Netapp

Solidfire Baseboard Management Controller

26 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-27786

  • EPSS 12.25%
  • Published 11.12.2020 05:15:12
  • Last modified 21.11.2024 05:21:49

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and be...

7.5

CVE-2020-29573

  • EPSS 0.1%
  • Published 06.12.2020 00:15:11
  • Last modified 21.11.2024 05:24:14

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen wh...

7.8

CVE-2020-25221

  • EPSS 0.19%
  • Published 10.09.2020 14:15:17
  • Last modified 21.11.2024 05:17:41

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount...

7.8

CVE-2020-15852

  • EPSS 0.16%
  • Published 20.07.2020 19:15:11
  • Last modified 21.11.2024 05:06:18

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes ...

7.2

CVE-2020-12659

Exploit
  • EPSS 0.14%
  • Published 05.05.2020 07:15:11
  • Last modified 21.11.2024 05:00:00

An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.

7.2

CVE-2020-12465

  • EPSS 0.17%
  • Published 29.04.2020 19:15:12
  • Last modified 21.11.2024 04:59:45

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

7.2

CVE-2020-12464

Exploit
  • EPSS 0.08%
  • Published 29.04.2020 18:15:13
  • Last modified 21.11.2024 04:59:45

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

7

CVE-2020-11884

  • EPSS 0.04%
  • Published 29.04.2020 13:15:11
  • Last modified 21.11.2024 04:58:49

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade...

5.5

CVE-2019-20054

  • EPSS 0.13%
  • Published 28.12.2019 05:15:11
  • Last modified 21.11.2024 04:37:58

In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.

4.6

CVE-2019-19966

Exploit
  • EPSS 0.14%
  • Published 25.12.2019 04:15:12
  • Last modified 21.11.2024 04:35:45

In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.