Vulnerabilities > Netapp > H410C Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-02-16 CVE-2022-25258 NULL Pointer Dereference vulnerability in multiple products
An issue was discovered in drivers/usb/gadget/composite.c in the Linux kernel before 5.16.10.
4.6
2022-02-16 CVE-2021-3752 Race Condition vulnerability in multiple products
A use-after-free flaw was found in the Linux kernel’s Bluetooth subsystem in the way user calls connect to the socket and disconnect simultaneously due to a race condition.
7.1
2022-02-16 CVE-2021-3753 Out-of-bounds Read vulnerability in multiple products
A race problem was seen in the vt_k_ioctl in drivers/tty/vt/vt_ioctl.c in the Linux kernel, which may cause an out of bounds read in vt as the write access to vc_mode is not protected by lock-in vt_ioctl (KDSETMDE).
local
high complexity
linux redhat netapp CWE-125
4.7
2022-02-16 CVE-2021-3760 Use After Free vulnerability in multiple products
A flaw was found in the Linux kernel.
local
low complexity
linux fedoraproject debian netapp CWE-416
7.8
2022-02-11 CVE-2022-0185 Integer Underflow (Wrap or Wraparound) vulnerability in multiple products
A heap-based buffer overflow flaw was found in the way the legacy_parse_param function in the Filesystem Context functionality of the Linux kernel verified the supplied parameters length.
local
low complexity
linux netapp CWE-191
8.4
2022-02-11 CVE-2022-24958 Release of Invalid Pointer or Reference vulnerability in multiple products
drivers/usb/gadget/legacy/inode.c in the Linux kernel through 5.16.8 mishandles dev->buf release.
local
low complexity
linux fedoraproject netapp debian CWE-763
7.8
2022-01-29 CVE-2022-24122 Use After Free vulnerability in multiple products
kernel/ucount.c in the Linux kernel 5.14 through 5.16.4, when unprivileged user namespaces are enabled, allows a use-after-free and privilege escalation because a ucounts object can outlive its namespace.
local
low complexity
linux netapp fedoraproject CWE-416
7.8
2022-01-26 CVE-2021-22600 Double Free vulnerability in multiple products
A double free bug in packet_set_ring() in net/packet/af_packet.c can be exploited by a local user through crafted syscalls to escalate privileges or deny service.
local
high complexity
linux debian netapp CWE-415
7.0
2022-01-25 CVE-2021-34866 Type Confusion vulnerability in multiple products
This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.14-rc3.
local
low complexity
linux netapp CWE-843
7.8
2022-01-18 CVE-2021-4083 Race Condition vulnerability in multiple products
A read-after-free memory flaw was found in the Linux kernel's garbage collection for Unix domain socket file handlers in the way users call close() and fget() simultaneously and can potentially trigger a race condition.
local
high complexity
linux netapp debian oracle CWE-362
7.0