Vulnerabilities > Netapp > H410C Firmware

DATE CVE VULNERABILITY TITLE RISK
2022-04-03 CVE-2022-28389 Double Free vulnerability in multiple products
mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux fedoraproject debian netapp CWE-415
5.5
2022-03-30 CVE-2022-0998 Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function.
local
low complexity
linux netapp CWE-190
7.8
2022-03-29 CVE-2022-1055 Use After Free vulnerability in multiple products
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation.
7.8
2022-03-25 CVE-2021-4203 Race Condition vulnerability in multiple products
A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel.
network
high complexity
linux netapp oracle CWE-362
6.8
2022-03-25 CVE-2022-0330 Improper Preservation of Permissions vulnerability in multiple products
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU.
local
low complexity
linux redhat fedoraproject netapp CWE-281
7.8
2022-03-25 CVE-2022-0500 Out-of-bounds Write vulnerability in multiple products
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF.
local
low complexity
linux fedoraproject netapp CWE-787
7.8
2022-03-25 CVE-2022-0995 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem.
local
low complexity
linux fedoraproject netapp CWE-787
7.8
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
2022-03-23 CVE-2021-4197 Improper Authentication vulnerability in multiple products
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process.
local
low complexity
linux debian oracle broadcom netapp CWE-287
7.8
2022-03-23 CVE-2021-25220 HTTP Request Smuggling vulnerability in multiple products
BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL.
network
low complexity
isc fedoraproject netapp siemens juniper CWE-444
6.8