Netapp

Solidfire & Hci Management Node

77 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
6.1

CVE-2020-35494

Exploit
  • EPSS 0.11%
  • Veröffentlicht 04.01.2021 15:15:13
  • Zuletzt bearbeitet 21.11.2024 05:27:25

There's a flaw in binutils /opcodes/tic4x-dis.c. An attacker who is able to submit a crafted input file to be processed by binutils could cause usage of uninitialized memory. The highest threat is to application availability with a lower threat to da...

5.5

CVE-2020-35493

Exploit
  • EPSS 0.21%
  • Veröffentlicht 04.01.2021 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:27:24

A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impact to application availability. This flaw affects ...

8.8

CVE-2020-29569

  • EPSS 0.19%
  • Veröffentlicht 15.12.2020 17:15:14
  • Zuletzt bearbeitet 21.11.2024 05:24:13

An issue was discovered in the Linux kernel through 5.10.1, as used with Xen through 4.14.x. The Linux kernel PV block backend expects the kernel thread handler to reset ring->xenblkd to NULL when stopped. However, the handler may not have time to ru...

5.5

CVE-2020-16593

Exploit
  • EPSS 0.32%
  • Veröffentlicht 09.12.2020 21:15:15
  • Zuletzt bearbeitet 21.11.2024 05:07:10

A Null Pointer Dereference vulnerability exists in the Binary File Descriptor (BFD) library (aka libbfd), as distributed in GNU Binutils 2.35, in scan_unit_for_symbols, as demonstrated in addr2line, that can cause a denial of service via a crafted fi...

3.6

CVE-2020-29374

Exploit
  • EPSS 0.02%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:56

An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and there...

7

CVE-2020-29370

Exploit
  • EPSS 0.36%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:55

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.

7.2

CVE-2020-15436

Exploit
  • EPSS 0.15%
  • Veröffentlicht 23.11.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:33

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.

7.5

CVE-2020-25645

Exploit
  • EPSS 0.39%
  • Veröffentlicht 13.10.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:19

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two e...

7.8

CVE-2020-25221

  • EPSS 0.19%
  • Veröffentlicht 10.09.2020 14:15:17
  • Zuletzt bearbeitet 21.11.2024 05:17:41

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount...

7.2

CVE-2020-12659

Exploit
  • EPSS 0.1%
  • Veröffentlicht 05.05.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:00

An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.