Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe
Filtered by product H410s
Total 290 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2023-3111 3 Debian, Linux, Netapp 12 Debian Linux, Linux Kernel, H300s and 9 more 2024-02-28 N/A 7.8 HIGH
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calling btrfs_ioctl_defrag().
CVE-2023-28320 3 Apple, Haxx, Netapp 12 Macos, Curl, Clustered Data Ontap and 9 more 2024-02-28 N/A 5.9 MEDIUM
A denial of service vulnerability exists in curl <v8.1.0 in the way libcurl provides several different backends for resolving host names, selected at build time. If it is built to use the synchronous resolver, it allows name resolves to time-out slow operations using `alarm()` and `siglongjmp()`. When doing this, libcurl used a global buffer that was not mutex protected and a multi-threaded application might therefore crash or otherwise misbehave.
CVE-2023-2953 4 Apple, Netapp, Openldap and 1 more 16 Macos, Active Iq Unified Manager, Clustered Data Ontap and 13 more 2024-02-28 N/A 7.5 HIGH
A vulnerability was found in openldap. This security flaw causes a null pointer dereference in ber_memalloc_x() function.
CVE-2022-48502 2 Linux, Netapp 6 Linux Kernel, H300s, H410c and 3 more 2024-02-28 N/A 7.1 HIGH
An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.
CVE-2023-1077 3 Debian, Linux, Netapp 22 Debian Linux, Linux Kernel, 8300 and 19 more 2024-02-28 N/A 7.0 HIGH
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would lead to a type confused entry with the list head,which would then be used as a type confused sched_rt_entity,causing memory corruption.
CVE-2023-35826 2 Linux, Netapp 6 Linux Kernel, H300s, H410c and 3 more 2024-02-28 N/A 7.0 HIGH
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.
CVE-2023-2124 3 Debian, Linux, Netapp 12 Debian Linux, Linux Kernel, H300s and 9 more 2024-02-28 N/A 7.8 HIGH
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash or potentially escalate their privileges on the system.
CVE-2023-28319 3 Apple, Haxx, Netapp 12 Macos, Curl, Clustered Data Ontap and 9 more 2024-02-28 N/A 7.5 HIGH
A use after free vulnerability exists in curl <v8.1.0 in the way libcurl offers a feature to verify an SSH server's public key using a SHA 256 hash. When this check fails, libcurl would free the memory for the fingerprint before it returns an error message containing the (now freed) hash. This flaw risks inserting sensitive heap-based data into the error message that might be shown to users or otherwise get leaked and revealed.
CVE-2023-2269 4 Debian, Fedoraproject, Linux and 1 more 13 Debian Linux, Fedora, Linux Kernel and 10 more 2024-02-28 N/A 4.4 MEDIUM
A denial of service problem was found, due to a possible recursive locking scenario, resulting in a deadlock in table_clear in drivers/md/dm-ioctl.c in the Linux Kernel Device Mapper-Multipathing sub-component.
CVE-2023-28322 4 Apple, Fedoraproject, Haxx and 1 more 13 Macos, Fedora, Curl and 10 more 2024-02-28 N/A 3.7 LOW
An information disclosure vulnerability exists in curl <v8.1.0 when doing HTTP(S) transfers, libcurl might erroneously use the read callback (`CURLOPT_READFUNCTION`) to ask for data to send, even when the `CURLOPT_POSTFIELDS` option has been set, if the same handle previously wasused to issue a `PUT` request which used that callback. This flaw may surprise the application and cause it to misbehave and either send off the wrong data or use memory after free or similar in the second transfer. The problem exists in the logic for a reused handle when it is (expected to be) changed from a PUT to a POST.
CVE-2023-35001 4 Debian, Fedoraproject, Linux and 1 more 8 Debian Linux, Fedora, Linux Kernel and 5 more 2024-02-28 N/A 7.8 HIGH
Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
CVE-2023-1380 3 Linux, Netapp, Redhat 12 Linux Kernel, H300s, H300s Firmware and 9 more 2024-02-28 N/A 7.1 HIGH
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len data is bigger than the size of the buffer, defined as WL_EXTRA_BUF_MAX, leading to a denial of service.
CVE-2023-2911 4 Debian, Fedoraproject, Isc and 1 more 14 Debian Linux, Fedora, Bind and 11 more 2024-02-28 N/A 7.5 HIGH
If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could cause `named` to loop and terminate unexpectedly due to a stack overflow. This issue affects BIND 9 versions 9.16.33 through 9.16.41, 9.18.7 through 9.18.15, 9.16.33-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
CVE-2023-2829 2 Isc, Netapp 12 Bind, Active Iq Unified Manager, H300s and 9 more 2024-02-28 N/A 7.5 HIGH
A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely terminated using a zone with a malformed NSEC record. This issue affects BIND 9 versions 9.16.8-S1 through 9.16.41-S1 and 9.18.11-S1 through 9.18.15-S1.
CVE-2023-2007 3 Debian, Linux, Netapp 13 Debian Linux, Linux Kernel, H300s and 10 more 2024-02-28 N/A 7.8 HIGH
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction with other vulnerabilities to escalate privileges and execute arbitrary code in the context of the kernel.
CVE-2023-2828 4 Debian, Fedoraproject, Isc and 1 more 14 Debian Linux, Fedora, Bind and 11 more 2024-02-28 N/A 7.5 HIGH
Every `named` instance configured to run as a recursive resolver maintains a cache database holding the responses to the queries it has recently sent to authoritative servers. The size limit for that cache database can be configured using the `max-cache-size` statement in the configuration file; it defaults to 90% of the total amount of memory available on the host. When the size of the cache reaches 7/8 of the configured limit, a cache-cleaning algorithm starts to remove expired and/or least-recently used RRsets from the cache, to keep memory use below the configured limit. It has been discovered that the effectiveness of the cache-cleaning algorithm used in `named` can be severely diminished by querying the resolver for specific RRsets in a certain order, effectively allowing the configured `max-cache-size` limit to be significantly exceeded. This issue affects BIND 9 versions 9.11.0 through 9.16.41, 9.18.0 through 9.18.15, 9.19.0 through 9.19.13, 9.11.3-S1 through 9.16.41-S1, and 9.18.11-S1 through 9.18.15-S1.
CVE-2023-35829 2 Linux, Netapp 5 Linux Kernel, H300s, H410s and 2 more 2024-02-28 N/A 7.0 HIGH
An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c.
CVE-2023-1295 2 Linux, Netapp 6 Linux Kernel, H300s, H410c and 3 more 2024-02-28 N/A 7.0 HIGH
A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93.
CVE-2023-0045 3 Debian, Linux, Netapp 13 Debian Linux, Linux Kernel, Active Iq Unified Manager and 10 more 2024-02-28 N/A 7.5 HIGH
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set  function updates the Thread Information Flags (TIFs) for the task and updates the SPEC_CTRL MSR on the function __speculation_ctrl_update, but the IBPB is only issued on the next schedule, when the TIF bits are checked. This leaves the victim vulnerable to values already injected on the BTB, prior to the prctl syscall.  The patch that added the support for the conditional mitigation via prctl (ib_prctl_set) dates back to the kernel 4.9.176. We recommend upgrading past commit a664ec9158eeddd75121d39c9a0758016097fa96
CVE-2023-28321 5 Apple, Debian, Fedoraproject and 2 more 14 Macos, Debian Linux, Fedora and 11 more 2024-02-28 N/A 5.9 MEDIUM
An improper certificate validation vulnerability exists in curl <v8.1.0 in the way it supports matching of wildcard patterns when listed as "Subject Alternative Name" in TLS server certificates. curl can be built to use its own name matching function for TLS rather than one provided by a TLS library. This private wildcard matching function would match IDN (International Domain Name) hosts incorrectly and could as a result accept patterns that otherwise should mismatch. IDN hostnames are converted to puny code before used for certificate checks. Puny coded names always start with `xn--` and should not be allowed to pattern match, but the wildcard check in curl could still check for `x*`, which would match even though the IDN name most likely contained nothing even resembling an `x`.