Vulnerabilities > Netapp > Data Availability Services > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-12-23 CVE-2019-5108 Improper Authentication vulnerability in multiple products
An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3.
6.5
2019-12-22 CVE-2019-19922 Resource Exhaustion vulnerability in multiple products
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1.
local
low complexity
linux debian canonical oracle netapp CWE-400
5.5
2019-12-17 CVE-2019-19813 Use After Free vulnerability in multiple products
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c.
local
low complexity
linux canonical debian netapp CWE-416
5.5
2019-11-28 CVE-2019-19318 Use After Free vulnerability in multiple products
In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer,
local
low complexity
linux opensuse canonical debian netapp CWE-416
4.4
2019-11-18 CVE-2019-19063 Memory Leak vulnerability in multiple products
Two memory leaks in the rtl_usb_probe() function in drivers/net/wireless/realtek/rtlwifi/usb.c in the Linux kernel through 5.3.11 allow attackers to cause a denial of service (memory consumption), aka CID-3f9361695113.
4.6
2019-11-18 CVE-2019-19054 Memory Leak vulnerability in multiple products
A memory leak in the cx23888_ir_probe() function in drivers/media/pci/cx23885/cx23888-ir.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering kfifo_alloc() failures, aka CID-a7b2df76b42b.
4.7
2019-11-14 CVE-2019-14591 Improper Input Validation vulnerability in multiple products
Improper input validation in the API for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp CWE-20
5.5
2019-11-14 CVE-2019-14590 Improper Privilege Management vulnerability in multiple products
Improper access control in the API for the Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable information disclosure via local access.
local
low complexity
intel netapp CWE-269
5.5
2019-11-14 CVE-2019-14574 Out-of-bounds Read vulnerability in multiple products
Out of bounds read in a subsystem for Intel(R) Graphics Driver versions before 26.20.100.7209 may allow an authenticated user to potentially enable denial of service via local access.
local
low complexity
intel netapp CWE-125
5.5
2019-11-14 CVE-2019-11113 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
Buffer overflow in Kernel Mode module for Intel(R) Graphics Driver before version 25.20.100.6618 (DCH) or 21.20.x.5077 (aka15.45.5077) may allow a privileged user to potentially enable information disclosure via local access.
local
low complexity
intel netapp CWE-119
4.4