Latest netapp cn1610 firmware Vulnerabilities

CVE-2019-12615
An issue was discovered in get_vdev_port_node_info in arch/sparc/kernel/mdesc.c in the Linux kernel through 5.1.6. There is an unchecked kstrdup_const of node_info->vdev_port.name, which might allow a...
Linux Linux kernel>=2.6.12.1<4.14.130
Linux Linux kernel>=4.19<4.19.56
Linux Linux kernel>=5.1<5.1.15
Linux Linux kernel=2.6.12-rc2
Linux Linux kernel=2.6.12-rc3
Linux Linux kernel=2.6.12-rc4
and 15 more
CVE-2019-10126
A flaw was found in the Linux kernel. A heap based buffer overflow in mwifiex_uap_parse_tail_ies function in drivers/net/wireless/marvell/mwifiex/ie.c might lead to memory corruption and possibly othe...
redhat/kernel-rt<0:3.10.0-1062.4.1.rt56.1027.el7
redhat/kernel<0:3.10.0-1062.4.1.el7
redhat/kernel-alt<0:4.14.0-115.17.1.el7a
redhat/kernel<0:3.10.0-957.54.1.el7
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
and 120 more
CVE-2019-3846
A flaw that allowed an attacker to corrupt memory and possibly escalate privileges was found in the mwifiex kernel module while connecting to a malicious wireless network.
redhat/kernel-rt<0:3.10.0-1062.4.1.rt56.1027.el7
redhat/kernel<0:3.10.0-1062.4.1.el7
redhat/kernel-alt<0:4.14.0-115.17.1.el7a
redhat/kernel<0:3.10.0-957.54.1.el7
redhat/kernel-rt<0:4.18.0-80.11.1.rt9.156.el8_0
redhat/kernel<0:4.18.0-80.11.1.el8_0
and 103 more
CVE-2018-20839
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occ...
Systemd Project Systemd=242
Netapp Cn1610 Firmware
Netapp Cn1610
Netapp Snapprotect
IBM Cloud Pak for Business Automation
CVE-2019-11815
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
debian/linux<=4.9.168-2<=4.19.28-2<=3.16.64-2<=4.9.168-1
ubuntu/linux<4.15.0-55.60
ubuntu/linux<5.0.0-16.17
ubuntu/linux<5.1~
ubuntu/linux<4.4.0-150.176
ubuntu/linux-aws<4.15.0-1047.49
and 93 more
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets fa...
redhat/kernel<0:2.6.32-754.24.2.el6
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel-alt<0:4.14.0-115.10.1.el7a
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel<0:3.10.0-693.61.1.el7
redhat/kernel<0:3.10.0-862.44.2.el7
and 114 more
CVE-2019-10125
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pa...
Linux Linux kernel>=4.19<4.19.38
Linux Linux kernel>=5.0<5.0.5
Linux Linux kernel=5.1-rc1
Netapp Active Iq Unified Manager Vmware Vsphere>=9.5
Netapp Hci Management Node
Netapp Snapprotect
and 3 more
CVE-2018-20669
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A loca...
Linux Linux kernel>=4.13<4.14.185
Linux Linux kernel>=4.15<4.19.129
Linux Linux kernel>=4.20<5.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 77 more
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local at...
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
ubuntu/linux<4.15.0-50.54
ubuntu/linux<4.18.0-20.21
and 99 more
CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches a...
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
Linux Linux kernel>=3.10.1<=3.10.108
Linux Linux kernel>=4.18.1<=4.18.20
Debian Debian Linux=8.0
Redhat Enterprise Linux=7.0
and 88 more
CVE-2019-3844
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transie...
Systemd Project Systemd<242
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Netapp Hci Management Node
Netapp Snapprotect
and 8 more
CVE-2019-3843
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated...
Systemd Project Systemd<242
Fedoraproject Fedora=30
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Netapp Hci Management Node
and 9 more
CVE-2019-1559
OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. ...
redhat/openssl<0:1.0.1e-58.el6_10
redhat/openssl<1:1.0.2k-19.el7
redhat/jws5-ecj<0:4.12.0-1.redhat_1.1.el6
redhat/jws5-javapackages-tools<0:3.4.1-5.15.11.el6
redhat/jws5-jboss-logging<0:3.3.2-1.Final_redhat_00001.1.el6
redhat/jws5-tomcat<0:9.0.21-10.redhat_4.1.el6
and 226 more
CVE-2019-9162
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and wr...
Linux Linux kernel>=4.19<4.19.25
Linux Linux kernel>=4.20<4.20.12
Netapp Hci Management Node
Netapp Snapprotect
Netapp Solidfire
Canonical Ubuntu Linux=18.04
and 43 more
CVE-2019-9003
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a...
Linux Linux kernel>=4.18<4.19.18
Linux Linux kernel>=4.20<4.20.5
Linux Linux kernel=5.0-rc1
Linux Linux kernel=5.0-rc2
Linux Linux kernel=5.0-rc3
Linux Linux kernel=5.0-rc4
and 48 more
CVE-2018-0735
A flaw was found in OpenSSL versions from 1.1.0 through 1.1.0i inclusive and version 1.1.1. The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An at...
redhat/openssl<1:1.0.2k-16.el7_6.1
redhat/openssl<1:1.1.1c-2.el8
ubuntu/openssl<1.1.0
ubuntu/openssl<1.1.1-1ubuntu2.1
ubuntu/openssl<1.1.1
ubuntu/openssl<1.1.1
and 55 more
CVE-2018-0734
A flaw was found in OpenSSL versions from 1.1.0 through 1.1.0i inclusive, from 1.0.2 through 1.0.2p inclusive and version 1.1.1. The OpenSSL DSA signature algorithm has been shown to be vulnerable to ...
redhat/jbcs-httpd24-apr<0:1.6.3-63.jbcs.el6
redhat/jbcs-httpd24-apr-util<0:1.6.1-48.jbcs.el6
redhat/jbcs-httpd24-brotli<0:1.0.6-7.jbcs.el6
redhat/jbcs-httpd24-curl<0:7.64.1-14.jbcs.el6
redhat/jbcs-httpd24-httpd<0:2.4.37-33.jbcs.el6
redhat/jbcs-httpd24-jansson<0:2.11-20.jbcs.el6
and 74 more
CVE-2018-15919
Remotely observable behaviour in auth-gss2.c in OpenSSH through 7.8 could be used by remote attackers to detect existence of users on a target system when GSS2 is in use. NOTE: the discoverer states '...
Openbsd Openssh>=5.9<=7.8
Netapp Cloud Backup
Netapp Data Ontap Edge
Netapp Ontap Select Deploy
Netapp Steelstore
Netapp Cn1610 Firmware
and 1 more
CVE-2018-15473
OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, rel...
IBM Security Identity Manager<=7.0.1
debian/openssh<=1:6.7p1-1<=1:7.7p1-1
ubuntu/openssh<1:7.6
ubuntu/openssh<1:7.7
ubuntu/openssh<1:6.6
ubuntu/openssh<1:7.2
and 40 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203