Filtered by vendor Netapp
Subscribe
Filtered by product Solidfire Baseboard Management Controller
Subscribe
Total
86 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2019-19044 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2023-01-20 | 7.8 HIGH | 7.5 HIGH |
| Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762. | |||||
| CVE-2019-19061 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2023-01-19 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3. | |||||
| CVE-2019-19060 | 5 Broadcom, Canonical, Linux and 2 more | 18 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 15 more | 2023-01-19 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. | |||||
| CVE-2019-19053 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2023-01-19 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2. | |||||
| CVE-2019-19052 | 7 Broadcom, Canonical, Debian and 4 more | 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 17 more | 2023-01-19 | 7.8 HIGH | 7.5 HIGH |
| A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. | |||||
| CVE-2019-19966 | 4 Debian, Linux, Netapp and 1 more | 13 Debian Linux, Linux Kernel, Active Iq Unified Manager and 10 more | 2022-12-20 | 2.1 LOW | 4.6 MEDIUM |
| In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655. | |||||
| CVE-2019-19922 | 5 Canonical, Debian, Linux and 2 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2022-12-14 | 2.1 LOW | 5.5 MEDIUM |
| kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.) | |||||
| CVE-2020-15852 | 3 Linux, Netapp, Xen | 5 Linux Kernel, Cloud Backup, Solidfire Baseboard Management Controller and 2 more | 2022-12-03 | 4.6 MEDIUM | 7.8 HIGH |
| An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154. | |||||
| CVE-2019-11089 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2022-11-10 | 2.1 LOW | 5.5 MEDIUM |
| Insufficient input validation in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6519 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-11111 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2022-11-10 | 4.6 MEDIUM | 7.8 HIGH |
| Pointer corruption in the Unified Shader Compiler in Intel(R) Graphics Drivers before 10.18.14.5074 (aka 15.36.x.5074) may allow an authenticated user to potentially enable escalation of privilege via local access. | |||||
| CVE-2019-11113 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2022-11-10 | 2.1 LOW | 4.4 MEDIUM |
| Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access. | |||||
| CVE-2019-14574 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2022-11-10 | 2.1 LOW | 5.5 MEDIUM |
| Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-14590 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2022-11-10 | 2.1 LOW | 5.5 MEDIUM |
| Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access. | |||||
| CVE-2019-14591 | 2 Intel, Netapp | 6 Graphics Driver, Cloud Backup, Data Availability Services and 3 more | 2022-11-10 | 2.1 LOW | 5.5 MEDIUM |
| Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access. | |||||
| CVE-2019-19947 | 4 Canonical, Debian, Linux and 1 more | 13 Ubuntu Linux, Debian Linux, Linux Kernel and 10 more | 2022-11-09 | 2.1 LOW | 4.6 MEDIUM |
| In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c. | |||||
| CVE-2020-27350 | 3 Canonical, Debian, Netapp | 5 Ubuntu Linux, Advanced Package Tool, Debian Linux and 2 more | 2022-10-29 | 4.6 MEDIUM | 5.7 MEDIUM |
| APT had several integer overflows and underflows while parsing .deb packages, aka GHSL-2020-168 GHSL-2020-169, in files apt-pkg/contrib/extracttar.cc, apt-pkg/deb/debfile.cc, and apt-pkg/contrib/arfile.cc. This issue affects: apt 1.2.32ubuntu0 versions prior to 1.2.32ubuntu0.2; 1.6.12ubuntu0 versions prior to 1.6.12ubuntu0.2; 2.0.2ubuntu0 versions prior to 2.0.2ubuntu0.2; 2.1.10ubuntu0 versions prior to 2.1.10ubuntu0.1; | |||||
| CVE-2020-13143 | 5 Canonical, Debian, Linux and 2 more | 38 Ubuntu Linux, Debian Linux, Linux Kernel and 35 more | 2022-10-29 | 4.3 MEDIUM | 6.5 MEDIUM |
| gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. | |||||
| CVE-2020-9383 | 5 Canonical, Debian, Linux and 2 more | 14 Ubuntu Linux, Debian Linux, Linux Kernel and 11 more | 2022-10-29 | 3.6 LOW | 7.1 HIGH |
| An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. | |||||
| CVE-2020-29370 | 2 Linux, Netapp | 10 Linux Kernel, Cloud Backup, H410c and 7 more | 2022-10-19 | 4.4 MEDIUM | 7.0 HIGH |
| An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. | |||||
| CVE-2020-25692 | 3 Netapp, Openldap, Redhat | 5 Cloud Backup, Solidfire Baseboard Management Controller, Solidfire Baseboard Management Controller Firmware and 2 more | 2022-10-12 | 5.0 MEDIUM | 7.5 HIGH |
| A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. | |||||