Filtered by vendor Netapp
Subscribe
Filtered by product Solidfire Baseboard Management Controller Firmware
Subscribe
Total
70 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2020-35519 | 2 Linux, Netapp | 20 Linux Kernel, Cloud Backup, H300e and 17 more | 2024-02-28 | 6.8 MEDIUM | 7.8 HIGH |
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
CVE-2021-3612 | 6 Debian, Fedoraproject, Linux and 3 more | 26 Debian Linux, Fedora, Linux Kernel and 23 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
An out-of-bounds memory write flaw was found in the Linux kernel's joystick devices subsystem in versions before 5.9-rc1, in the way the user calls ioctl JSIOCSBTNMAP. This flaw allows a local user to crash the system or possibly escalate their privileges on the system. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. | |||||
CVE-2021-31440 | 2 Linux, Netapp | 18 Linux Kernel, Cloud Backup, H300e and 15 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of eBPF programs. The issue results from the lack of proper validation of user-supplied eBPF programs prior to executing them. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the kernel. Was ZDI-CAN-13661. | |||||
CVE-2020-25673 | 3 Fedoraproject, Linux, Netapp | 22 Fedora, Linux Kernel, Active Iq Unified Manager and 19 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. | |||||
CVE-2021-3506 | 3 Debian, Linux, Netapp | 20 Debian Linux, Linux Kernel, Cloud Backup and 17 more | 2024-02-28 | 5.6 MEDIUM | 7.1 HIGH |
An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | |||||
CVE-2021-23133 | 5 Broadcom, Debian, Fedoraproject and 2 more | 24 Brocade Fabric Operating System, Debian Linux, Fedora and 21 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a BPF_CGROUP_INET_SOCK_CREATE is attached which denies creation of some SCTP socket. | |||||
CVE-2020-25668 | 3 Debian, Linux, Netapp | 26 Debian Linux, Linux Kernel, 500f and 23 more | 2024-02-28 | 6.9 MEDIUM | 7.0 HIGH |
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | |||||
CVE-2020-25670 | 4 Debian, Fedoraproject, Linux and 1 more | 23 Debian Linux, Fedora, Linux Kernel and 20 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations. | |||||
CVE-2020-29370 | 2 Linux, Netapp | 10 Linux Kernel, Cloud Backup, H410c and 7 more | 2024-02-28 | 4.4 MEDIUM | 7.0 HIGH |
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. | |||||
CVE-2021-28660 | 4 Debian, Fedoraproject, Linux and 1 more | 20 Debian Linux, Fedora, Linux Kernel and 17 more | 2024-02-28 | 8.3 HIGH | 8.8 HIGH |
rtw_wx_set_scan in drivers/staging/rtl8188eu/os_dep/ioctl_linux.c in the Linux kernel through 5.11.6 allows writing beyond the end of the ->ssid[] array. NOTE: from the perspective of kernel.org releases, CVE IDs are not normally used for drivers/staging/* (unfinished work); however, system integrators may have situations in which a drivers/staging issue is relevant to their own customer base. | |||||
CVE-2021-28952 | 3 Fedoraproject, Linux, Netapp | 11 Fedora, Linux Kernel, A250 and 8 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) | |||||
CVE-2021-28951 | 3 Fedoraproject, Linux, Netapp | 11 Fedora, Linux Kernel, A250 and 8 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. | |||||
CVE-2020-15436 | 3 Broadcom, Linux, Netapp | 34 Brocade Fabric Operating System Firmware, Linux Kernel, A250 and 31 more | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. | |||||
CVE-2021-27364 | 5 Canonical, Debian, Linux and 2 more | 6 Ubuntu Linux, Debian Linux, Linux Kernel and 3 more | 2024-02-28 | 3.6 LOW | 7.1 HIGH |
An issue was discovered in the Linux kernel through 5.11.3. drivers/scsi/scsi_transport_iscsi.c is adversely affected by the ability of an unprivileged user to craft Netlink messages. | |||||
CVE-2021-28971 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2024-02-28 | 4.9 MEDIUM | 5.5 MEDIUM |
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | |||||
CVE-2021-28375 | 3 Fedoraproject, Linux, Netapp | 4 Fedora, Linux Kernel, Cloud Backup and 1 more | 2024-02-28 | 7.2 HIGH | 7.8 HIGH |
An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. | |||||
CVE-2021-27365 | 4 Debian, Linux, Netapp and 1 more | 5 Debian Linux, Linux Kernel, Solidfire Baseboard Management Controller and 2 more | 2024-02-28 | 4.6 MEDIUM | 7.8 HIGH |
An issue was discovered in the Linux kernel through 5.11.3. Certain iSCSI data structures do not have appropriate length constraints or checks, and can exceed the PAGE_SIZE value. An unprivileged user can send a Netlink message that is associated with iSCSI, and has a length up to the maximum length of a Netlink message. | |||||
CVE-2021-28964 | 4 Debian, Fedoraproject, Linux and 1 more | 9 Debian Linux, Fedora, Linux Kernel and 6 more | 2024-02-28 | 1.9 LOW | 4.7 MEDIUM |
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. | |||||
CVE-2020-36158 | 4 Debian, Fedoraproject, Linux and 1 more | 6 Debian Linux, Fedora, Linux Kernel and 3 more | 2024-02-28 | 7.2 HIGH | 6.7 MEDIUM |
mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. | |||||
CVE-2021-27363 | 3 Debian, Linux, Netapp | 4 Debian Linux, Linux Kernel, Cloud Backup and 1 more | 2024-02-28 | 3.6 LOW | 4.4 MEDIUM |
An issue was discovered in the Linux kernel through 5.11.3. A kernel pointer leak can be used to determine the address of the iscsi_transport structure. When an iSCSI transport is registered with the iSCSI subsystem, the transport's handle is available to unprivileged users via the sysfs file system, at /sys/class/iscsi_transport/$TRANSPORT_NAME/handle. When read, the show_transport_handle function (in drivers/scsi/scsi_transport_iscsi.c) is called, which leaks the handle. This handle is actually the pointer to an iscsi_transport struct in the kernel module's global variables. |