Latest netapp hci compute node firmware Vulnerabilities

CVE-2022-27778
A use of incorrectly resolved name vulnerability fixed in 7.83.1 might remove the wrong file when `--no-clobber` is used together with `--remove-on-error`.
Haxx Curl=7.83.0
Netapp Active Iq Unified Manager Vmware Vsphere
Netapp Active Iq Unified Manager Windows
NetApp Clustered Data ONTAP
NetApp OnCommand Insight
NetApp OnCommand Workflow Automation
and 27 more
CVE-2022-21434
An unspecified vulnerability in Java SE related to the Libraries component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.7.1-ibm-1:1.7.1.5.10-1jpp.1.el7
redhat/java<1.8.0-ibm-1:1.8.0.7.10-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
and 54 more
CVE-2022-21426
An unspecified vulnerability in Java SE related to the JAXP component could allow an unauthenticated attacker to cause a denial of service resulting in a low availability impact using unknown attack v...
redhat/java<11-openjdk-1:11.0.15.0.9-2.el7_9
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el7_9
redhat/java<1.8.0-ibm-1:1.8.0.8.0-1jpp.1.el7
redhat/java<11-openjdk-1:11.0.15.0.9-2.el8_5
redhat/java<17-openjdk-1:17.0.3.0.6-2.el8_5
redhat/java<1.8.0-openjdk-1:1.8.0.332.b09-1.el8_5
and 52 more
CVE-2022-28893
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
redhat/kernel-rt<0:4.18.0-425.3.1.rt7.213.el8
redhat/kernel<0:4.18.0-425.3.1.el8
redhat/kernel<0:5.14.0-162.6.1.el9_1
redhat/kernel-rt<0:5.14.0-162.6.1.rt21.168.el9_1
Linux Linux kernel>=5.1<5.4.196
Linux Linux kernel>=5.5<5.10.117
and 166 more
CVE-2022-28796
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
Linux Linux kernel>=5.17<5.17.1
Redhat Enterprise Linux=6.0
Redhat Enterprise Linux=7.0
Fedoraproject Fedora=35
Netapp Active Iq Unified Manager Vsphere
Netapp Solidfire\, Enterprise Sds \& Hci Storage Node
and 19 more
CVE-2021-20322
A flaw in the processing of received ICMP errors (ICMP fragment needed and ICMP redirect) in the Linux kernel functionality was found to allow the ability to quickly scan open UDP ports. This flaw all...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.49.1.rt7.121.el8_4
redhat/kernel<0:4.18.0-305.49.1.el8_4
redhat/kernel<5.15
ubuntu/linux-aws<4.15.0-1119.127
and 186 more
CVE-2021-3733
Python is vulnerable to a denial of service, caused by a regular expression denial of service (ReDoS) flaw in the AbstractBasicAuthHandler class in urllib. By persuading a victim to visit a specially-...
redhat/python3<0:3.6.8-39.el8_4
redhat/rh-python38-babel<0:2.7.0-12.el7
redhat/rh-python38-python<0:3.8.11-2.el7
redhat/rh-python38-python-cryptography<0:2.8-5.el7
redhat/rh-python38-python-jinja2<0:2.10.3-6.el7
redhat/rh-python38-python-lxml<0:4.4.1-7.el7
and 49 more
CVE-2021-22897
curl 7.61.0 through 7.76.1 suffers from exposure of data element to wrong session due to a mistake in the code for CURLOPT_SSL_CIPHER_LIST when libcurl is built to use the Schannel TLS library. The se...
Haxx Curl>=7.61.0<=7.76.1
Oracle Communications Cloud Native Core Binding Support Function=1.11.0
Oracle Communications Cloud Native Core Network Function Cloud Native Environment=1.10.0
Oracle Communications Cloud Native Core Network Repository Function=1.15.0
Oracle Communications Cloud Native Core Network Repository Function=1.15.1
Oracle Communications Cloud Native Core Network Slice Selection Function=1.8.0
and 45 more
CVE-2021-45485
In the IPv6 implementation in the Linux kernel before 5.13.3, net/ipv6/output_core.c has an information leak because of certain use of a hash table which, although big, doesn't properly consider that ...
redhat/kernel-rt<0:4.18.0-372.9.1.rt7.166.el8
redhat/kernel<0:4.18.0-372.9.1.el8
redhat/kernel-rt<0:4.18.0-305.65.1.rt7.137.el8_4
redhat/kernel<0:4.18.0-305.65.1.el8_4
Linux Linux kernel<5.13.3
NetApp E-Series SANtricity OS Controller
and 191 more
CVE-2021-22901
A use-after-free flaw was found in the way curl handled TLS session data. The curl versions using the OpenSSL library as their TLS backend could use freed memory after TLS session renegotiation was pe...
redhat/jbcs-httpd24<0:1-18.el8
redhat/jbcs-httpd24-apr<0:1.6.3-105.el8
redhat/jbcs-httpd24-apr-util<0:1.6.1-82.el8
redhat/jbcs-httpd24-brotli<0:1.0.6-40.el8
redhat/jbcs-httpd24-curl<0:7.77.0-2.el8
redhat/jbcs-httpd24-httpd<0:2.4.37-74.el8
and 68 more
CVE-2021-28041
ssh-agent in OpenSSH before 8.5 has a double free that may be relevant in a few less-common scenarios, such as unconstrained agent-socket access on a legacy operating system, or the forwarding of an a...
Openbsd Openssh>=8.2<8.5
Fedoraproject Fedora=33
Fedoraproject Fedora=34
Netapp Cloud Backup
Netapp Hci Management Node
Netapp Solidfire
and 6 more
CVE-2020-35507
GNU Binutils before 2.34 has a NULL pointer dereference in bfd_pef_parse_function_stubs function in bfd/pef.c due to not checking return value of bfd_malloc. This bug allows attackers to cause a denia...
redhat/binutils<2.34
GNU Binutils<2.34
Redhat Enterprise Linux=8.0
IBM Cloud Pak for Business Automation
Netapp Hci Compute Node
Netapp Cloud Backup
and 4 more
CVE-2020-35496
GNU Binutils before 2.34 has a NULL pointer dereference in bfd_pef_scan_start_address function in bfd/pef.c due to not checking return value of bfd_malloc. This bug allows attackers to cause a denial ...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-35495
GNU Binutils before 2.34 has a NULL pointer deference vulnerability in function bfd_pef_parse_symbols (file bfd/pef.c) which could allow attackers to cause a denial of service. Reference: <a href="ht...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-35494
GNU Binutils before 2.34 has an uninitialized-heap vulnerability in function tic4x_print_cond (file opcodes/tic4x-dis.c) which could allow attackers to make an information leak. Reference: <a href="h...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-35493
A flaw exists in binutils in bfd/pef.c. An attacker who is able to submit a crafted PEF file to be parsed by objdump could cause a heap buffer overflow -> out-of-bounds read that could lead to an impa...
redhat/binutils<2.34
GNU Binutils<2.34
Fedoraproject Fedora=32
Netapp Cloud Backup
NetApp ONTAP Select Deploy administration utility
IBM Cloud Pak for Business Automation
and 4 more
CVE-2020-29370
An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71.
Linux Linux kernel<5.5.11
Netapp Cloud Backup
IBM Cloud Pak for Business Automation
Netapp Solidfire \& Hci Management Node
IBM Cloud Pak for Business Automation
Netapp Hci Compute Node
and 4 more
CVE-2020-13632
ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.
redhat/sqlite<3.32.0
ubuntu/sqlite3<3.22.0-1ubuntu0.4
ubuntu/sqlite3<3.29.0-2ubuntu0.3
ubuntu/sqlite3<3.31.1-4ubuntu0.1
ubuntu/sqlite3<3.32.0-1
ubuntu/sqlite3<3.11.0-1ubuntu1.5
and 22 more
CVE-2020-13630
ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
<3.32.0
=32
=16.04
=18.04
=19.10
=20.04
and 59 more
CVE-2020-13631
SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
<3.32.0
=32
=16.04
=18.04
=19.10
=20.04
and 55 more
CVE-2020-12769
An issue was discovered in the Linux kernel before 5.4.17. drivers/spi/spi-dw.c allows attackers to cause a panic via concurrent calls to dw_spi_irq and dw_spi_transfer_one, aka CID-19b61392c5a8.
ubuntu/linux<4.15.0-96.97
ubuntu/linux<5.3.0-46.38
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-184.214
ubuntu/linux-aws<4.15.0-1065.69
ubuntu/linux-aws<5.3.0-1016.17
and 126 more
CVE-2020-13817
NTP is vulnerable to a denial of service, caused by an issue when relying on unauthenticated IPv4 time sources in ntpd. By predicting transmit timestamps for use in spoofed packets, a remote attacker ...
IBM ISAM<=9.0.7
IBM Security Verify Access<=10.0.0
redhat/ntp<4.2.8
redhat/ntp<4.3.100
NTP ntp<4.2.8
NTP ntp>=4.3.0<4.3.100
and 72 more
CVE-2020-12653
An issue was found in Linux kernel before 5.5.4. The mwifiex_cmd_append_vsie_tlv() function in drivers/net/wireless/marvell/mwifiex/scan.c allows local users to gain privileges or cause a denial of se...
redhat/kernel-rt<0:3.10.0-1127.18.2.rt56.1116.el7
redhat/kernel<0:3.10.0-1127.18.2.el7
redhat/kernel<0:3.10.0-327.90.2.el7
redhat/kernel<0:3.10.0-514.78.1.el7
redhat/kernel<0:3.10.0-693.72.1.el7
redhat/kernel<0:3.10.0-957.58.2.el7
and 43 more
CVE-2019-5188
A code execution vulnerability exists in the directory rehashing functionality of E2fsprogs e2fsck 1.45.4. A specially crafted ext4 directory can cause an out-of-bounds write on the stack, resulting i...
IBM Security Guardium<=10.5
IBM Security Guardium<=10.6
IBM Security Guardium<=11.0
IBM Security Guardium<=11.1
IBM Security Guardium<=11.2
IBM Security Guardium<=11.3
and 15 more
CVE-2019-19054
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by trig...
ubuntu/linux<4.15.0-118.119
ubuntu/linux<5.4.0-48.52
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-190.220
ubuntu/linux-aws<4.15.0-1083.87
ubuntu/linux-aws<5.4.0-1025.25
and 129 more
CVE-2019-19057
Two memory leaks in the mwifiex_pcie_init_evt_ring() function in drivers/net/wireless/marvell/mwifiex/pcie.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory con...
redhat/kernel-rt<0:4.18.0-193.rt13.51.el8
redhat/kernel<0:4.18.0-193.el8
ubuntu/linux<4.15.0-88.88
ubuntu/linux<5.3.0-40.32
ubuntu/linux<5.5~
ubuntu/linux<4.4.0-173.203
and 113 more
CVE-2019-19052
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submi...
ubuntu/linux<4.15.0-74.84
ubuntu/linux<5.0.0-38.41
ubuntu/linux<5.3.0-26.28
ubuntu/linux<5.4~
ubuntu/linux<4.4.0-171.200
ubuntu/linux-aws<4.15.0-1057.59
and 118 more
CVE-2019-19063
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka...
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
redhat/kernel-rt<0:4.18.0-240.rt7.54.el8
redhat/kernel<0:4.18.0-240.el8
ubuntu/linux<4.15.0-88.88
ubuntu/linux<5.3.0-40.32
and 116 more
CVE-2019-19044
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggerin...
ubuntu/linux<5.3.0-26.28
ubuntu/linux<5.4~
ubuntu/linux-aws<5.3.0-1009.10
ubuntu/linux-aws<5.4~
ubuntu/linux-aws-5.0<5.4~
ubuntu/linux-aws-hwe<5.4~
and 69 more
CVE-2019-19061
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CI...
ubuntu/linux<4.15.0-118.119
ubuntu/linux<5.3.0-24.26
ubuntu/linux<5.4~
ubuntu/linux<4.4.0-207.239
ubuntu/linux-aws<4.15.0-1083.87
ubuntu/linux-aws<5.3.0-1008.9
and 115 more
CVE-2019-19053
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggerin...
ubuntu/linux<5.3.0-42.34
ubuntu/linux<5.5~
ubuntu/linux-aws<5.3.0-1013.14
ubuntu/linux-aws<5.5~
ubuntu/linux-aws-5.0<5.0.0-1027.30
ubuntu/linux-aws-5.0<5.5~
and 80 more
CVE-2019-19060
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab61...
ubuntu/linux<4.15.0-72.81
ubuntu/linux<5.0.0-38.41
ubuntu/linux<5.3.0-24.26
ubuntu/linux<5.4~
ubuntu/linux<4.4.0-179.209
ubuntu/linux-aws<4.15.0-1056.58
and 116 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203