Vulnerabilities (CVE)

Filtered by vendor Netapp Subscribe
Filtered by product Aff Baseboard Management Controller
Total 17 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2019-2215 5 Canonical, Debian, Google and 2 more 145 Ubuntu Linux, Debian Linux, Android and 142 more 2024-07-25 4.6 MEDIUM 7.8 HIGH
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
CVE-2021-20322 5 Debian, Fedoraproject, Linux and 2 more 32 Debian Linux, Fedora, Linux Kernel and 29 more 2024-02-28 5.8 MEDIUM 7.4 HIGH
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw allows an off-path remote user to effectively bypass the source port UDP randomization. The highest threat from this vulnerability is to confidentiality and possibly integrity, because software that relies on UDP source port randomization are indirectly affected as well.
CVE-2021-26708 2 Linux, Netapp 12 Linux Kernel, 500f, A250 and 9 more 2024-02-28 6.9 MEDIUM 7.0 HIGH
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.
CVE-2020-12659 2 Linux, Netapp 8 Linux Kernel, Active Iq Unified Manager, Aff Baseboard Management Controller and 5 more 2024-02-28 7.2 HIGH 6.7 MEDIUM
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
CVE-2020-12465 2 Linux, Netapp 9 Linux Kernel, Active Iq Unified Manager, Aff Baseboard Management Controller and 6 more 2024-02-28 7.2 HIGH 6.7 MEDIUM
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.
CVE-2019-19060 5 Broadcom, Canonical, Linux and 2 more 18 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 15 more 2024-02-28 7.8 HIGH 7.5 HIGH
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
CVE-2019-19966 4 Debian, Linux, Netapp and 1 more 13 Debian Linux, Linux Kernel, Active Iq Unified Manager and 10 more 2024-02-28 2.1 LOW 4.6 MEDIUM
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
CVE-2019-19922 5 Canonical, Debian, Linux and 2 more 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more 2024-02-28 2.1 LOW 5.5 MEDIUM
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
CVE-2019-19063 7 Broadcom, Canonical, Fedoraproject and 4 more 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 17 more 2024-02-28 4.9 MEDIUM 4.6 MEDIUM
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
CVE-2019-19061 4 Broadcom, Canonical, Linux and 1 more 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more 2024-02-28 7.8 HIGH 7.5 HIGH
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
CVE-2019-19052 7 Broadcom, Canonical, Debian and 4 more 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 17 more 2024-02-28 7.8 HIGH 7.5 HIGH
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
CVE-2019-19947 4 Canonical, Debian, Linux and 1 more 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more 2024-02-28 2.1 LOW 4.6 MEDIUM
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
CVE-2019-19044 4 Broadcom, Canonical, Linux and 1 more 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more 2024-02-28 7.8 HIGH 7.5 HIGH
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
CVE-2019-19057 7 Broadcom, Canonical, Debian and 4 more 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 17 more 2024-02-28 2.1 LOW 3.3 LOW
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e.
CVE-2019-19053 4 Broadcom, Canonical, Linux and 1 more 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more 2024-02-28 7.8 HIGH 7.5 HIGH
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.
CVE-2019-19054 6 Broadcom, Canonical, Fedoraproject and 3 more 19 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 16 more 2024-02-28 4.7 MEDIUM 4.7 MEDIUM
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
CVE-2018-15473 7 Canonical, Debian, Netapp and 4 more 24 Ubuntu Linux, Debian Linux, Aff Baseboard Management Controller and 21 more 2024-02-28 5.0 MEDIUM 5.3 MEDIUM
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-pubkey.c.