Filtered by vendor Netapp
Subscriptions
Filtered by product Hci Compute Node
Subscriptions
Total
109 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2019-1559 | 13 Canonical, Debian, F5 and 10 more | 91 Ubuntu Linux, Debian Linux, Big-ip Access Policy Manager and 88 more | 2024-09-17 | 5.9 Medium |
| If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q). | ||||
| CVE-2017-5715 | 8 Arm, Canonical, Debian and 5 more | 230 Cortex-a, Ubuntu Linux, Debian Linux and 227 more | 2024-09-17 | 5.6 Medium |
| Systems with microprocessors utilizing speculative execution and indirect branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis. | ||||
| CVE-2020-1971 | 9 Debian, Fedoraproject, Netapp and 6 more | 55 Debian Linux, Fedora, Active Iq Unified Manager and 52 more | 2024-09-17 | 5.9 Medium |
| The X.509 GeneralName type is a generic type for representing different types of names. One of those name types is known as EDIPartyName. OpenSSL provides a function GENERAL_NAME_cmp which compares different instances of a GENERAL_NAME to see if they are equal or not. This function behaves incorrectly when both GENERAL_NAMEs contain an EDIPARTYNAME. A NULL pointer dereference and a crash may occur leading to a possible denial of service attack. OpenSSL itself uses the GENERAL_NAME_cmp function for two purposes: 1) Comparing CRL distribution point names between an available CRL and a CRL distribution point embedded in an X509 certificate 2) When verifying that a timestamp response token signer matches the timestamp authority name (exposed via the API functions TS_RESP_verify_response and TS_RESP_verify_token) If an attacker can control both items being compared then that attacker could trigger a crash. For example if the attacker can trick a client or server into checking a malicious certificate against a malicious CRL then this may occur. Note that some applications automatically download CRLs based on a URL embedded in a certificate. This checking happens prior to the signatures on the certificate and CRL being verified. OpenSSL's s_server, s_client and verify tools have support for the "-crl_download" option which implements automatic CRL downloading and this attack has been demonstrated to work against those tools. Note that an unrelated bug means that affected versions of OpenSSL cannot parse or construct correct encodings of EDIPARTYNAME. However it is possible to construct a malformed EDIPARTYNAME that OpenSSL's parser will accept and hence trigger this attack. All OpenSSL 1.1.1 and 1.0.2 versions are affected by this issue. Other OpenSSL releases are out of support and have not been checked. Fixed in OpenSSL 1.1.1i (Affected 1.1.1-1.1.1h). Fixed in OpenSSL 1.0.2x (Affected 1.0.2-1.0.2w). | ||||
| CVE-2022-2068 | 7 Broadcom, Debian, Fedoraproject and 4 more | 49 Sannav, Debian Linux, Fedora and 46 more | 2024-09-16 | 9.8 Critical |
| In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems in a manner where it is automatically executed. On such operating systems, an attacker could execute arbitrary commands with the privileges of the script. Use of the c_rehash script is considered obsolete and should be replaced by the OpenSSL rehash command line tool. Fixed in OpenSSL 3.0.4 (Affected 3.0.0,3.0.1,3.0.2,3.0.3). Fixed in OpenSSL 1.1.1p (Affected 1.1.1-1.1.1o). Fixed in OpenSSL 1.0.2zf (Affected 1.0.2-1.0.2ze). | ||||
| CVE-2021-38160 | 4 Debian, Linux, Netapp and 1 more | 9 Debian Linux, Linux Kernel, Element Software and 6 more | 2024-08-27 | 7.8 High |
| In drivers/char/virtio_console.c in the Linux kernel before 5.13.4, data corruption or loss can be triggered by an untrusted device that supplies a buf->len value exceeding the buffer size. NOTE: the vendor indicates that the cited data corruption is not a vulnerability in any existing use case; the length validation was added solely for robustness in the face of anomalous host OS behavior | ||||
| CVE-2022-27780 | 3 Haxx, Netapp, Splunk | 15 Curl, Clustered Data Ontap, H300s and 12 more | 2024-08-07 | 7.5 High |
| The curl URL parser wrongly accepts percent-encoded URL separators like '/'when decoding the host name part of a URL, making it a *different* URL usingthe wrong host name when it is later retrieved.For example, a URL like `http://example.com%2F127.0.0.1/`, would be allowed bythe parser and get transposed into `http://example.com/127.0.0.1/`. This flawcan be used to circumvent filters, checks and more. | ||||
| CVE-2018-25032 | 11 Apple, Azul, Debian and 8 more | 45 Mac Os X, Macos, Zulu and 42 more | 2024-08-05 | 7.5 High |
| zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches. | ||||
| CVE-2018-20836 | 7 Canonical, Debian, F5 and 4 more | 16 Ubuntu Linux, Debian Linux, Traffix Signaling Delivery Controller and 13 more | 2024-08-05 | 8.1 High |
| An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free. | ||||
| CVE-2019-19462 | 5 Canonical, Debian, Linux and 2 more | 9 Ubuntu Linux, Debian Linux, Linux Kernel and 6 more | 2024-08-05 | 5.5 Medium |
| relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. | ||||
| CVE-2019-19060 | 5 Broadcom, Canonical, Linux and 2 more | 18 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 15 more | 2024-08-05 | 7.5 High |
| A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41. | ||||
| CVE-2019-19057 | 8 Broadcom, Canonical, Debian and 5 more | 21 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 18 more | 2024-08-05 | 3.3 Low |
| Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering mwifiex_map_pci_memory() failures, aka CID-d10dcb615c8e. | ||||
| CVE-2019-19063 | 8 Broadcom, Canonical, Fedoraproject and 5 more | 22 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 19 more | 2024-08-05 | 4.6 Medium |
| Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113. | ||||
| CVE-2019-19054 | 6 Broadcom, Canonical, Fedoraproject and 3 more | 19 Brocade Fabric Operating System Firmware, Ubuntu Linux, Fedora and 16 more | 2024-08-05 | 4.7 Medium |
| A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b. | ||||
| CVE-2019-19053 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2024-08-05 | 7.5 High |
| A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2. | ||||
| CVE-2019-19052 | 7 Broadcom, Canonical, Debian and 4 more | 20 Brocade Fabric Operating System Firmware, Ubuntu Linux, Debian Linux and 17 more | 2024-08-05 | 7.5 High |
| A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486. | ||||
| CVE-2019-19044 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2024-08-05 | 7.5 High |
| Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762. | ||||
| CVE-2019-19061 | 4 Broadcom, Canonical, Linux and 1 more | 17 Brocade Fabric Operating System Firmware, Ubuntu Linux, Linux Kernel and 14 more | 2024-08-05 | 7.5 High |
| A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3. | ||||
| CVE-2019-19069 | 4 Broadcom, Canonical, Linux and 1 more | 21 Fabric Operating System, Ubuntu Linux, Linux Kernel and 18 more | 2024-08-05 | 7.5 High |
| A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. | ||||
| CVE-2019-19050 | 5 Broadcom, Canonical, Fedoraproject and 2 more | 22 Fabric Operating System, Ubuntu Linux, Fedora and 19 more | 2024-08-05 | 7.5 High |
| A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. | ||||
| CVE-2019-18805 | 5 Broadcom, Linux, Netapp and 2 more | 22 Fabric Operating System, Linux Kernel, Active Iq Unified Manager and 19 more | 2024-08-05 | 9.8 Critical |
| An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6. | ||||