Latest netapp snapprotect Vulnerabilities

CVE-2018-20839
systemd 242 changes the VT1 mode upon a logout, which allows attackers to read cleartext passwords in certain circumstances, such as watching a shutdown, or using Ctrl-Alt-F1 and Ctrl-Alt-F2. This occ...
Systemd Project Systemd=242
Netapp Cn1610 Firmware
Netapp Cn1610
Netapp Snapprotect
IBM Cloud Pak for Business Automation
CVE-2019-11815
An issue was discovered in rds_tcp_kill_sock in net/rds/tcp.c in the Linux kernel before 5.0.8. There is a race condition leading to a use-after-free, related to net namespace cleanup.
debian/linux<=4.9.168-2<=4.19.28-2<=3.16.64-2<=4.9.168-1
ubuntu/linux<4.15.0-55.60
ubuntu/linux<5.0.0-16.17
ubuntu/linux<5.1~
ubuntu/linux<4.4.0-150.176
ubuntu/linux-aws<4.15.0-1047.49
and 93 more
CVE-2019-11486
The Siemens R3964 line discipline driver in drivers/tty/n_r3964.c in the Linux kernel before 5.0.8 has multiple race conditions.
debian/linux
Linux Linux kernel<3.16.66
Linux Linux kernel>=3.17<3.18.139
Linux Linux kernel>=3.19<4.4.179
Linux Linux kernel>=4.5<4.9.169
Linux Linux kernel>=4.10<4.14.112
and 12 more
CVE-2019-3900
An infinite loop issue was found in the vhost_net kernel module in Linux Kernel up to and including v5.1-rc6, while handling incoming packets in handle_rx(). It could occur if one end sends packets fa...
redhat/kernel<0:2.6.32-754.24.2.el6
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel-alt<0:4.14.0-115.10.1.el7a
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel<0:3.10.0-693.61.1.el7
redhat/kernel<0:3.10.0-862.44.2.el7
and 114 more
CVE-2019-10125
An issue was discovered in aio_poll() in fs/aio.c in the Linux kernel through 5.0.4. A file may be released by aio_poll_wake() if an expected event is triggered immediately (e.g., by the close of a pa...
Linux Linux kernel>=4.19<4.19.38
Linux Linux kernel>=5.0<5.0.5
Linux Linux kernel=5.1-rc1
Netapp Active Iq Unified Manager Vmware Vsphere>=9.5
Netapp Hci Management Node
Netapp Snapprotect
and 3 more
CVE-2018-20669
An issue where a provided address with access_ok() is not checked was discovered in i915_gem_execbuffer2_ioctl in drivers/gpu/drm/i915/i915_gem_execbuffer.c in the Linux kernel through 4.19.13. A loca...
Linux Linux kernel>=4.13<4.14.185
Linux Linux kernel>=4.15<4.19.129
Linux Linux kernel>=4.20<5.0
Canonical Ubuntu Linux=14.04
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
and 77 more
CVE-2019-3882
A flaw was found in the Linux kernel's vfio interface implementation that permits violation of the user's locked memory limit. If a device is bound to a vfio driver, such as vfio-pci, and the local at...
redhat/kernel-rt<0:3.10.0-1062.rt56.1022.el7
redhat/kernel<0:3.10.0-1062.el7
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
ubuntu/linux<4.15.0-50.54
ubuntu/linux<4.18.0-20.21
and 99 more
CVE-2019-3874
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches a...
redhat/kernel-rt<0:4.18.0-147.rt24.93.el8
redhat/kernel<0:4.18.0-147.el8
Linux Linux kernel>=3.10.1<=3.10.108
Linux Linux kernel>=4.18.1<=4.18.20
Debian Debian Linux=8.0
Redhat Enterprise Linux=7.0
and 88 more
CVE-2019-3844
It was discovered that a systemd service that uses DynamicUser property can get new privileges through the execution of SUID binaries, which would allow to create binaries owned by the service transie...
Systemd Project Systemd<242
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Netapp Hci Management Node
Netapp Snapprotect
and 8 more
CVE-2019-3843
It was discovered that a systemd service that uses DynamicUser property can create a SUID/SGID binary that would be allowed to run as the transient service UID/GID even after the service is terminated...
Systemd Project Systemd<242
Fedoraproject Fedora=30
Canonical Ubuntu Linux=16.04
Canonical Ubuntu Linux=18.04
Canonical Ubuntu Linux=19.10
Netapp Hci Management Node
and 9 more
CVE-2019-1559
OpenSSL could allow a remote attacker to obtain sensitive information, caused by the failure to immediately close the TCP connection after the hosts encounter a zero-length record with valid padding. ...
redhat/openssl<0:1.0.1e-58.el6_10
redhat/openssl<1:1.0.2k-19.el7
redhat/jws5-ecj<0:4.12.0-1.redhat_1.1.el6
redhat/jws5-javapackages-tools<0:3.4.1-5.15.11.el6
redhat/jws5-jboss-logging<0:3.3.2-1.Final_redhat_00001.1.el6
redhat/jws5-tomcat<0:9.0.21-10.redhat_4.1.el6
and 226 more
CVE-2019-9162
In the Linux kernel before 4.20.12, net/ipv4/netfilter/nf_nat_snmp_basic_main.c in the SNMP NAT module has insufficient ASN.1 length checks (aka an array index error), making out-of-bounds read and wr...
Linux Linux kernel>=4.19<4.19.25
Linux Linux kernel>=4.20<4.20.12
Netapp Hci Management Node
Netapp Snapprotect
Netapp Solidfire
Canonical Ubuntu Linux=18.04
and 43 more
CVE-2019-9003
In the Linux kernel before 4.20.5, attackers can trigger a drivers/char/ipmi/ipmi_msghandler.c use-after-free and OOPS by arranging for certain simultaneous execution of the code, as demonstrated by a...
Linux Linux kernel>=4.18<4.19.18
Linux Linux kernel>=4.20<4.20.5
Linux Linux kernel=5.0-rc1
Linux Linux kernel=5.0-rc2
Linux Linux kernel=5.0-rc3
Linux Linux kernel=5.0-rc4
and 48 more
CVE-2018-20836
An issue was discovered in the Linux kernel before 4.20. There is a race condition in smp_task_timedout() and smp_task_done() in drivers/scsi/libsas/sas_expander.c, leading to a use-after-free.
redhat/kernel-rt<0:3.10.0-1160.rt56.1131.el7
redhat/kernel<0:3.10.0-1160.el7
redhat/kernel<0:3.10.0-957.65.1.el7
redhat/kernel<0:3.10.0-1062.43.1.el7
ubuntu/linux<4.15.0-44.47
ubuntu/linux<4.18.0-14.15
and 82 more

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203