Filtered by vendor Netapp
Subscribe
Filtered by product Solidfire Baseboard Management Controller Firmware
Subscribe
Total
69 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-27350 | 3 Canonical, Debian, Netapp | 5 Ubuntu Linux, Advanced Package Tool, Debian Linux and 2 more | 2023-12-10 | 4.6 MEDIUM | 5.7 MEDIUM |
| APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1; | |||||
| CVE-2020-29661 | 6 Broadcom, Debian, Fedoraproject and 3 more | 18 Fabric Operating System, Debian Linux, Fedora and 15 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. | |||||
| CVE-2020-29660 | 5 Broadcom, Debian, Fedoraproject and 2 more | 17 Fabric Operating System, Debian Linux, Fedora and 14 more | 2023-12-10 | 2.1 LOW | 4.4 MEDIUM |
| A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. | |||||
| CVE-2021-27365 | 4 Debian, Linux, Netapp and 1 more | 5 Debian Linux, Linux Kernel, Solidfire Baseboard Management Controller and 2 more | 2023-12-10 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message. | |||||
| CVE-2021-27363 | 3 Debian, Linux, Netapp | 4 Debian Linux, Linux Kernel, Cloud Backup and 1 more | 2023-12-10 | 3.6 LOW | 4.4 MEDIUM |
| An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. | |||||
| CVE-2021-28972 | 3 Fedoraproject, Linux, Netapp | 5 Fedora, Linux Kernel, Cloud Backup and 2 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8. | |||||
| CVE-2020-36158 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2023-12-10 | 7.2 HIGH | 6.7 MEDIUM |
| mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. | |||||
| CVE-2020-12888 | 6 Canonical, Debian, Fedoraproject and 3 more | 39 Ubuntu Linux, Debian Linux, Fedora and 36 more | 2023-12-10 | 4.7 MEDIUM | 5.3 MEDIUM |
| The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. | |||||
| CVE-2020-13143 | 5 Canonical, Debian, Linux and 2 more | 38 Ubuntu Linux, Debian Linux, Linux Kernel and 35 more | 2023-12-10 | 4.3 MEDIUM | 6.5 MEDIUM |
| gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. | |||||
| CVE-2020-8832 | 2 Canonical, Netapp | 60 Ubuntu Linux, Aff 8300, Aff 8300 Firmware and 57 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. | |||||
| CVE-2020-14356 | 6 Canonical, Debian, Linux and 3 more | 11 Ubuntu Linux, Debian Linux, Linux Kernel and 8 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. | |||||
| CVE-2019-19044 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762. | |||||
| CVE-2019-11089 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-14815 | 3 Linux, Netapp, Redhat | 18 Linux Kernel, Altavault, Baseboard Management Controller and 15 more | 2023-12-10 | 7.2 HIGH | 7.8 HIGH |
| A vulnerability was found in Linux Kernel, where a Heap Overflow was found in mwifiex_set_wmm_params() function of Marvell Wifi Driver. | |||||
| CVE-2019-14574 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-19052 | 7 Broadcom, Canonical, Debian and 4 more | 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 17 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. | |||||
| CVE-2019-14590 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2023-12-10 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-19063 | 7 Broadcom, Canonical, Fedoraproject and 4 more | 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 17 more | 2023-12-10 | 4.9 MEDIUM | 4.6 MEDIUM |
| Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | |||||
| CVE-2020-9383 | 5 Canonical, Debian, Linux and 2 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2023-12-10 | 3.6 LOW | 7.1 HIGH |
| An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. | |||||
| CVE-2019-19053 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2023-12-10 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2. | |||||