Filtered by vendor Netapp Subscriptions
Filtered by product H300s Firmware Subscriptions
Total 265 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-16995 3 Linux, Netapp, Opensuse 27 Linux Kernel, Aff A700s, Aff A700s Firmware and 24 more 2024-08-05 7.5 High
In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.
CVE-2019-15538 7 Canonical, Debian, Fedoraproject and 4 more 29 Ubuntu Linux, Debian Linux, Fedora and 26 more 2024-08-05 7.5 High
An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.
CVE-2019-14835 8 Canonical, Debian, Fedoraproject and 5 more 49 Ubuntu Linux, Debian Linux, Fedora and 46 more 2024-08-05 7.8 High
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
CVE-2019-14821 8 Canonical, Debian, Fedoraproject and 5 more 41 Ubuntu Linux, Debian Linux, Fedora and 38 more 2024-08-05 8.8 High
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
CVE-2019-14816 7 Canonical, Debian, Fedoraproject and 4 more 60 Ubuntu Linux, Debian Linux, Fedora and 57 more 2024-08-05 7.8 High
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2019-14814 6 Canonical, Debian, Linux and 3 more 50 Ubuntu Linux, Debian Linux, Linux Kernel and 47 more 2024-08-05 7.8 High
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2019-2215 5 Canonical, Debian, Google and 2 more 145 Ubuntu Linux, Debian Linux, Android and 142 more 2024-08-04 7.8 High
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
CVE-2020-36516 3 Linux, Netapp, Redhat 32 Linux Kernel, Bootstrap Os, Cloud Volumes Ontap Mediator and 29 more 2024-08-04 5.9 Medium
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2020-36387 2 Linux, Netapp 17 Linux Kernel, H300e, H300e Firmware and 14 more 2024-08-04 7.8 High
An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.
CVE-2020-36385 4 Linux, Netapp, Redhat and 1 more 26 Linux Kernel, H300e, H300e Firmware and 23 more 2024-08-04 7.8 High
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-35519 2 Linux, Netapp 20 Linux Kernel, Cloud Backup, H300e and 17 more 2024-08-04 7.8 High
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-35508 3 Linux, Netapp, Redhat 34 Linux Kernel, A700s, A700s Firmware and 31 more 2024-08-04 4.5 Medium
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.
CVE-2020-28097 2 Linux, Netapp 18 Linux Kernel, Cloud Backup, H300e and 15 more 2024-08-04 5.9 Medium
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.
CVE-2020-27815 3 Debian, Linux, Netapp 22 Debian Linux, Linux Kernel, Aff A250 and 19 more 2024-08-04 7.8 High
A flaw was found in the JFS filesystem code in the Linux Kernel which allows a local attacker with the ability to set extended attributes to panic the system, causing memory corruption or escalating privileges. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-27618 5 Debian, Gnu, Netapp and 2 more 25 Debian Linux, Glibc, 500f and 22 more 2024-08-04 5.5 Medium
The iconv function in the GNU C Library (aka glibc or libc6) 2.32 and earlier, when processing invalid multi-byte input sequences in IBM1364, IBM1371, IBM1388, IBM1390, and IBM1399 encodings, fails to advance the input state, which could lead to an infinite loop in applications, resulting in a denial of service, a different vulnerability from CVE-2016-10228.
CVE-2020-25669 3 Debian, Linux, Netapp 21 Debian Linux, Linux Kernel, Cloud Backup and 18 more 2024-08-04 7.8 High
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
CVE-2020-25668 3 Debian, Linux, Netapp 26 Debian Linux, Linux Kernel, 500f and 23 more 2024-08-04 7.0 High
A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.
CVE-2020-25673 3 Fedoraproject, Linux, Netapp 22 Fedora, Linux Kernel, Active Iq Unified Manager and 19 more 2024-08-04 5.5 Medium
A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.
CVE-2020-25671 4 Debian, Fedoraproject, Linux and 1 more 23 Debian Linux, Fedora, Linux Kernel and 20 more 2024-08-04 7.8 High
A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.
CVE-2020-25672 4 Debian, Fedoraproject, Linux and 1 more 23 Debian Linux, Fedora, Linux Kernel and 20 more 2024-08-04 7.5 High
A memory leak vulnerability was found in Linux kernel in llcp_sock_connect