect
CVE-2020-25673: A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
CVE-2020-26139: An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26147: An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26558: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-27835: A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
CVE-2020-29374: An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.
CVE-2020-35501:
CVE-2020-36322: An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
CVE-2020-36385: An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2021-0129: Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
CVE-2021-0512:
CVE-2021-20292: There is a flaw reported in the Linux kernel in versions before 5.9 in drivers/gpu/drm/nouveau/nouveau_sgdma.c in nouveau_sgdma_create_ttm in Nouveau DRM subsystem. The issue results from the lack of validating the existence of an object prior to performing operations on the object. An attacker with a local account with a root privilege, can leverage this vulnerability to escalate privileges and execute code in the context of the kernel.
CVE-2021-22543: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-23133: A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.
CVE-2021-23134: Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
CVE-2021-28660: rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.
CVE-2021-28688: The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.
CVE-2021-28950: An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
CVE-2021-28964: A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.
CVE-2021-28971: In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
CVE-2021-29154: BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2021-29264: An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.
CVE-2021-29265: An issue was discovered in the Linux kernel before 5.11.7. usbip_sockfd_store in drivers/usb/usbip/stub_dev.c allows attackers to cause a denial of service (GPF) because the stub-up sequence has race conditions during an update of the local and shared status, aka CID-9380afd6df70.
CVE-2021-29647: An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.
CVE-2021-29650: An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.
CVE-2021-30002: An issue was discovered in the Linux kernel before 5.11.3 when a webcam device exists. video_usercopy in drivers/media/v4l2-core/v4l2-ioctl.c has a memory leak for large arguments, aka CID-fb18802a338b.
CVE-2021-31916: An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CVE-2021-32399: net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2021-33033: The Linux kernel before 5.11.14 has a use-after-free in cipso_v4_genopt in net/ipv4/cipso_ipv4.c because the CIPSO and CALIPSO refcounting for the DOI definitions is mishandled, aka CID-ad5d07f4a9cd. This leads to writing an arbitrary value.
CVE-2021-33034: In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
CVE-2021-3428:
CVE-2021-3483: A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected
CVE-2021-3542:
CVE-2021-3564: A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.
CVE-2021-3573:
CVE-2021-3587:

18 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2017-18232: The Serial Attached SCSI (SAS) implementation in the Linux kernel through 4.15.9 mishandles a mutex within libsas, which allows local users to cause a denial of service (deadlock) by triggering certain error-handling code.
CVE-2018-1108: kernel drivers before version 4.17-rc1 are vulnerable to a weakness in the Linux kernel's implementation of random seed data. Programs, early in the boot sequence, could use the data allocated for the seed before it was sufficiently generated.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2018-20449: The hidma_chan_stats function in drivers/dma/qcom/hidma_dbg.c in the Linux kernel 4.14.90 allows local users to obtain sensitive address information by reading "callback=" lines in a debugfs file.
CVE-2018-7273: In the Linux kernel through 4.15.4, the floppy driver reveals the addresses of kernel functions and global variables using printk calls within the function show_floppy in drivers/block/floppy.c. An attacker can read this information from dmesg and use the addresses to find the locations of kernel code and data and bypass kernel security protections such as KASLR.
CVE-2018-7754: The aoedisk_debugfs_show function in drivers/block/aoe/aoeblk.c in the Linux kernel through 4.16.4rc4 allows local users to obtain sensitive address information by reading "ffree: " lines in a debugfs file.
CVE-2019-20908: An issue was discovered in drivers/firmware/efi/efi.c in the Linux kernel before 5.4. Incorrect access permissions for the efivar_ssdt ACPI variable could be used by attackers to bypass lockdown or secure boot restrictions, aka CID-1957a85b0032.
CVE-2019-3874: The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be vulnerable.
CVE-2019-9245: In the Android kernel in the f2fs driver there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not needed for exploitation.
CVE-2019-9444: In the Android kernel in sync debug fs driver there is a kernel pointer leak due to the usage of printf with %p. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
CVE-2019-9453: In the Android kernel in F2FS touch driver there is a possible out of bounds read due to improper input validation. This could lead to local information disclosure with system execution privileges needed. User interaction is not needed for exploitation.
CVE-2020-0067: In f2fs_xattr_generic_list of xattr.c, there is a possible out of bounds read due to a missing bounds check. This could lead to local information disclosure with System execution privileges needed. User interaction is not required for exploitation.Product: Android. Versions: Android kernel. Android ID: A-120551147.
CVE-2020-15780: An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30.
CVE-2020-27777: A flaw was found in the way RTAS handled memory accesses in userspace to kernel communication. On a locked down (usually due to Secure Boot) guest system running on top of PowerVM or KVM hypervisors (pseries platform) a root like local user could use this flaw to further increase their privileges to that of a running kernel.
CVE-2020-4788: IBM Power9 (AIX 7.1, 7.2, and VIOS 3.1) processors could allow a local user to obtain sensitive information from the data in the L1 cache under extenuating circumstances. IBM X-Force ID: 189296.
CVE-2021-28972: In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.
CVE-2021-3506: An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.

Created: 2021-02-19 Last update: 2021-06-11 06:34

41 security issues in sid high

There are 41 open security issues in sid.

41 important issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2019-16089: An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.
CVE-2020-15802: Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-24504: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
CVE-2020-25673: A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
CVE-2020-26139: An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26147: An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
CVE-2020-26541: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-35501:
CVE-2021-22543: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-28691:
CVE-2021-3542:
CVE-2021-3564: A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.
CVE-2021-3573:
CVE-2021-3587:

Created: 2021-02-19 Last update: 2021-06-11 06:34

41 security issues in buster high

There are 41 open security issues in buster.

30 important issues:

CVE-2019-15213: An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-16120: Overlayfs did not properly perform permission checking when copying up files in an overlayfs and could be exploited from within a user namespace, if, for example, unprivileged user namespaces were allowed. It was possible to have a file not readable by an unprivileged user to be copied to a mountpoint controlled by the user, like a removable device. This was introduced in kernel version 4.19 by commit d1d04ef ("ovl: stack file ops"). This was fixed in kernel version 5.8 by commits 56230d9 ("ovl: verify permissions in ovl_path_open()"), 48bd024 ("ovl: switch to mounter creds in readdir") and 05acefb ("ovl: check permission to open real file"). Additionally, commits 130fdbc ("ovl: pass correct flags for opening real directory") and 292f902 ("ovl: call secutiry hook in ovl_real_ioctl()") in kernel 5.8 might also be desired or necessary. These additional commits introduced a regression in overlay mounts within user namespaces which prevented access to files with ownership outside of the user namespace. This regression was mitigated by subsequent commit b6650da ("ovl: do not fail because of O_NOATIMEi") in kernel 5.11.
CVE-2020-24504: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26541: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-27835: A use after free in the Linux kernel infiniband hfi1 driver in versions prior to 5.10-rc6 was found in the way user calls Ioctl after open dev file and fork. A local user could use this flaw to crash the system.
CVE-2020-35501:
CVE-2020-36310: An issue was discovered in the Linux kernel before 5.8. arch/x86/kvm/svm/svm.c allows a set_memory_region_test infinite loop for certain nested page faults, aka CID-e72436bc3a52.
CVE-2020-36311: An issue was discovered in the Linux kernel before 5.9. arch/x86/kvm/svm/sev.c allows attackers to cause a denial of service (soft lockup) by triggering destruction of a large SEV VM (which requires unregistering many encrypted regions), aka CID-7be74942f184.
CVE-2020-36322: An issue was discovered in the FUSE filesystem implementation in the Linux kernel before 5.10.6, aka CID-5d069dbe8aaf. fuse_do_getattr() calls make_bad_inode() in inappropriate situations, causing a system crash. NOTE: the original fix for this vulnerability was incomplete, and its incompleteness is tracked as CVE-2021-28950.
CVE-2020-36385: An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2021-22543: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-28950: An issue was discovered in fs/fuse/fuse_i.h in the Linux kernel before 5.11.8. A "stall on CPU" can occur because a retry loop continually finds the same bad inode, aka CID-775c5033a0d1.
CVE-2021-3444: The bpf verifier in the Linux kernel did not properly handle mod32 destination register truncation when the source register was known to be 0. A local attacker with the ability to load bpf programs could use this gain out-of-bounds reads in kernel memory leading to information disclosure (kernel memory), and possibly out-of-bounds writes that could potentially lead to code execution. This issue was addressed in the upstream kernel in commit 9b00f1b78809 ("bpf: Fix truncation handling for mod32 dst reg wrt zero") and in Linux stable kernels 5.11.2, 5.10.19, and 5.4.101.
CVE-2021-3493: The overlayfs implementation in the linux kernel did not properly validate with respect to user namespaces the setting of file capabilities on files in an underlying file system. Due to the combination of unprivileged user namespaces along with a patch carried in the Ubuntu kernel to allow unprivileged overlay mounts, an attacker could use this to gain elevated privileges.
CVE-2021-3542:

8 issues left for the package maintainer to handle:

CVE-2019-16089: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: (postponed; to be fixed through a stable update) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-15802: (postponed; to be fixed through a stable update) Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: (needs triaging) Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-25673: (postponed; to be fixed through a stable update) A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

You can find information about how to handle these issues in the security team's documentation.

3 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

31 issues that should be fixed with the next stable update:

CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
CVE-2020-25670: A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.
CVE-2020-25671: A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
CVE-2020-25672: A memory leak vulnerability was found in Linux kernel in llcp_sock_connect
CVE-2020-26139: An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
CVE-2020-26147: An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
CVE-2020-26558: Bluetooth LE and BR/EDR secure pairing in Bluetooth Core Specification 2.1 through 5.2 may permit a nearby man-in-the-middle attacker to identify the Passkey used during pairing (in the Passkey authentication procedure) by reflection of the public key and the authentication evidence of the initiating device, potentially permitting this attacker to complete authenticated pairing with the responding device using the correct Passkey for the pairing session. The attack methodology determines the Passkey value one bit at a time.
CVE-2020-29374: An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.
CVE-2021-0129: Improper access control in BlueZ may allow an authenticated user to potentially enable information disclosure via adjacent access.
CVE-2021-23133: A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket.
CVE-2021-23134: Use After Free vulnerability in nfc sockets in the Linux Kernel before 5.12.4 allows local attackers to elevate their privileges. In typical configurations, the issue can only be triggered by a privileged local user with the CAP_NET_RAW capability.
CVE-2021-28688: The fix for XSA-365 includes initialization of pointers such that subsequent cleanup code wouldn't use uninitialized or stale values. This initialization went too far and may under certain conditions also overwrite pointers which are in need of cleaning up. The lack of cleanup would result in leaking persistent grants. The leak in turn would prevent fully cleaning up after a respective guest has died, leaving around zombie domains. All Linux versions having the fix for XSA-365 applied are vulnerable. XSA-365 was classified to affect versions back to at least 3.11.
CVE-2021-28964: A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc.
CVE-2021-28971: In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
CVE-2021-28972: In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8.
CVE-2021-29154: BPF JIT compilers in the Linux kernel through 5.11.12 have incorrect computation of branch displacements, allowing them to execute arbitrary code within the kernel context. This affects arch/x86/net/bpf_jit_comp.c and arch/x86/net/bpf_jit_comp32.c.
CVE-2021-29155: An issue was discovered in the Linux kernel through 5.11.x. kernel/bpf/verifier.c performs undesirable out-of-bounds speculation on pointer arithmetic, leading to side-channel attacks that defeat Spectre mitigations and obtain sensitive information from kernel memory. Specifically, for sequences of pointer arithmetic operations, the pointer modification performed by the first operation is not correctly accounted for when restricting subsequent operations.
CVE-2021-29264: An issue was discovered in the Linux kernel through 5.11.10. drivers/net/ethernet/freescale/gianfar.c in the Freescale Gianfar Ethernet driver allows attackers to cause a system crash because a negative fragment size is calculated in situations involving an rx queue overrun when jumbo packets are used and NAPI is enabled, aka CID-d8861bab48b6.
CVE-2021-29647: An issue was discovered in the Linux kernel before 5.11.11. qrtr_recvmsg in net/qrtr/qrtr.c allows attackers to obtain sensitive information from kernel memory because of a partially uninitialized data structure, aka CID-50535249f624.
CVE-2021-29650: An issue was discovered in the Linux kernel before 5.11.11. The netfilter subsystem allows attackers to cause a denial of service (panic) because net/netfilter/x_tables.c and include/linux/netfilter/x_tables.h lack a full memory barrier upon the assignment of a new table value, aka CID-175e476b8cdf.
CVE-2021-31829: kernel/bpf/verifier.c in the Linux kernel through 5.12.1 performs undesirable speculative loads, leading to disclosure of stack content via side-channel attacks, aka CID-801c6058d14a. The specific concern is not protecting the BPF stack area against speculative loads. Also, the BPF stack can contain uninitialized data that might represent sensitive information previously operated on by the kernel.
CVE-2021-31916: An out-of-bounds (OOB) memory write flaw was found in list_devices in drivers/md/dm-ioctl.c in the Multi-device driver module in the Linux kernel before 5.12. A bound check failure allows an attacker with special user (CAP_SYS_ADMIN) privilege to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CVE-2021-32399: net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.
CVE-2021-33034: In the Linux kernel before 5.12.4, net/bluetooth/hci_event.c has a use-after-free when destroying an hci_chan, aka CID-5c4c8c954409. This leads to writing an arbitrary value.
CVE-2021-3483: A flaw was found in the Nosy driver in the Linux kernel. This issue allows a device to be inserted twice into a doubly-linked list, leading to a use-after-free when one of these devices is removed. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Versions before kernel 5.12-rc6 are affected
CVE-2021-3506: An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CVE-2021-3564: A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.
CVE-2021-3573:
CVE-2021-3587:

Created: 2021-02-19 Last update: 2021-06-11 06:34

41 security issues in bullseye high

There are 41 open security issues in bullseye.

29 important issues:

CVE-2019-15794: Overlayfs in the Linux kernel and shiftfs, a non-upstream patch to the Linux kernel included in the Ubuntu 5.0 and 5.3 kernel series, both replace vma->vm_file in their mmap handlers. On error the original value is not restored, and the reference is put for the file to which vm_file points. On upstream kernels this is not an issue, as no callers dereference vm_file following after call_mmap() returns an error. However, the aufs patchs change mmap_region() to replace the fput() using a local variable with vma_fput(), which will fput() vm_file, leading to a refcount underflow.
CVE-2020-0347: In iptables, there is a possible out of bounds write due to an incorrect bounds check. This could lead to local escalation of privilege with System execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-11Android ID: A-136658008
CVE-2020-12362: Integer overflow in the firmware for some Intel(R) Graphics Drivers for Windows * before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable an escalation of privilege via local access.
CVE-2020-12363: Improper input validation in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-12364: Null pointer reference in some Intel(R) Graphics Drivers for Windows* before version 26.20.100.7212 and before version Linux kernel version 5.5 may allow a privileged user to potentially enable a denial of service via local access.
CVE-2020-24504: Uncontrolled resource consumption in some Intel(R) Ethernet E810 Adapter drivers for Linux before version 1.0.4 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2020-24586: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that received fragments be cleared from memory after (re)connecting to a network. Under the right circumstances, when another device sends fragmented frames encrypted using WEP, CCMP, or GCMP, this can be abused to inject arbitrary network packets and/or exfiltrate user data.
CVE-2020-24587: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that all fragments of a frame are encrypted under the same key. An adversary can abuse this to decrypt selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP encryption key is periodically renewed.
CVE-2020-24588: The 802.11 standard that underpins Wi-Fi Protected Access (WPA, WPA2, and WPA3) and Wired Equivalent Privacy (WEP) doesn't require that the A-MSDU flag in the plaintext QoS header field is authenticated. Against devices that support receiving non-SSP A-MSDU frames (which is mandatory as part of 802.11n), an adversary can abuse this to inject arbitrary network packets.
CVE-2020-26139: An issue was discovered in the kernel in NetBSD 7.1. An Access Point (AP) forwards EAPOL frames to other clients even though the sender has not yet successfully authenticated to the AP. This might be abused in projected Wi-Fi networks to launch denial-of-service attacks against connected clients and makes it easier to exploit other vulnerabilities in connected clients.
CVE-2020-26140: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The WEP, WPA, WPA2, and WPA3 implementations accept plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26141: An issue was discovered in the ALFA Windows 10 driver 6.1316.1209 for AWUS036H. The Wi-Fi implementation does not verify the Message Integrity Check (authenticity) of fragmented TKIP frames. An adversary can abuse this to inject and possibly decrypt packets in WPA or WPA2 networks that support the TKIP data-confidentiality protocol.
CVE-2020-26142: An issue was discovered in the kernel in OpenBSD 6.6. The WEP, WPA, WPA2, and WPA3 implementations treat fragmented frames as full frames. An adversary can abuse this to inject arbitrary network packets, independent of the network configuration.
CVE-2020-26143: An issue was discovered in the ALFA Windows 10 driver 1030.36.604 for AWUS036ACH. The WEP, WPA, WPA2, and WPA3 implementations accept fragmented plaintext frames in a protected Wi-Fi network. An adversary can abuse this to inject arbitrary data frames independent of the network configuration.
CVE-2020-26145: An issue was discovered on Samsung Galaxy S3 i9305 4.4.4 devices. The WEP, WPA, WPA2, and WPA3 implementations accept second (or subsequent) broadcast fragments even when sent in plaintext and process them as full unfragmented frames. An adversary can abuse this to inject arbitrary network packets independent of the network configuration.
CVE-2020-26147: An issue was discovered in the Linux kernel 5.8.9. The WEP, WPA, WPA2, and WPA3 implementations reassemble fragments even though some of them were sent in plaintext. This vulnerability can be abused to inject packets and/or exfiltrate selected fragments when another device sends fragmented frames and the WEP, CCMP, or GCMP data-confidentiality protocol is used.
CVE-2020-26541: The Linux kernel through 5.8.13 does not properly enforce the Secure Boot Forbidden Signature Database (aka dbx) protection mechanism. This affects certs/blacklist.c and certs/system_keyring.c.
CVE-2020-26555: Bluetooth legacy BR/EDR PIN code pairing in Bluetooth Core Specification 1.0B through 5.2 may permit an unauthenticated nearby device to spoof the BD_ADDR of the peer device to complete pairing without knowledge of the PIN.
CVE-2020-26556: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, able to conduct a successful brute-force attack on an insufficiently random AuthValue before the provisioning procedure times out, to complete authentication by leveraging Malleable Commitment.
CVE-2020-26557: Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (without possession of the AuthValue used in the provisioning protocol) to determine the AuthValue via a brute-force attack (unless the AuthValue is sufficiently random and changed each time).
CVE-2020-26559: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device (participating in the provisioning protocol) to identify the AuthValue used given the Provisioner’s public key, and the confirmation number and nonce provided by the provisioning device. This could permit a device without the AuthValue to complete provisioning without brute-forcing the AuthValue.
CVE-2020-26560: Bluetooth Mesh Provisioning in the Bluetooth Mesh profile 1.0 and 1.0.1 may permit a nearby device, reflecting the authentication evidence from a Provisioner, to complete authentication without possessing the AuthValue, and potentially acquire a NetKey and AppKey.
CVE-2020-35501:
CVE-2021-22543: An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
CVE-2021-28691:
CVE-2021-3542:
CVE-2021-3564: A flaw double-free memory corruption in the Linux kernel HCI device initialization subsystem was found in the way user attach malicious HCI TTY Bluetooth device. A local user could use this flaw to crash the system. This flaw affects all the Linux kernel versions starting from 3.13.
CVE-2021-3573:
CVE-2021-3587:

9 issues postponed or untriaged:

CVE-2019-15213: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
CVE-2019-16089: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel through 5.2.13. nbd_genl_status in drivers/block/nbd.c does not check the nla_nest_start_noflag return value.
CVE-2019-19378: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image can lead to slab-out-of-bounds write access in index_rbio_pages in fs/btrfs/raid56.c.
CVE-2019-19449: (postponed; to be fixed through a stable update) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can lead to slab-out-of-bounds read access in f2fs_build_segment_manager in fs/f2fs/segment.c, related to init_min_max_mtime in fs/f2fs/segment.c (because the second argument to get_seg_entry is not validated).
CVE-2019-19814: (needs triaging) In the Linux kernel 5.0.21, mounting a crafted f2fs filesystem image can cause __remove_dirty_segment slab-out-of-bounds write access because an array is bounded by the number of dirty types (8) but the array index can exceed this.
CVE-2019-20794: (postponed; to be fixed through a stable update) An issue was discovered in the Linux kernel 4.18 through 5.6.11 when unprivileged user namespaces are allowed. A user can create their own PID namespace, and mount a FUSE filesystem. Upon interaction with this FUSE filesystem, if the userspace component is terminated via a kill of the PID namespace's pid 1, it will result in a hung task, and resources being permanently locked up until system reboot. This can result in resource exhaustion.
CVE-2020-15802: (postponed; to be fixed through a stable update) Devices supporting Bluetooth before 5.1 may allow man-in-the-middle attacks, aka BLURtooth. Cross Transport Key Derivation in Bluetooth Core Specification v4.2 and v5.0 may permit an unauthenticated user to establish a bonding with one transport, either LE or BR/EDR, and replace a bonding already established on the opposing transport, BR/EDR or LE, potentially overwriting an authenticated key with an unauthenticated key, or a key with greater entropy with one with less.
CVE-2020-16119: (needs triaging) Use-after-free vulnerability in the Linux kernel exploitable by a local attacker due to reuse of a DCCP socket with an attached dccps_hc_tx_ccid object as a listener after being released. Fixed in Ubuntu Linux kernel 5.4.0-51.56, 5.3.0-68.63, 4.15.0-121.123, 4.4.0-193.224, 3.13.0.182.191 and 3.2.0-149.196.
CVE-2020-25673: (postponed; to be fixed through a stable update) A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

3 ignored issues:

CVE-2013-7445: The Direct Rendering Manager (DRM) subsystem in the Linux kernel through 4.x mishandles requests for Graphics Execution Manager (GEM) objects, which allows context-dependent attackers to cause a denial of service (memory consumption) via an application that processes graphics data, as demonstrated by JavaScript code that creates many CANVAS elements for rendering by Chrome or Firefox.
CVE-2018-12928: In the Linux kernel 4.15.0, a NULL pointer dereference was discovered in hfs_ext_read_extent in hfs.ko. This can occur during a mount of a crafted hfs filesystem.
CVE-2020-14304: A memory disclosure flaw was found in the Linux kernel's ethernet drivers, in the way it read data from the EEPROM of the device. This flaw allows a local user to read uninitialized values from the kernel memory. The highest threat from this vulnerability is to confidentiality.

Created: 2021-02-19 Last update: 2021-06-11 06:34

Does not build reproducibly during testing normal

A package building reproducibly enables third parties to verify that the source matches the distributed binaries. It has been identified that this source package produced different results, failed to build or had other issues in a test environment. Please read about how to improve the situation!

Created: 2021-04-16 Last update: 2021-06-15 10:00

20 bugs tagged patch in the BTS normal

The BTS contains patches fixing 20 bugs, consider including or untagging them.

Created: 2020-10-19 Last update: 2021-06-15 09:31

Depends on packages which need a new maintainer normal

The packages that linux depends on which need a new maintainer are:

dh-exec (#851746)
- Build-Depends: dh-exec

Created: 2019-11-22 Last update: 2021-06-15 08:33

Multiarch hinter reports 2 issue(s) normal

There are issues with the multiarch metadata for this package.

libcpupower-dev could be marked Multi-Arch: same
libcpupower1 could be marked Multi-Arch: same

Created: 2021-05-31 Last update: 2021-06-15 04:55

Build log checks report 2 warnings low

Build log checks report 2 warnings

Created: 2021-03-20 Last update: 2021-03-20 06:02

Standards version of the package is outdated. wishlist

The package should be updated to follow the last version of Debian Policy (Standards-Version 4.5.1 instead of 4.2.0).

Created: 2017-12-02 Last update: 2021-05-28 19:09

testing migrations

This package will soon be part of the auto-perl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-libopencsd transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.
This package will soon be part of the auto-openssl transition. You might want to ensure that your package is ready for it. You can probably find supplementary information in the debian-release archives or in the corresponding release.debian.org bug.

news

[rss feed]

[2021-06-11] Accepted linux 4.19.194-1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-06-06] Accepted linux 5.10.40-1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-06-04] linux 5.10.40-1 MIGRATED to testing (Debian testing watch)
[2021-05-28] Accepted linux 5.10.40-1 (source) into unstable (Salvatore Bonaccorso)
[2021-05-20] Accepted linux 5.10.38-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-04-15] linux 5.10.28-1 MIGRATED to testing (Debian testing watch)
[2021-04-10] Accepted linux 5.10.28-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-04-09] linux 5.10.26-1 MIGRATED to testing (Debian testing watch)
[2021-04-08] Accepted linux 5.10.24-1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Ben Hutchings)
[2021-03-27] Accepted linux 5.10.26-1 (source) into unstable (Salvatore Bonaccorso)
[2021-03-25] linux 5.10.24-1 MIGRATED to testing (Debian testing watch)
[2021-03-19] Accepted linux 5.10.24-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-03-19] Accepted linux 4.19.181-1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-03-16] Accepted linux 5.10.19-1~bpo10+1 (source) into buster-backports->backports-policy, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-03-09] linux 5.10.19-1 MIGRATED to testing (Debian testing watch)
[2021-03-08] Accepted linux 4.9.258-1 (source) into oldstable, oldstable (Debian FTP Masters) (signed by: Ben Hutchings)
[2021-03-05] Accepted linux 4.19.177-1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-03-02] Accepted linux 5.10.19-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-02-11] Accepted linux 5.10.13-1~bpo10+1 (source) into buster-backports, buster-backports (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-02-10] linux 5.10.13-1 MIGRATED to testing (Debian testing watch)
[2021-02-06] Accepted linux 5.10.13-1 (source) into unstable (Salvatore Bonaccorso)
[2021-02-06] linux 5.10.12-1 MIGRATED to testing (Debian testing watch)
[2021-02-02] Accepted linux 4.19.171-2 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-02-02] Accepted linux 4.19.171-1 (source) into proposed-updates->stable-new, proposed-updates (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-02-01] Accepted linux 4.19.171-2 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-02-01] Accepted linux 4.19.171-1 (source) into stable->embargoed, stable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-01-31] Accepted linux 5.10.12-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)
[2021-01-28] linux 5.10.9-1 MIGRATED to testing (Debian testing watch)
[2021-01-28] linux 5.10.9-1 MIGRATED to testing (Debian testing watch)
[2021-01-21] Accepted linux 5.10.9-1 (source) into unstable, unstable (Debian FTP Masters) (signed by: Salvatore Bonaccorso)

bugs [bug history graph]

all: 967 1012
RC: 1
I&N: 849 886
M&W: 117 125
F&P: 0
patch: 20

links

homepage
buildd: logs, checks, clang, reproducibility
popcon
browse source code
edit tags
other distros
security tracker
l10n (-, 41)
debci

ubuntu

[Information about Ubuntu for Debian Developers]

version: 5.11.0-18.19+21.10.1
7457 bugs (280 patches)