Netapp

Solidfire Baseboard Management Controller Firmware

70 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-29661

  • EPSS 0.22%
  • Veröffentlicht 09.12.2020 17:15:31
  • Zuletzt bearbeitet 21.11.2024 05:24:23

A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.

4.4

CVE-2020-29660

Exploit
  • EPSS 0.07%
  • Veröffentlicht 09.12.2020 17:15:31
  • Zuletzt bearbeitet 21.11.2024 05:24:22

A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.

7.5

CVE-2020-25692

  • EPSS 0.65%
  • Veröffentlicht 08.12.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:18:29

A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial ...

8.3

CVE-2020-14305

Exploit
  • EPSS 0.93%
  • Veröffentlicht 02.12.2020 01:15:12
  • Zuletzt bearbeitet 21.11.2024 05:02:58

An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial ...

7

CVE-2020-29370

Exploit
  • EPSS 0.59%
  • Veröffentlicht 28.11.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:23:55

An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.

7.2

CVE-2020-15436

Exploit
  • EPSS 0.12%
  • Veröffentlicht 23.11.2020 21:15:11
  • Zuletzt bearbeitet 21.11.2024 05:05:33

Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.

7.8

CVE-2020-14356

Exploit
  • EPSS 0.93%
  • Veröffentlicht 19.08.2020 15:15:12
  • Zuletzt bearbeitet 21.11.2024 05:03:05

A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system.

6.5

CVE-2020-13143

  • EPSS 2.98%
  • Veröffentlicht 18.05.2020 18:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:44

gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753...

5.3

CVE-2020-12888

  • EPSS 0.1%
  • Veröffentlicht 15.05.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 05:00:29

The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.

5.5

CVE-2020-8832

  • EPSS 0.59%
  • Veröffentlicht 10.04.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 05:39:31

The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of th...