Filtered by vendor Netapp
Subscribe
Filtered by product Solidfire Baseboard Management Controller Firmware
Subscribe
Total
69 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-25672 | 4 Debian, Fedoraproject, Linux and 1 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A memory leak vulnerability was found in Linux kernel in llcp_sock_connect | |||||
CVE-2019-25045 | 2 Linux, Netapp | 41 Linux Kernel, Aff 8300, Aff 8300 Firmware and 38 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. | |||||
CVE-2021-22543 | 4 Debian, Fedoraproject, Linux and 1 more | 21 Debian Linux, Fedora, Linux Kernel and 18 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. | |||||
CVE-2019-25044 | 2 Linux, Netapp | 21 Linux Kernel, Cloud Backup, H300e and 18 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue. | |||||
CVE-2020-25671 | 4 Debian, Fedoraproject, Linux and 1 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations. | |||||
CVE-2021-32399 | 3 Debian, Linux, Netapp | 19 Debian Linux, Linux Kernel, Cloud Backup and 16 more | 2023-12-10 | 4.4 MEDIUM | 7.0 HIGH |
net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller. | |||||
CVE-2021-3501 | 4 Fedoraproject, Linux, Netapp and 1 more | 27 Fedora, Linux Kernel, Cloud Backup and 24 more | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and system availability. | |||||
CVE-2020-25670 | 4 Debian, Fedoraproject, Linux and 1 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | |||||
CVE-2021-28964 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2023-12-10 | 1.9 LOW | 4.7 MEDIUM |
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. | |||||
CVE-2021-28660 | 4 Debian, Fedoraproject, Linux and 1 more | 20 Debian Linux, Fedora, Linux Kernel and 17 more | 2023-12-10 | 8.3 HIGH | 8.8 HIGH |
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. | |||||
CVE-2020-27825 | 4 Debian, Linux, Netapp and 1 more | 9 Debian Linux, Linux Kernel, Cloud Backup and 6 more | 2023-12-10 | 5.4 MEDIUM | 5.7 MEDIUM |
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. | |||||
CVE-2021-27364 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. | |||||
CVE-2021-28971 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | |||||
CVE-2020-14305 | 2 Linux, Netapp | 10 Linux Kernel, A250, A250 Firmware and 7 more | 2023-12-10 | 8.3 HIGH | 8.1 HIGH |
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
CVE-2020-25692 | 3 Netapp, Openldap, Redhat | 5 Cloud Backup, Solidfire Baseboard Management Controller, Solidfire Baseboard Management Controller Firmware and 2 more | 2023-12-10 | 5.0 MEDIUM | 7.5 HIGH |
A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. | |||||
CVE-2020-29370 | 2 Linux, Netapp | 10 Linux Kernel, Cloud Backup, H410c and 7 more | 2023-12-10 | 4.4 MEDIUM | 7.0 HIGH |
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. | |||||
CVE-2020-15436 | 3 Broadcom, Linux, Netapp | 34 Brocade Fabric Operating System Firmware, Linux Kernel, A250 and 31 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | |||||
CVE-2021-28951 | 3 Fedoraproject, Linux, Netapp | 11 Fedora, Linux Kernel, A250 and 8 more | 2023-12-10 | 4.9 MEDIUM | 5.5 MEDIUM |
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. | |||||
CVE-2021-28375 | 3 Fedoraproject, Linux, Netapp | 4 Fedora, Linux Kernel, Cloud Backup and 1 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. | |||||
CVE-2021-28952 | 3 Fedoraproject, Linux, Netapp | 11 Fedora, Linux Kernel, A250 and 8 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) |