Netapp

Hci Management Node

182 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2019-19448

Exploit
  • EPSS 0.2%
  • Veröffentlicht 08.12.2019 02:15:09
  • Zuletzt bearbeitet 21.11.2024 04:34:45

In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer...

5.5

CVE-2019-19462

  • EPSS 0.1%
  • Veröffentlicht 30.11.2019 01:15:10
  • Zuletzt bearbeitet 21.11.2024 04:34:47

relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result.

7.8

CVE-2019-18276

Exploit
  • EPSS 40.02%
  • Veröffentlicht 28.11.2019 01:15:10
  • Zuletzt bearbeitet 09.06.2025 16:15:29

An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. By default, if Bash is run with its effective UID not equal to its real UID, it will drop privileges by setting its effective UID to its real UID. However, it d...

4.4

CVE-2019-19318

Exploit
  • EPSS 0.35%
  • Veröffentlicht 28.11.2019 00:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:34

In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,

7.8

CVE-2019-19069

  • EPSS 1.11%
  • Veröffentlicht 18.11.2019 06:15:12
  • Zuletzt bearbeitet 21.11.2024 04:34:07

A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.

7.8

CVE-2019-19050

  • EPSS 1.08%
  • Veröffentlicht 18.11.2019 06:15:11
  • Zuletzt bearbeitet 21.11.2024 04:34:04

A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.

9.8

CVE-2019-18805

  • EPSS 0.57%
  • Veröffentlicht 07.11.2019 14:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:36

An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen...

7

CVE-2019-18683

Exploit
  • EPSS 1.06%
  • Veröffentlicht 04.11.2019 16:15:11
  • Zuletzt bearbeitet 21.11.2024 04:33:31

An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 access, but only if the driver happens to be loaded. ...

8.1

CVE-2019-17498

Exploit
  • EPSS 1.25%
  • Veröffentlicht 21.10.2019 22:15:10
  • Zuletzt bearbeitet 21.11.2024 04:32:22

In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. A crafted SSH server may be ...

7.8

CVE-2019-2215

Warnung Exploit
  • EPSS 49.83%
  • Veröffentlicht 11.10.2019 19:15:10
  • Zuletzt bearbeitet 04.04.2025 15:40:44

A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local appli...