Latest netapp h410c firmware Vulnerabilities

CVE-2023-45862
<a href="https://access.redhat.com/security/cve/CVE-2023-45862">CVE-2023-45862</a> --- An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel...
Linux Linux kernel<6.2.5
ubuntu/linux<4.15.0-220.231
ubuntu/linux<5.4.0-152.169
ubuntu/linux<5.15.0-79.86
ubuntu/linux<6.3~
ubuntu/linux<4.4.0-248.282
and 116 more
CVE-2023-5363
Incorrect cipher key & IV length processing
redhat/OpenSSL<3.0.12
redhat/OpenSSL<3.1.4
debian/openssl
OpenSSL OpenSSL>=3.0.0<3.0.12
OpenSSL OpenSSL>=3.1.0<3.1.4
Debian Debian Linux=12.0
and 14 more
CVE-2023-4236
named may terminate unexpectedly under high DNS-over-TLS query load
debian/bind9<=1:9.18.16-1~deb12u1<=1:9.18.16-1
ISC BIND>=9.18.0<9.18.18
ISC BIND=9.18.11-s1
ISC BIND=9.18.18-s1
debian/bind9
Fedoraproject Fedora=37
and 19 more
CVE-2023-4527
Glibc: stack read overflow in getaddrinfo in no-aaaa mode
debian/glibc<=2.36-9+deb12u2
GNU glibc<2.39
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
ubuntu/glibc<2.37-0ubuntu2.1
ubuntu/glibc<2.38-1ubuntu5
and 35 more
CVE-2023-32252
Linux Kernel ksmbd Session NULL Pointer Dereference Denial-of-Service Vulnerability
Linux Linux kernel<=6.3.9
Linux kernel
redhat/kernel<6.4
ubuntu/linux<5.15.0-94.104
ubuntu/linux<6.2.0-32.32
ubuntu/linux<6.4~
and 132 more
CVE-2023-2829
A `named` instance configured to run as a DNSSEC-validating recursive resolver with the Aggressive Use of DNSSEC-Validated Cache (RFC 8198) option (`synth-from-dnssec`) enabled can be remotely termina...
ISC BIND>=9.16.8<=9.16.41
ISC BIND>=9.18.11<=9.18.15
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp H500s Firmware
Netapp H500s
Netapp H700s Firmware
and 7 more
CVE-2023-2911
If the `recursive-clients` quota is reached on a BIND 9 resolver configured with both `stale-answer-enable yes;` and `stale-answer-client-timeout 0;`, a sequence of serve-stale-related lookups could c...
ubuntu/bind9<1:9.16.1-0ubuntu2.15
ubuntu/bind9<1:9.18.12-0ubuntu0.22.04.2
ubuntu/bind9<1:9.18.12-0ubuntu0.22.10.2
ubuntu/bind9<1:9.18.12-1ubuntu1.1
ubuntu/bind9<9.16.42<9.18.16
ubuntu/bind9<1:9.18.12-1ubuntu2
and 30 more
CVE-2023-2828
ISC BIND is vulnerable to a denial of service, caused by a flaw that allows the named's configured cache size limit to be significantly exceeded. By querying the resolver for specific RRsets in a cert...
IBM QRadar SIEM<=7.5.0 - 7.5.0 UP6
ubuntu/bind9<1:9.11.3+dfsg-1ubuntu1.19+
ubuntu/bind9<1:9.9.5.dfsg-3ubuntu0.19+
ubuntu/bind9<1:9.10.3.dfsg.
ubuntu/bind9<1:9.16.1-0ubuntu2.15
ubuntu/bind9<1:9.18.12-0ubuntu0.22.04.2
and 39 more
CVE-2023-35788
Linux Kernel could allow a local authenticated attacker to gain elevated privileges on the system, caused by an off-by-one flaw in the fl_set_geneve_opt fucntion. By sending a specially crafted reques...
IBM QRadar SIEM<=7.5 - 7.5.0 UP7
redhat/kernel<6.4
ubuntu/linux-nvidia<5.15.0-1028.28
ubuntu/linux-nvidia<6.4~
ubuntu/linux-gkeop-5.15<5.15.0-1023.28~20.04.1
ubuntu/linux-gkeop-5.15<6.4~
and 182 more
CVE-2023-3212
A NULL pointer dereference issue was found in the gfs2 file system in the Linux kernel. It occurs on corrupt gfs2 file systems when the evict code tries to reference the journal descriptor structure a...
Linux Linux kernel<6.4
Linux Linux kernel=6.4-rc1
Fedoraproject Fedora=38
Redhat Enterprise Linux=8.0
Redhat Enterprise Linux=9.0
redhat/kernel<6.4
and 176 more
CVE-2023-3111
A use after free vulnerability was found in prepare_to_relocate in fs/btrfs/relocation.c in btrfs in the Linux Kernel. This possible flaw can be triggered by calling btrfs_ioctl_balance() before calli...
Linux Linux kernel>=2.6.31<4.14.318
Linux Linux kernel>=4.15<4.19.286
Linux Linux kernel>=4.20<5.4.247
Linux Linux kernel>=5.5<5.10.184
Linux Linux kernel>=5.11<5.15.63
Linux Linux kernel>=5.16<5.19.4
and 152 more
CVE-2023-2953
A vulnerability was found in openldap that can cause a null pointer dereference in the ber_memalloc_x() function.
Apple macOS Big Sur<11.7.9
Apple macOS Ventura<13.5
Apple macOS Monterey<12.6.8
ubuntu/openldap<2.4.45+dfsg-1ubuntu1.11+
ubuntu/openldap<2.4.49+dfsg-2ubuntu1.10
ubuntu/openldap<2.5.16+dfsg-0ubuntu0.22.04.2
and 33 more
CVE-2023-2898
There is a null-pointer-dereference flaw found in f2fs_write_end_io in fs/f2fs/data.c in the Linux kernel. This flaw allows a local privileged user to cause a denial of service problem.
Linux Linux kernel
ubuntu/linux<5.15.0-83.92
ubuntu/linux<6.2.0-32.32
ubuntu/linux<6.5~
ubuntu/linux-allwinner<6.5~
ubuntu/linux-allwinner-5.19<6.5~
and 123 more
CVE-2023-2269
A bug in the Linux kernel version 6.2.0 by syzkaller with our own templates. The bug causes a possible recursive locking scenario, resulting in a deadlock. The key trace is as follows: down_read+0x9...
Linux Linux kernel=6.2
Fedoraproject Fedora=36
Fedoraproject Fedora=37
Fedoraproject Fedora=38
ubuntu/linux<4.15.0-216.227
ubuntu/linux<5.4.0-162.179
and 159 more
CVE-2023-2007
The specific flaw exists within the DPT I2O Controller driver. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this in conjunction w...
Linux Linux kernel<6.0
debian/linux<=4.19.249-2
debian/linux-5.10
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Netapp H300s Firmware
and 10 more
CVE-2023-31084
An issue was discovered in drivers/media/dvb-core/dvb_frontend.c in the Linux kernel 6.2. There is a blocking operation when a task is in !TASK_RUNNING. In dvb_frontend_get_event, wait_event_interrupt...
Linux Linux kernel=6.2
Fedoraproject Fedora=37
Fedoraproject Fedora=38
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Debian Debian Linux=12.0
and 161 more
CVE-2023-2124
An out-of-bounds memory access flaw was found in the Linux kernel’s XFS file system in how a user restores an XFS image after failure (with a dirty log journal). This flaw allows a local user to crash...
Linux Linux kernel<=6.3
redhat/kernel<6.4
ubuntu/linux-nvidia<6.4~
ubuntu/linux-nvidia<5.15.0-1030.30
ubuntu/linux-gkeop-5.15<6.4~
ubuntu/linux-gkeop-5.15<5.15.0-1025.30~20.04.1
and 156 more
CVE-2023-1077
In the Linux kernel, pick_next_rt_entity() may return a type confused entry, not detected by the BUG_ON condition, as the confused entry will not be NULL, but list_head.The buggy error condition would...
Linux Linux kernel
Debian Debian Linux=10.0
Netapp A700s Firmware
Netapp A700s
Netapp 8300 Firmware
Netapp 8300
and 162 more
CVE-2023-1380
A slab-out-of-bound read problem was found in brcmf_get_assoc_ies in drivers/net/wireless/broadcom/brcm80211/brcmfmac/cfg80211.c in the Linux Kernel. This issue could occur when assoc_info->req_len da...
ubuntu/linux<4.15.0-212.223
ubuntu/linux<5.4.0-150.167
ubuntu/linux<5.15.0-73.80
ubuntu/linux<5.19.0-43.44
ubuntu/linux<6.2.0-23.23
ubuntu/linux<3.13.0-194.245
and 215 more
CVE-2023-28464
A double free vulnerability was found in the hci_conn_cleanup function of net/bluetooth/hci_conn.c, which may cause DOS or privilege escalation. Version: Linux kernel 6.2 (this problem also exists in...
Linux Linux kernel=6.1.25
Linux Linux kernel=6.2.12
Linux Linux kernel=6.3
Linux Linux kernel=6.3-rc1
Linux Linux kernel=6.3-rc2
Linux Linux kernel=6.3-rc3
and 13 more
CVE-2023-26545
A double free in net/mpls/af_mpls.c upon an allocation failure during the renaming of a device in Linux Kernel could allow a remote authenticated attacker from within the local network to cause an unk...
redhat/kernel<6.2
ubuntu/linux-iot<5.4.0-1017.18
ubuntu/linux<6.2
ubuntu/linux<4.15.0-209.220
ubuntu/linux<5.4.0-147.164
ubuntu/linux<5.15.0-70.77
and 157 more
CVE-2023-0045
The current implementation of the prctl syscall does not issue an IBPB immediately during the syscall. The ib_prctl_set function updates the Thread Information Flags (TIFs) for the task and updates th...
Linux Linux kernel>=3.16.68<3.17
Linux Linux kernel>=4.4.180<4.5
Linux Linux kernel>=4.9.176<4.10
Linux Linux kernel>=4.14.86<4.14.303
Linux Linux kernel>=4.19.7<4.19.270
Linux Linux kernel>=4.20<5.4.229
and 172 more
CVE-2022-47519
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_OPER_CHANNEL in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver c...
Linux Linux kernel>=4.2<5.10.157
Linux Linux kernel>=5.11<5.15.81
Linux Linux kernel>=5.16<6.0.11
Debian Debian Linux=10.0
Netapp H410c Firmware
Netapp H410c
and 115 more
CVE-2022-47520
An issue was discovered in the Linux kernel before 6.0.11. Missing offset validation in drivers/net/wireless/microchip/wilc1000/hif.c in the WILC1000 wireless driver can trigger an out-of-bounds read ...
Linux Linux kernel>=4.2.0<5.10.157
Linux Linux kernel>=5.11<5.15.81
Linux Linux kernel>=5.16<6.0.11
Debian Debian Linux=10.0
Netapp H410c Firmware
Netapp H410c
and 132 more
CVE-2022-47521
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of IEEE80211_P2P_ATTR_CHANNEL_LIST in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver c...
Linux Linux kernel>=5.7<5.10.157
Linux Linux kernel>=5.11<5.15.81
Linux Linux kernel>=5.16<6.0.11
Debian Debian Linux=10.0
Netapp H410c Firmware
Netapp H410c
and 115 more
CVE-2022-47518
An issue was discovered in the Linux kernel before 6.0.11. Missing validation of the number of channels in drivers/net/wireless/microchip/wilc1000/cfg80211.c in the WILC1000 wireless driver can trigge...
Linux Linux kernel>=4.2<5.10.157
Linux Linux kernel>=5.11<5.15.81
Linux Linux kernel>=5.16<6.0.11
Debian Debian Linux=10.0
Netapp H410c Firmware
Netapp H410c
and 115 more
CVE-2022-45919
An issue was discovered in the Linux kernel through 6.0.10. In drivers/media/dvb-core/dvb_ca_en50221.c, a use-after-free can occur is there is a disconnect after an open, because of the lack of a wait...
Linux Linux kernel<=6.0.10
Netapp H410c Firmware
Netapp H410c
Apple macOS Ventura
Apple macOS Big Sur
Apple macOS Big Sur
and 158 more
CVE-2022-45934
An issue was discovered in the Linux kernel through 6.0.10. l2cap_config_req in net/bluetooth/l2cap_core.c has an integer wraparound via L2CAP_CONF_REQ packets.
Linux Linux kernel>=2.6.32<4.9.337
Linux Linux kernel>=4.10<4.14.303
Linux Linux kernel>=4.15<4.19.270
Linux Linux kernel>=4.20<5.4.229
Linux Linux kernel>=5.5<5.10.161
Linux Linux kernel>=5.11<5.15.85
and 159 more
CVE-2022-45887
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/usb/ttusb-dec/ttusb_dec.c has a memory leak because of the lack of a dvb_frontend_detach call.
Linux Linux kernel<=6.0.9
Netapp H410c Firmware
Netapp H410c
Apple macOS Ventura
Apple macOS Big Sur
Apple macOS Big Sur
and 143 more
CVE-2022-45886
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_net.c has a .disconnect versus dvb_device_open race condition that leads to a use-after-free.
Linux Linux kernel<=6.0.9
Netapp H410c Firmware
Netapp H410c
Apple macOS Ventura
Apple macOS Big Sur
Apple macOS Big Sur
and 151 more
CVE-2022-45888
An issue was discovered in the Linux kernel through 6.0.9. drivers/char/xillybus/xillyusb.c has a race condition and use-after-free during physical removal of a USB device.
Linux Linux kernel<=6.0.9
Netapp H410c Firmware
Netapp H410c
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
and 15 more
CVE-2022-45884
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvbdev.c has a use-after-free, related to dvb_register_device dynamically allocating fops.
Linux Linux kernel<=6.0.9
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
Netapp H500s
Netapp H700s Firmware
and 15 more
CVE-2022-45885
An issue was discovered in the Linux kernel through 6.0.9. drivers/media/dvb-core/dvb_frontend.c has a race condition that can cause a use-after-free when a device is disconnected.
Linux Linux kernel<=6.0.9
Netapp H410c Firmware
Netapp H410c
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
and 15 more
CVE-2022-43680
Apache OpenOffice: "Use after free" fixed in libexpat
debian/expat<=2.2.6-2+deb10u4
debian/expat<=2.2.10-2<=2.4.9-1
redhat/expat<0:2.2.5-10.el8_7.1
redhat/expat<0:2.4.9-1.el9_1.1
redhat/expat<2.5.0
Google Android
and 33 more
CVE-2022-3545
A vulnerability has been found in area_cache_get in drivers/net/ethernet/netronome/nfp/nfpcore/nfp_cppcore.c in IPsec in the Linux Kernel. The manipulation leads to a use after free problem. Referenc...
Linux Linux kernel>=4.11<4.14.303
Linux Linux kernel>=4.15<4.19.270
Linux Linux kernel>=4.20<5.4.228
Linux Linux kernel>=5.5<5.10.160
Linux Linux kernel>=5.11<5.15.84
Netapp H410c Firmware
and 155 more
CVE-2022-40304
A flaw was found in libxml2. When a reference cycle is detected in the XML entity cleanup function the XML entity data can be stored in a dictionary. In this case, the dictionary becomes corrupted res...
redhat/libxml2<0:2.9.7-15.el8_7.1
redhat/libxml2<0:2.9.13-3.el9_1
Apple tvOS<16.2
Apple watchOS<9.2
Apple macOS Monterey<12.6.2
Apple macOS Big Sur<11.7.2
and 29 more
CVE-2022-40303
A flaw was found in libxml2. Parsing a XML document with the XML_PARSE_HUGE option enabled can result in an integer overflow because safety checks were missing in some functions. Also, the xmlParseEnt...
redhat/libxml2<0:2.9.7-15.el8_7.1
redhat/libxml2<0:2.9.13-3.el9_1
Apple tvOS<16.2
Apple watchOS<9.2
Apple macOS Big Sur<11.7.2
Apple macOS Monterey<12.6.2
and 29 more
CVE-2022-43945
The Linux kernel NFSD implementation prior to versions 5.19.17 and 6.0.2 are vulnerable to buffer overflow. NFSD tracks the number of pages held by each NFSD thread by combining the receive and send b...
redhat/kernel-rt<0:4.18.0-425.13.1.rt7.223.el8_7
redhat/kernel<0:4.18.0-425.13.1.el8_7
redhat/kernel<0:5.14.0-162.12.1.el9_1
redhat/kernel-rt<0:5.14.0-162.12.1.rt21.175.el9_1
redhat/kernel<0:5.14.0-70.36.1.el9_0
redhat/kernel-rt<0:5.14.0-70.36.1.rt21.108.el9_0
and 156 more
CVE-2022-3202
A NULL pointer dereference flaw in diFree in fs/jfs/inode.c in Journaled File System (JFS)in the Linux kernel. This could allow a local attacker to crash the system or leak kernel internal information...
Linux Linux kernel<4.9.311
Linux Linux kernel>=4.10<4.14.276
Linux Linux kernel>=4.15<4.19.238
Linux Linux kernel>=4.20<5.4.189
Linux Linux kernel>=5.5.0<5.10.111
Linux Linux kernel>=5.11<5.15.34
and 154 more
CVE-2022-39046
An issue was discovered in the GNU C Library (glibc) 2.36. When the syslog function is passed a crafted input string larger than 1024 bytes, it reads uninitialized memory from the heap and prints it t...
GNU C Library (glibc)=2.37
GNU C Library (glibc)=2.36
GNU glibc=2.36
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
and 18 more
CVE-2022-2961
A use-after-free flaw was found in the Linux kernel’s PLP Rose functionality in the way a user triggers a race condition by calling bind while simultaneously triggering the rose_bind() function. This ...
Linux Linux kernel<6.0
Linux Linux kernel=6.0-rc1
Fedoraproject Fedora=36
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
and 7 more
CVE-2022-36123
The Linux kernel before 5.18.13 lacks a certain clear operation for the block starting symbol (.bss). This allows Xen PV guest OS users to cause a denial of service or gain privileges.
Linux Linux kernel<5.18.13
Netapp H300s Firmware
Netapp H300s
Netapp H500s Firmware
Netapp H500s
Netapp H700s Firmware
and 5 more
CVE-2022-2873
A flaw out of bounds memory access found in the Intel iSMT SMBus host controller driver. If local user triggers I2C_SMBUS_BLOCK_DATA (with the ioctl I2C_SMBUS) with some malicious input data, it can l...
redhat/kernel-rt<0:4.18.0-425.13.1.rt7.223.el8_7
redhat/kernel<0:4.18.0-425.13.1.el8_7
redhat/kernel<0:4.18.0-372.75.1.el8_6
redhat/kernel<0:5.14.0-162.18.1.el9_1
redhat/kernel-rt<0:5.14.0-162.18.1.rt21.181.el9_1
Linux Linux kernel<5.19
and 120 more
CVE-2022-36879
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
Linux Linux kernel<=5.18.14
Debian Debian Linux=10.0
Debian Debian Linux=11.0
Netapp A700s Firmware
Netapp A700s
Apple iPadOS
and 216 more
CVE-2022-31160
### Impact Initializing a checkboxradio widget on an input enclosed within a label makes that parent label contents considered as the input label. If you call `.checkboxradio( "refresh" )` on such a w...
nuget/jQuery.UI.Combined<1.13.2
rubygems/jquery-ui-rails<7.0.0
maven/org.webjars.npm:jquery-ui<1.13.2
npm/jquery-ui<1.13.2
ubuntu/jqueryui<1.12.1+dfsg-5ubuntu0.18.04.1~
ubuntu/jqueryui<1.13.2
and 44 more
CVE-2022-2318
There are use-after-free vulnerabilities caused by timer handler in net/rose/rose_timer.c of linux that allow attackers to crash linux kernel without any privileges.
ubuntu/linux<4.15.0-194.205
ubuntu/linux<5.4.0-128.144
ubuntu/linux<5.15.0-48.54
ubuntu/linux<5.19~
ubuntu/linux<4.4.0-239.273
ubuntu/linux-aws<4.15.0-1142.154
and 162 more
CVE-2022-2097
AES OCB mode for 32-bit x86 platforms using the AES-NI assembly optimised implementation will not encrypt the entirety of the data under some circumstances. This could reveal sixteen bytes of data tha...
redhat/openssl<1:1.1.1k-7.el8_6
redhat/openssl<1:3.0.1-41.el9_0
OpenSSL OpenSSL>=1.1.1<1.1.1q
OpenSSL OpenSSL>=3.0.0<3.0.5
Fedoraproject Fedora=35
Fedoraproject Fedora=36
and 40 more
CVE-2022-34918
A heap buffer overflow flaw was found in the Linux kernel’s Netfilter subsystem in the way a user provides incorrect input of the NFT_DATA_VERDICT type. This flaw allows a local user to crash or poten...
Linux Linux kernel>=4.1<4.14.316
Linux Linux kernel>=4.15<4.19.284
Linux Linux kernel>=4.20<5.4.244
Linux Linux kernel>=5.5<5.10.130
Linux Linux kernel>=5.11<5.15.54
Linux Linux kernel>=5.16<5.18.11
and 171 more
CVE-2022-2274
The OpenSSL 3.0.4 release introduced a serious bug in the RSA implementation for X86_64 CPUs supporting the AVX512IFMA instructions. This issue makes the RSA implementation with 2048 bit private keys ...
OpenSSL OpenSSL=3.0.4
Netapp Snapcenter
Netapp H410c Firmware
Netapp H410c
Netapp H300s Firmware
Netapp H300s
and 6 more
CVE-2022-2068
OpenSSL could allow a remote attacker to execute arbitrary commands on the system, caused by improper validation of user-supplied input by the c_rehash script. By sending a specially-crafted request u...
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el8
redhat/jbcs-httpd24-openssl<1:1.1.1k-13.el7
redhat/openssl<1:1.1.1k-7.el8_6
redhat/openssl<1:3.0.1-41.el9_0
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el7
redhat/jws5-tomcat-native<0:1.2.31-11.redhat_11.el8
and 95 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203