Vulnerabilities > Netapp > A700S Firmware

DATE CVE VULNERABILITY TITLE RISK
2020-11-23 CVE-2020-15436 Use After Free vulnerability in multiple products
Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field.
local
low complexity
linux broadcom netapp CWE-416
6.7
2020-07-24 CVE-2020-15778 OS Command Injection vulnerability in multiple products
scp in OpenSSH through 8.3p1 allows command injection in the scp.c toremote function, as demonstrated by backtick characters in the destination argument.
local
low complexity
openbsd netapp broadcom CWE-78
7.8
2020-05-18 CVE-2020-13143 Out-of-bounds Read vulnerability in multiple products
gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4.
network
low complexity
linux opensuse debian canonical netapp CWE-125
6.5
2020-05-15 CVE-2020-12888 Improper Handling of Exceptional Conditions vulnerability in multiple products
The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space.
5.3
2020-05-09 CVE-2020-12771 Improper Locking vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.6.11.
4.9
2020-05-09 CVE-2020-12770 An issue was discovered in the Linux kernel through 5.6.11.
local
low complexity
linux fedoraproject canonical debian netapp
6.7
2020-05-09 CVE-2020-12769 Improper Synchronization vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.4.17.
local
low complexity
linux debian canonical opensuse netapp CWE-662
4.9
2020-05-05 CVE-2020-12653 Out-of-bounds Write vulnerability in multiple products
An issue was found in Linux kernel before 5.5.4.
local
low complexity
linux opensuse debian netapp CWE-787
4.6
2020-04-29 CVE-2020-11884 Race Condition vulnerability in multiple products
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171.
7.0
2020-04-02 CVE-2020-8835 Out-of-bounds Write vulnerability in multiple products
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory.
local
low complexity
linux fedoraproject canonical netapp CWE-787
7.8