Latest netapp aff 500f Vulnerabilities

CVE-2022-36879
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
Linux Linux kernel<=5.18.14
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Netapp A700s Firmware
Netapp A700s
Apple iPadOS
and 216 more
CVE-2022-1434
The OpenSSL 3.0 implementation of the RC4-MD5 ciphersuite incorrectly uses the AAD data as the MAC key. This makes the MAC key trivially predictable. An attacker could exploit this issue by performing...
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
Netapp Santricity Smi-s Provider
Netapp Smi-s Provider
and 77 more
CVE-2022-1473
A memory leak flaw was found in OpenSSL, resulting in TLS servers and clients being halted by out-of-memory conditions, leading to a denial of service. An attacker needs to repeat actions continuously...
rust/openssl-src>=300.0.0<300.0.6
redhat/openssl<1:3.0.1-41.el9_0
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
and 80 more
CVE-2022-1292
The c_rehash script does not properly sanitise shell metacharacters to prevent command injection. This script is distributed by some operating systems in a manner where it is automatically executed. O...
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el8
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el7
redhat/openssl<1:1.1.1k-7.el8_6
redhat/openssl<1:3.0.1-41.el9_0
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el7
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el8
and 108 more
CVE-2022-1343
The function `OCSP_basic_verify` verifies the signer certificate on an OCSP response. In the case where the (non-default) flag OCSP_NOCHECKS is used then the response will be positive (meaning a succe...
redhat/openssl<1:3.0.1-41.el9_0
OpenSSL OpenSSL>=3.0.0<3.0.3
Netapp Active Iq Unified Manager
NetApp Clustered Data ONTAP
Netapp Clustered Data Ontap Antivirus Connector
Netapp Santricity Smi-s Provider
and 79 more
CVE-2021-41617
sshd in OpenSSH 6.2 through 8.x before 8.8, when certain non-default configurations are used, allows privilege escalation because supplemental groups are not initialized as expected. Helper programs f...
debian/openssh<=1:7.9p1-10+deb10u2<=1:7.9p1-10<=1:8.4p1-5<=1:8.4p1-6
ubuntu/openssh<1:8.2
ubuntu/openssh<8.8
ubuntu/openssh<1:7.2
Openbsd Openssh>=6.2<8.8
Fedoraproject Fedora=33
and 21 more
CVE-2021-22555
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by a heap out-of-bounds write flaw in net/netfilter/x_tables.c. By sending a specially-crafted...
redhat/kernel-rt<0:3.10.0-1160.41.1.rt56.1181.el7
redhat/kernel<0:3.10.0-1160.41.1.el7
redhat/kernel<0:3.10.0-327.100.1.el7
redhat/kernel<0:3.10.0-514.92.1.el7
redhat/kernel<0:3.10.0-693.94.1.el7
redhat/kernel<0:3.10.0-957.84.1.el7
and 35 more
CVE-2021-25216
ISC BIND TKEY Query Integer Overflow Remote Code Execution Vulnerability
debian/bind9
ISC BIND
debian/bind9<=1:9.11.5.P4+dfsg-5.1<=1:9.11.5.P4+dfsg-5.1+deb10u3<=1:9.16.13-1
Debian Debian Linux=9.0
Debian Debian Linux=10.0
ISC BIND>=9.0.0<9.11.31
and 42 more
CVE-2021-25214
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17....
debian/bind9
debian/bind9<=1:9.11.5.P4+dfsg-5.1<=1:9.16.13-1<=1:9.11.5.P4+dfsg-5.1+deb10u3
IBM Cloud Pak for Security (CP4S)<=1.7.2.0
IBM Cloud Pak for Security (CP4S)<=1.7.1.0
IBM Cloud Pak for Security (CP4S)<=1.7.0.0
ISC BIND>=9.8.5<=9.8.8
and 47 more
CVE-2021-28971
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEB...
redhat/kernel-rt<0:4.18.0-348.rt7.130.el8
redhat/kernel<0:4.18.0-348.el8
Linux Linux kernel<=5.11.8
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
and 123 more
CVE-2021-28951
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concur...
Linux Linux kernel<=5.11.8
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Netapp A250 Firmware
Netapp A250
and 83 more
CVE-2021-28952
An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c...
Linux Linux kernel<=5.11.8
Fedoraproject Fedora=32
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Netapp Cloud Backup
Netapp A250 Firmware
and 93 more
CVE-2020-14305
An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated ...
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
Linux Linux kernel<=4.11.12
Linux Linux kernel=4.12
Netapp Cloud Backup
Netapp A250 Firmware
and 9 more
CVE-2020-15436
A use-after-free flaw was observed in blkdev_get(), in fs/block_dev.c after a call to __blkdev_get() fails, and its refcount gets freed/released. This problem may cause a denial of service problem wit...
redhat/kernel-rt<0:3.10.0-1160.15.2.rt56.1152.el7
redhat/kernel<0:3.10.0-1160.15.2.el7
redhat/kernel-alt<0:4.14.0-115.35.1.el7a
redhat/kernel<0:3.10.0-957.72.1.el7
redhat/kernel<0:3.10.0-1062.51.1.el7
Google Android
and 150 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203