Netapp

Solidfire Baseboard Management Controller

26 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.8

CVE-2020-27786

  • EPSS 12.25%
  • Veröffentlicht 11.12.2020 05:15:12
  • Zuletzt bearbeitet 21.11.2024 05:21:49

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and be...

7.5

CVE-2020-29573

  • EPSS 0.1%
  • Veröffentlicht 06.12.2020 00:15:11
  • Zuletzt bearbeitet 21.11.2024 05:24:14

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen wh...

7.8

CVE-2020-25221

  • EPSS 0.19%
  • Veröffentlicht 10.09.2020 14:15:17
  • Zuletzt bearbeitet 21.11.2024 05:17:41

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount...

7.8

CVE-2020-15852

  • EPSS 0.16%
  • Veröffentlicht 20.07.2020 19:15:11
  • Zuletzt bearbeitet 21.11.2024 05:06:18

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes ...

7.2

CVE-2020-12659

Exploit
  • EPSS 0.14%
  • Veröffentlicht 05.05.2020 07:15:11
  • Zuletzt bearbeitet 21.11.2024 05:00:00

An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.

7.2

CVE-2020-12465

  • EPSS 0.17%
  • Veröffentlicht 29.04.2020 19:15:12
  • Zuletzt bearbeitet 21.11.2024 04:59:45

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

7.2

CVE-2020-12464

Exploit
  • EPSS 0.08%
  • Veröffentlicht 29.04.2020 18:15:13
  • Zuletzt bearbeitet 21.11.2024 04:59:45

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

7

CVE-2020-11884

  • EPSS 0.04%
  • Veröffentlicht 29.04.2020 13:15:11
  • Zuletzt bearbeitet 21.11.2024 04:58:49

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade...

5.5

CVE-2019-20054

  • EPSS 0.13%
  • Veröffentlicht 28.12.2019 05:15:11
  • Zuletzt bearbeitet 21.11.2024 04:37:58

In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.

4.6

CVE-2019-19966

Exploit
  • EPSS 0.14%
  • Veröffentlicht 25.12.2019 04:15:12
  • Zuletzt bearbeitet 21.11.2024 04:35:45

In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.