Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe
Filtered by product Baseboard Management Controller H300e
Total 24 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2021-3743 3 Fedoraproject, Linux, Netapp 18 Fedora, Linux Kernel, Baseboard Management Controller H300e and 15 more 2023-02-02 3.6 LOW 7.1 HIGH
An out-of-bounds (OOB) memory read flaw was found in the Qualcomm IPC router protocol in the Linux kernel. A missing sanity check allows a local attacker to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability.
CVE-2021-28660 4 Debian, Fedoraproject, Linux and 1 more 20 Debian Linux, Fedora, Linux Kernel and 17 more 2023-01-19 8.3 HIGH 8.8 HIGH
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base.
CVE-2020-36516 2 Linux, Netapp 29 Linux Kernel, Baseboard Management Controller H300e, Baseboard Management Controller H300e Firmware and 26 more 2023-01-05 4.9 MEDIUM 5.9 MEDIUM
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2022-1353 4 Debian, Linux, Netapp and 1 more 19 Debian Linux, Linux Kernel, Baseboard Management Controller H300e and 16 more 2022-12-14 3.6 LOW 7.1 HIGH
A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel. This flaw allows a local, unprivileged user to gain access to kernel memory, leading to a system crash or a leak of internal kernel information.
CVE-2022-1048 4 Debian, Linux, Netapp and 1 more 19 Debian Linux, Linux Kernel, Baseboard Management Controller H300e and 16 more 2022-12-14 6.9 MEDIUM 7.0 HIGH
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2021-25220 4 Fedoraproject, Isc, Netapp and 1 more 19 Fedora, Bind, Baseboard Management Controller H300e and 16 more 2022-11-28 4.0 MEDIUM 6.8 MEDIUM
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.
CVE-2022-0396 4 Fedoraproject, Isc, Netapp and 1 more 19 Fedora, Bind, Baseboard Management Controller H300e and 16 more 2022-11-16 4.3 MEDIUM 5.3 MEDIUM
BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.
CVE-2022-0492 6 Canonical, Debian, Fedoraproject and 3 more 30 Ubuntu Linux, Debian Linux, Fedora and 27 more 2022-10-19 6.9 MEDIUM 7.8 HIGH
A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.
CVE-2020-8832 2 Canonical, Netapp 60 Ubuntu Linux, Aff 8300, Aff 8300 Firmware and 57 more 2022-10-11 2.1 LOW 5.5 MEDIUM
The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information.
CVE-2022-0995 3 Fedoraproject, Linux, Netapp 24 Fedora, Linux Kernel, Baseboard Management Controller H300e and 21 more 2022-09-23 7.2 HIGH 7.8 HIGH
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.
CVE-2021-20322 5 Debian, Fedoraproject, Linux and 2 more 32 Debian Linux, Fedora, Linux Kernel and 29 more 2022-07-28 5.8 MEDIUM 7.4 HIGH
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
CVE-2022-25636 3 Debian, Linux, Netapp 10 Debian Linux, Linux Kernel, Baseboard Management Controller H300e and 7 more 2022-07-25 6.9 MEDIUM 7.8 HIGH
net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.
CVE-2021-45485 2 Linux, Netapp 20 Linux Kernel, Baseboard Management Controller H300e, Baseboard Management Controller H300s and 17 more 2022-07-25 5.0 MEDIUM 7.5 HIGH
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that IPv6-based attackers can typically choose among many IPv6 source addresses.
CVE-2021-3752 5 Debian, Fedoraproject, Linux and 2 more 24 Debian Linux, Fedora, Linux Kernel and 21 more 2022-07-25 7.9 HIGH 7.1 HIGH
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition. This flaw allows a user to crash the system or escalate their privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2019-20388 6 Debian, Fedoraproject, Netapp and 3 more 31 Debian Linux, Fedora, Baseboard Management Controller H300e and 28 more 2022-07-25 5.0 MEDIUM 7.5 HIGH
xmlSchemaPreRun in xmlschemas.c in libxml2 2.9.10 allows an xmlSchemaValidateStream memory leak.
CVE-2021-3739 3 Fedoraproject, Linux, Netapp 18 Fedora, Linux Kernel, Baseboard Management Controller H300e and 15 more 2022-06-01 3.6 LOW 7.1 HIGH
A NULL pointer dereference flaw was found in the btrfs_rm_device function in fs/btrfs/volumes.c in the Linux Kernel, where triggering the bug requires ‘CAP_SYS_ADMIN’. This flaw allows a local attacker to crash the system or leak kernel internal information. The highest threat from this vulnerability is to system availability.
CVE-2022-0667 2 Isc, Netapp 17 Bind, Baseboard Management Controller H300e, Baseboard Management Controller H300e Firmware and 14 more 2022-06-01 5.0 MEDIUM 7.5 HIGH
When the vulnerability is triggered the BIND process will exit. BIND 9.18.0
CVE-2022-0635 2 Isc, Netapp 17 Bind, Baseboard Management Controller H300e, Baseboard Management Controller H300e Firmware and 14 more 2022-06-01 5.0 MEDIUM 7.5 HIGH
Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.
CVE-2021-44733 5 Debian, Fedoraproject, Linux and 2 more 20 Debian Linux, Fedora, Linux Kernel and 17 more 2022-06-01 4.4 MEDIUM 7.0 HIGH
A use-after-free exists in drivers/tee/tee_shm.c in the TEE subsystem in the Linux kernel through 5.15.11. This occurs because of a race condition in tee_shm_get_from_id during an attempt to free a shared memory object.
CVE-2022-25265 2 Linux, Netapp 17 Linux Kernel, Baseboard Management Controller Firmware, Baseboard Management Controller H300e and 14 more 2022-05-11 4.4 MEDIUM 7.8 HIGH
In the Linux kernel through 5.16.10, certain binary files may have the exec-all attribute if they were built in approximately 2003 (e.g., with GCC 3.2.2 and Linux kernel 2.4.20). This can cause execution of bytes located in supposedly non-executable regions of a file.