Vulnerabilities > Netapp > Cloud Backup > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-04-29 CVE-2021-25214 Reachable Assertion vulnerability in multiple products
In BIND 9.8.5 -> 9.8.8, 9.9.3 -> 9.11.29, 9.12.0 -> 9.16.13, and versions BIND 9.9.3-S1 -> 9.11.29-S1 and 9.16.8-S1 -> 9.16.13-S1 of BIND 9 Supported Preview Edition, as well as release versions 9.17.0 -> 9.17.11 of the BIND 9.17 development branch, when a vulnerable version of named receives a malformed IXFR triggering the flaw described above, the named process will terminate due to a failed assertion the next time the transferred secondary zone is refreshed.
network
low complexity
isc debian fedoraproject siemens netapp CWE-617
6.5
2021-03-26 CVE-2021-20284 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
A flaw was found in GNU Binutils 2.35.1, where there is a heap-based buffer overflow in _bfd_elf_slurp_secondary_reloc_section in elf.c due to the number of symbols not calculated correctly.
local
low complexity
gnu netapp CWE-119
5.5
2021-03-26 CVE-2021-20197 Link Following vulnerability in multiple products
There is an open race window when writing output in the following utilities in GNU binutils version 2.35 and earlier:ar, objcopy, strip, ranlib.
local
high complexity
gnu redhat netapp broadcom CWE-59
6.3
2021-03-22 CVE-2021-28972 Classic Buffer Overflow vulnerability in multiple products
In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly.
local
low complexity
linux fedoraproject netapp CWE-120
6.7
2021-03-22 CVE-2021-28971 Improper Handling of Exceptional Conditions vulnerability in multiple products
In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6.
local
low complexity
linux fedoraproject debian netapp CWE-755
5.5
2021-03-22 CVE-2021-28964 Race Condition vulnerability in multiple products
A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8.
local
high complexity
linux fedoraproject debian netapp CWE-362
4.7
2021-03-20 CVE-2021-28951 Improper Locking vulnerability in multiple products
An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8.
local
low complexity
linux fedoraproject netapp CWE-667
5.5
2021-03-07 CVE-2021-27363 An issue was discovered in the Linux kernel through 5.11.3.
local
low complexity
linux debian netapp
4.4
2021-03-05 CVE-2021-28039 Incorrect Calculation of Buffer Size vulnerability in multiple products
An issue was discovered in the Linux kernel 5.9.x through 5.11.3, as used with Xen.
local
low complexity
xen linux netapp CWE-131
6.5
2021-03-05 CVE-2021-28038 Allocation of Resources Without Limits or Throttling vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.11.3, as used with Xen PV.
local
low complexity
linux debian netapp CWE-770
6.5