Netapp

Solidfire & Hci Management Node

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2020-15436

Exploit
  • EPSS 0.15%
  • Veröffentlicht 23.11.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:33

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.

7.5

CVE-2020-25645

Exploit
  • EPSS 0.36%
  • Veröffentlicht 13.10.2020 20:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:19

A flaw was found in the Linux kernel in versions before 5.9-rc7. Traffic between two Geneve endpoints may be unencrypted when IPsec is configured to encrypt traffic for the specific UDP port used by the GENEVE tunnel allowing anyone between the two e...

7.8

CVE-2020-25221

  • EPSS 0.19%
  • Veröffentlicht 10.09.2020 14:15:17
  • Zuletzt bearbeitet 21.11.2024 05:17:41

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount...

7.2

CVE-2020-12659

Exploit
  • EPSS 0.08%
  • Veröffentlicht 05.05.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:00

An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.

7.2

CVE-2020-12465

  • EPSS 0.17%
  • Veröffentlicht 29.04.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:45

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

5.5

CVE-2020-8832

  • EPSS 0.31%
  • Veröffentlicht 10.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:31

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of th...

5.5

CVE-2019-20054

  • EPSS 0.13%
  • Veröffentlicht 28.12.2019 05:15:11
  • Zuletzt bearbeitet 21.11.2024 04:37:58

In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.

4.6

CVE-2019-19966

Exploit
  • EPSS 0.14%
  • Veröffentlicht 25.12.2019 04:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:45

In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.

4.6

CVE-2019-19947

  • EPSS 0.11%
  • Veröffentlicht 24.12.2019 00:15:10
  • Zuletzt bearbeitet 21.11.2024 04:35:43

In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.

5.5

CVE-2019-19922

Exploit
  • EPSS 0.06%
  • Veröffentlicht 22.12.2019 20:15:10
  • Zuletzt bearbeitet 21.11.2024 04:35:40

kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expira...