NetApp Hci Baseboard Management Controller H500s

CPE Details

NetApp Hci Baseboard Management Controller H500s
netapp
hci_baseboard_management_controller
h500s
2022-03-01
14h54 +00:00
2023-11-09
12h59 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:netapp:hci_baseboard_management_controller:h500s:*:*:*:*:*:*:*

Informations

Vendor

netapp

Product

hci_baseboard_management_controller

Version

h500s

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2023-3141 2023-06-09 00h00 +00:00 A use-after-free flaw was found in r592_remove in drivers/memstick/host/r592.c in media access in the Linux Kernel. This flaw allows a local attacker to crash the system at device disconnect, possibly leading to a kernel information leak.
7.1
High
CVE-2023-2598 2023-05-31 22h00 +00:00 A flaw was found in the fixed buffer registration code for io_uring (io_sqe_buffer_register in io_uring/rsrc.c) in the Linux kernel that allows out-of-bounds access to physical memory beyond the end of the buffer. This flaw enables full local privilege escalation.
7.8
High
CVE-2023-32233 2023-05-07 22h00 +00:00 In the Linux kernel through 6.3.1, a use-after-free in Netfilter nf_tables when processing batch requests can be abused to perform arbitrary read and write operations on kernel memory. Unprivileged local users can obtain root privileges. This occurs because anonymous sets are mishandled.
7.8
High
CVE-2023-2236 2023-05-01 12h50 +00:00 A use-after-free vulnerability in the Linux Kernel io_uring subsystem can be exploited to achieve local privilege escalation. Both io_install_fixed_file and its callers call fput in a file in case of an error, causing a reference underflow which leads to a use-after-free vulnerability. We recommend upgrading past commit 9d94c04c0db024922e886c9fd429659f22f48ea4.
7.8
High
CVE-2023-2006 2023-04-23 22h00 +00:00 A race condition was found in the Linux kernel's RxRPC network protocol, within the processing of RxRPC bundles. This issue results from the lack of proper locking when performing operations on an object. This may allow an attacker to escalate privileges and execute arbitrary code in the context of the kernel.
7
High
CVE-2023-26607 2023-02-25 23h00 +00:00 In the Linux kernel 6.0.8, there is an out-of-bounds read in ntfs_attr_find in fs/ntfs/attrib.c.
7.1
High
CVE-2022-41858 2023-01-16 23h00 +00:00 A flaw was found in the Linux kernel. A NULL pointer dereference may occur while a slip driver is in progress to detach in sl_tx_timeout in drivers/net/slip/slip.c. This issue could allow an attacker to crash the system or leak internal kernel information.
7.1
High
CVE-2023-23559 2023-01-12 23h00 +00:00 In rndis_query_oid in drivers/net/wireless/rndis_wlan.c in the Linux kernel through 6.1.5, there is an integer overflow in an addition.
7.8
High
CVE-2022-41222 2022-09-20 22h00 +00:00 mm/mremap.c in the Linux kernel before 5.13.3 has a use-after-free via a stale TLB because an rmap lock is not held during a PUD move.
7
High
CVE-2022-39189 2022-09-01 22h00 +00:00 An issue was discovered the x86 KVM subsystem in the Linux kernel before 5.18.17. Unprivileged guest users can compromise the guest kernel because TLB flush operations are mishandled in certain KVM_VCPU_PREEMPTED situations.
7.8
High
CVE-2022-1729 2022-08-31 22h00 +00:00 A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges. The bug allows to build several exploit primitives such as kernel address information leak, arbitrary execution, etc.
7
High
CVE-2022-28390 2022-04-03 18h07 +00:00 ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
7.8
High
CVE-2021-4154 2022-02-04 21h29 +00:00 A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser. A local attacker with a user privilege could cause a privilege escalation by exploiting the fsconfig syscall parameter leading to a container breakout and a denial of service on the system.
8.8
High
CVE-2020-12659 2020-05-05 04h13 +00:00 An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
6.7
Medium
CVE-2020-12465 2020-04-29 16h52 +00:00 An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.
6.7
Medium
CVE-2020-12464 2020-04-29 15h59 +00:00 usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
6.7
Medium