Latest netapp a700s Vulnerabilities

CVE-2023-1077
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would...
Linux Linux kernel
Debian Debian Linux=10.0
Netapp A700s Firmware
Netapp A700s
Netapp 8300 Firmware
Netapp 8300
and 162 more
CVE-2022-36879
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
Linux Linux kernel<=5.18.14
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Netapp A700s Firmware
Netapp A700s
Apple iPadOS
and 216 more
CVE-2022-1434
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing...
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
Netapp Santricity Smi-s Provider
Netapp Smi-s Provider
and 77 more
CVE-2022-1473
A memory leak flaw was found in OpenSSL, resulting in TLS servers and clients being halted by out-of-memory conditions, leading to a denial of service. An attacker needs to repeat actions continuously...
rust/openssl-src>=300.0.0<300.0.6
redhat/openssl<1:3.0.1-41.el9_0
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
and 80 more
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. O...
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el8
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el7
redhat/openssl<1:1.1.1k-7.el8_6
redhat/openssl<1:3.0.1-41.el9_0
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el7
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el8
and 108 more
CVE-2022-1343
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a succe...
redhat/openssl<1:3.0.1-41.el9_0
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
Netapp Santricity Smi-s Provider
and 79 more
CVE-2021-4203
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.57.1.rt7.129.el8_4
redhat/kernel<0:4.18.0-305.57.1.el8_4
Linux Linux kernel<5.15
Linux Linux kernel=5.15
and 175 more
CVE-2020-29660
A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOC...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Google Android
ubuntu/linux<4.15.0-136.140
ubuntu/linux<5.4.0-66.74
ubuntu/linux<5.8.0-44.50
and 149 more
CVE-2020-29661
A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b.
redhat/kernel<0:2.6.32-754.39.1.el6
redhat/kernel-rt<0:3.10.0-1160.21.1.rt56.1158.el7
redhat/kernel-alt<0:4.14.0-115.35.1.el7a
redhat/kernel<0:3.10.0-1160.21.1.el7
redhat/kernel<0:3.10.0-693.87.1.el7
redhat/kernel<0:3.10.0-957.70.1.el7
and 165 more
CVE-2020-35508
A flaw possibility of race condition and incorrect initialization of the process id was found in the Linux kernel child/parent process identification handling while filtering signal handlers. A local ...
redhat/kernel-rt<0:4.18.0-305.rt7.72.el8
redhat/kernel<0:4.18.0-305.el8
redhat/kernel-rt<0:4.18.0-193.60.2.rt13.112.el8_2
redhat/kernel<0:4.18.0-193.60.2.el8_2
ubuntu/linux<4.15.0-129.132
ubuntu/linux<5.4.0-59.65
and 184 more
CVE-2020-15778
** DISPUTED ** scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument. NOTE: the vendor reportedly has...
IBM Security Guardium Insights<=2.0.2
Openbsd Openssh<8.3
Openbsd Openssh=8.3
Openbsd Openssh=8.3-p1
Netapp A700s Firmware
Netapp A700s
and 9 more
CVE-2020-15436
A use-after-free flaw was observed in blkdev_get(), in fs/block_dev.c after a call to __blkdev_get() fails, and its refcount gets freed/released. This problem may cause a denial of service problem wit...
redhat/kernel-rt<0:3.10.0-1160.15.2.rt56.1152.el7
redhat/kernel<0:3.10.0-1160.15.2.el7
redhat/kernel-alt<0:4.14.0-115.35.1.el7a
redhat/kernel<0:3.10.0-957.72.1.el7
redhat/kernel<0:3.10.0-1062.51.1.el7
Google Android
and 150 more
CVE-2020-13143
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attacke...
ubuntu/linux<4.15.0-109.110
ubuntu/linux<5.3.0-62.56
ubuntu/linux<5.4.0-40.44
ubuntu/linux<5.7~
ubuntu/linux<4.4.0-185.215
ubuntu/linux-aws<4.15.0-1077.81
and 153 more
CVE-2020-12888
Linux Kernel is vulnerable to a denial of service, caused by improper handling of attempts to access disabled memory space by the VFIO PCI driver. By sending a specially-crafted request, a local attac...
redhat/kernel-rt<0:3.10.0-1127.13.1.rt56.1110.el7
redhat/kernel<0:3.10.0-1127.13.1.el7
redhat/kernel-alt<0:4.14.0-115.26.1.el7a
redhat/kernel<0:3.10.0-327.89.1.el7
redhat/kernel<0:3.10.0-514.78.1.el7
redhat/kernel<0:3.10.0-693.71.2.el7
and 183 more
CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
ubuntu/linux<4.15.0-96.97
ubuntu/linux<5.3.0-46.38
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-184.214
ubuntu/linux-aws<4.15.0-1065.69
ubuntu/linux-aws<5.3.0-1016.17
and 126 more
CVE-2020-12771
An issue was discovered in the Linux kernel through 5.6.11. btree_gc_coalesce in drivers/md/bcache/btree.c has a deadlock if a coalescing operation fails.
ubuntu/linux<4.15.0-115.116
ubuntu/linux<5.4.0-45.49
ubuntu/linux<5.8~
ubuntu/linux<4.4.0-187.217
ubuntu/linux-aws<4.15.0-1080.84
ubuntu/linux-aws<5.4.0-1022.22
and 146 more
CVE-2020-11884
A flaw was found in the Linux kernel on s390 architecture. The issue occurs on multiprocessing systems when one s390 CPU is in Secondary Address Mode and another CPU does a kernel page table upgrade. ...
redhat/kernel<0:4.18.0-193.1.2.el8_2
redhat/kernel<0:4.18.0-80.23.2.el8_0
redhat/kernel<0:4.18.0-147.13.2.el8_1
redhat/kernel<5.7
ubuntu/linux<4.15.0-99.100
ubuntu/linux<5.3.0-51.44
and 107 more
CVE-2020-12770
An issue was discovered in the Linux kernel through 5.6.11. sg_write lacks an sg_remove_request call in a certain failure case, aka CID-83c6f2390040.
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
redhat/kernel<0:3.10.0-693.81.1.el7
redhat/kernel<0:3.10.0-957.65.1.el7
redhat/kernel<0:3.10.0-1062.40.1.el7
redhat/kernel-rt<0:4.18.0-240.rt7.54.el8
and 157 more
CVE-2020-8835
(Pwn2Own) Linux Kernel eBPF Improper Input Validation Privilege Escalation Vulnerability
Linux kernel
ubuntu/linux<5.3.0-45.37
ubuntu/linux<5.7~
ubuntu/linux-aws<5.3.0-1015.16
ubuntu/linux-aws<5.7~
ubuntu/linux-aws-5.0<5.7~
and 128 more
CVE-2020-12653
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of se...
redhat/kernel-rt<0:3.10.0-1127.18.2.rt56.1116.el7
redhat/kernel<0:3.10.0-1127.18.2.el7
redhat/kernel<0:3.10.0-327.90.2.el7
redhat/kernel<0:3.10.0-514.78.1.el7
redhat/kernel<0:3.10.0-693.72.1.el7
redhat/kernel<0:3.10.0-957.58.2.el7
and 43 more
CVE-2019-20095
A flaw was found in the Linux kernel's mwifiex driver implementation when connecting to other WiFi devices in "Test Mode." A kernel memory leak can occur if an error condition is met during the parame...
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel-alt<0:4.14.0-115.19.1.el7a
redhat/kernel<0:3.10.0-1160.el7
Linux Linux kernel<5.1.6
openSUSE Leap=15.1
Netapp Active Iq Unified Manager Vmware Vsphere
and 16 more
CVE-2019-19965
In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race c...
ubuntu/linux<4.15.0-88.88
ubuntu/linux<5.3.0-40.32
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-174.204
ubuntu/linux-aws<4.15.0-1060.62
ubuntu/linux-aws<5.3.0-1011.12
and 100 more
CVE-2019-5108
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. An attacker could exploit this vulnerability by triggering AP to send IAPP location updates for station...
redhat/kernel-rt<0:3.10.0-1127.19.1.rt56.1116.el7
redhat/kernel<0:3.10.0-1127.el7
redhat/kernel-alt<0:4.14.0-115.19.1.el7a
redhat/kernel-rt<0:4.18.0-193.rt13.51.el8
redhat/kernel<0:4.18.0-193.el8
ubuntu/linux<4.15.0-88.88
and 91 more
CVE-2019-19448
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space ...
ubuntu/linux-gke<5.9~
ubuntu/linux-aws-5.8<5.9~
ubuntu/linux-azure-5.8<5.9~
ubuntu/linux-gcp-5.8<5.9~
ubuntu/linux-oracle-5.8<5.9~
ubuntu/linux-riscv-5.8<5.9~
and 152 more
CVE-2019-18683
An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. It is exploitable for privilege escalation on some Linux distributions where local users have /dev/video0 acc...
ubuntu/linux<4.15.0-88.88
ubuntu/linux<5.3.0-40.32
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-173.203
ubuntu/linux-aws<4.15.0-1060.62
ubuntu/linux-aws<5.3.0-1011.12
and 103 more
CVE-2019-18282
A device tracking vulnerability was found in the flow_dissector feature in the Linux kernel. This flaw occurs because the auto flowlabel of the UDP IPv6 packet relies on a 32-bit hashmd value as a sec...
redhat/kernel-rt<0:3.10.0-1160.11.1.rt56.1145.el7
redhat/kernel<0:3.10.0-1160.11.1.el7
redhat/kernel-rt<0:4.18.0-193.rt13.51.el8
redhat/kernel<0:4.18.0-193.el8
Google Android
Linux Linux kernel>=4.3<=5.3.10
and 18 more
CVE-2019-14816
Linux Kernel is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by mwifiex_update_vs_ie() function of Marvell Wifi Driver. By sending a specially-crafted packet, a local...
redhat/kernel-rt<0:3.10.0-1062.12.1.rt56.1042.el7
redhat/kernel-alt<0:4.14.0-115.17.1.el7a
redhat/kernel<0:3.10.0-1062.12.1.el7
redhat/kernel<0:3.10.0-327.85.1.el7
redhat/kernel<0:3.10.0-514.73.1.el7
redhat/kernel<0:3.10.0-693.65.1.el7
and 190 more
CVE-2019-14814
A flaw was found in the Linux kernel’s implementation of the Marvell wifi driver, which can allow a local user who has CAP_NET_ADMIN or administrative privileges to possibly cause a Denial Of Service ...
redhat/kernel-alt<0:4.14.0-115.17.1.el7a
redhat/kernel<0:3.10.0-1127.el7
redhat/kernel-rt<0:4.18.0-147.5.1.rt24.98.el8_1
redhat/kernel<0:4.18.0-147.5.1.el8_1
ubuntu/linux<4.15.0-66.75
ubuntu/linux<5.0.0-32.34
and 165 more
CVE-2019-10126
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly othe...
redhat/kernel-rt<0:3.10.0-1062.4.1.rt56.1027.el7
redhat/kernel<0:3.10.0-1062.4.1.el7
redhat/kernel-alt<0:4.14.0-115.17.1.el7a
redhat/kernel<0:3.10.0-957.54.1.el7
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
and 120 more
CVE-2019-3846
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
redhat/kernel-rt<0:3.10.0-1062.4.1.rt56.1027.el7
redhat/kernel<0:3.10.0-1062.4.1.el7
redhat/kernel-alt<0:4.14.0-115.17.1.el7a
redhat/kernel<0:3.10.0-957.54.1.el7
redhat/kernel-rt<0:4.18.0-80.11.1.rt9.156.el8_0
redhat/kernel<0:4.18.0-80.11.1.el8_0
and 103 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203