Vulnerabilities > Netapp > H300S Firmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-04-08 CVE-2022-28796 Race Condition vulnerability in multiple products
jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
local
high complexity
linux redhat fedoraproject netapp CWE-362
7.0
2022-03-30 CVE-2022-0998 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function.
local
low complexity
linux netapp CWE-190
7.8
2022-03-29 CVE-2022-1055 Use After Free vulnerability in multiple products
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation.
7.8
2022-03-25 CVE-2021-4157 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS).
8.0
2022-03-25 CVE-2022-0330 Improper Preservation of Permissions vulnerability in multiple products
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU.
local
low complexity
linux redhat fedoraproject netapp CWE-281
7.8
2022-03-25 CVE-2022-0435 Out-of-bounds Write vulnerability in multiple products
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed.
network
low complexity
linux redhat ovirt fedoraproject netapp CWE-787
8.8
2022-03-25 CVE-2022-0500 Out-of-bounds Write vulnerability in multiple products
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF.
local
low complexity
linux fedoraproject netapp CWE-787
7.8
2022-03-25 CVE-2022-0995 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem.
local
low complexity
linux fedoraproject netapp CWE-787
7.8
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
2022-03-23 CVE-2021-4197 Improper Authentication vulnerability in multiple products
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process.
local
low complexity
linux debian oracle broadcom netapp CWE-287
7.8