Filtered by vendor Netapp Subscriptions
Filtered by product H410c Subscriptions
Total 231 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2019-15222 3 Linux, Netapp, Opensuse 8 Linux Kernel, Active Iq Unified Manager, Data Availability Services and 5 more 2024-08-05 4.6 Medium
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
CVE-2019-15220 5 Canonical, Debian, Linux and 2 more 10 Ubuntu Linux, Debian Linux, Linux Kernel and 7 more 2024-08-05 4.6 Medium
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
CVE-2019-15118 5 Canonical, Debian, Linux and 2 more 12 Ubuntu Linux, Debian Linux, Linux Kernel and 9 more 2024-08-05 5.5 Medium
check_input_term in sound/usb/mixer.c in the Linux kernel through 5.2.9 mishandles recursion, leading to kernel stack exhaustion.
CVE-2019-14835 8 Canonical, Debian, Fedoraproject and 5 more 49 Ubuntu Linux, Debian Linux, Fedora and 46 more 2024-08-05 7.8 High
A buffer overflow flaw was found, in versions from 2.6.34 to 5.2.x, in the way Linux kernel's vhost functionality that translates virtqueue buffers to IOVs, logged the buffer descriptors during migration. A privileged guest user able to pass descriptors with invalid length to the host when migration is underway, could use this flaw to increase their privileges on the host.
CVE-2019-14821 8 Canonical, Debian, Fedoraproject and 5 more 41 Ubuntu Linux, Debian Linux, Fedora and 38 more 2024-08-05 8.8 High
An out-of-bounds access issue was found in the Linux kernel, all versions through 5.3, in the way Linux kernel's KVM hypervisor implements the Coalesced MMIO write operation. It operates on an MMIO ring buffer 'struct kvm_coalesced_mmio' object, wherein write indices 'ring->first' and 'ring->last' value could be supplied by a host user-space process. An unprivileged host user or process with access to '/dev/kvm' device could use this flaw to crash the host kernel, resulting in a denial of service or potentially escalating privileges on the system.
CVE-2019-14814 6 Canonical, Debian, Linux and 3 more 50 Ubuntu Linux, Debian Linux, Linux Kernel and 47 more 2024-08-05 7.8 High
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
CVE-2019-13272 6 Canonical, Debian, Fedoraproject and 3 more 25 Ubuntu Linux, Debian Linux, Fedora and 22 more 2024-08-04 7.8 High
In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor is incorrect marking of a ptrace relationship as privileged, which is exploitable through (for example) Polkit's pkexec helper with PTRACE_TRACEME. NOTE: SELinux deny_ptrace might be a usable workaround in some environments.
CVE-2019-2215 5 Canonical, Debian, Google and 2 more 145 Ubuntu Linux, Debian Linux, Android and 142 more 2024-08-04 7.8 High
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
CVE-2020-36516 3 Linux, Netapp, Redhat 32 Linux Kernel, Bootstrap Os, Cloud Volumes Ontap Mediator and 29 more 2024-08-04 5.9 Medium
An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an off-path attacker to inject data into a victim's TCP session or terminate that session.
CVE-2020-36387 2 Linux, Netapp 17 Linux Kernel, H300e, H300e Firmware and 14 more 2024-08-04 7.8 High
An issue was discovered in the Linux kernel before 5.8.2. fs/io_uring.c has a use-after-free related to io_async_task_func and ctx reference holding, aka CID-6d816e088c35.
CVE-2020-36385 4 Linux, Netapp, Redhat and 1 more 26 Linux Kernel, H300e, H300e Firmware and 23 more 2024-08-04 7.8 High
An issue was discovered in the Linux kernel before 5.10. drivers/infiniband/core/ucma.c has a use-after-free because the ctx is reached via the ctx_list in some ucma_migrate_id situations where ucma_close is called, aka CID-f5449e74802c.
CVE-2020-35519 2 Linux, Netapp 20 Linux Kernel, Cloud Backup, H300e and 17 more 2024-08-04 7.8 High
An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
CVE-2020-35508 3 Linux, Netapp, Redhat 34 Linux Kernel, A700s, A700s Firmware and 31 more 2024-08-04 4.5 Medium
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local attacker is able to abuse this flaw to bypass checks to send any signal to a privileged process.
CVE-2020-29660 6 Broadcom, Debian, Fedoraproject and 3 more 18 Fabric Operating System, Debian Linux, Fedora and 15 more 2024-08-04 4.4 Medium
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24.
CVE-2020-29661 7 Broadcom, Debian, Fedoraproject and 4 more 25 Fabric Operating System, Debian Linux, Fedora and 22 more 2024-08-04 7.8 High
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
CVE-2020-29374 3 Debian, Linux, Netapp 11 Debian Linux, Linux Kernel, 500f and 8 more 2024-08-04 3.6 Low
An issue was discovered in the Linux kernel before 5.7.3, related to mm/gup.c and mm/huge_memory.c. The get_user_pages (aka gup) implementation, when used for a copy-on-write page, does not properly consider the semantics of read operations and therefore can grant unintended write access, aka CID-17839856fd58.
CVE-2020-29370 2 Linux, Netapp 10 Linux Kernel, Cloud Backup, H410c and 7 more 2024-08-04 7.0 High
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
CVE-2020-29368 3 Linux, Netapp, Redhat 11 Linux Kernel, Cloud Backup, Element Software and 8 more 2024-08-04 7.0 High
An issue was discovered in __split_huge_pmd in mm/huge_memory.c in the Linux kernel before 5.7.5. The copy-on-write implementation can grant unintended write access because of a race condition in a THP mapcount check, aka CID-c444eb564fb1.
CVE-2020-28097 2 Linux, Netapp 18 Linux Kernel, Cloud Backup, H300e and 15 more 2024-08-04 5.9 Medium
The vgacon subsystem in the Linux kernel before 5.8.10 mishandles software scrollback. There is a vgacon_scrolldelta out-of-bounds read, aka CID-973c096f6a85.
CVE-2020-27825 4 Debian, Linux, Netapp and 1 more 9 Debian Linux, Linux Kernel, Cloud Backup and 6 more 2024-08-04 5.7 Medium
A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat.