Vulnerabilities > Netapp > H300S Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-05-17 CVE-2022-29581 Improper Update of Reference Count vulnerability in net/sched of Linux Kernel allows local attacker to cause privilege escalation to root.
local
low complexity
linux debian canonical netapp
7.8
2022-05-16 CVE-2022-1679 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Atheros wireless adapter driver in the way a user forces the ath9k_htc_wait_for_target function to fail with some input messages.
local
low complexity
linux debian netapp CWE-416
7.8
2022-05-12 CVE-2022-30594 Missing Authorization vulnerability in multiple products
The Linux kernel before 5.17.2 mishandles seccomp permissions.
local
low complexity
linux debian netapp CWE-862
7.8
2022-05-03 CVE-2022-1473 Incomplete Cleanup vulnerability in multiple products
The OPENSSL_LH_flush() function, which empties a hash table, contains a bug that breaks reuse of the memory occuppied by the removed hash table entries.
network
low complexity
openssl netapp CWE-459
7.5
2022-05-02 CVE-2022-29968 Missing Initialization of Resource vulnerability in multiple products
An issue was discovered in the Linux kernel through 5.17.5.
local
low complexity
linux fedoraproject netapp CWE-909
7.8
2022-04-29 CVE-2022-1048 Use After Free vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params.
local
high complexity
linux redhat debian netapp CWE-416
7.0
2022-04-29 CVE-2022-1353 A vulnerability was found in the pfkey_register function in net/key/af_key.c in the Linux kernel.
local
low complexity
linux debian redhat netapp
7.1
2022-04-13 CVE-2022-29156 Double Free vulnerability in multiple products
drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.
local
low complexity
linux netapp CWE-415
7.8
2022-04-11 CVE-2022-28893 Use After Free vulnerability in multiple products
The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
local
low complexity
linux netapp debian CWE-416
7.8
2022-04-08 CVE-2022-28796 Race Condition vulnerability in multiple products
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
local
high complexity
linux redhat fedoraproject netapp CWE-362
7.0