Vulnerabilities > Netapp > HCI Baseboard Management Controller

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-1729 Race Condition vulnerability in multiple products
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges.
local
high complexity
linux netapp CWE-362
7.0
2022-04-03 CVE-2022-28390 Double Free vulnerability in multiple products
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux fedoraproject debian netapp CWE-415
7.8
2022-02-04 CVE-2021-4154 Use After Free vulnerability in multiple products
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser.
local
low complexity
linux redhat netapp CWE-416
8.8
2022-01-06 CVE-2021-46143 Integer Overflow or Wraparound vulnerability in multiple products
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
7.8
2022-01-01 CVE-2021-45960 Incorrect Calculation vulnerability in multiple products
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
8.8
2020-05-05 CVE-2020-12659 Out-of-bounds Write vulnerability in multiple products
An issue was discovered in the Linux kernel before 5.6.7.
local
low complexity
linux netapp CWE-787
6.7
2020-04-29 CVE-2020-12465 Classic Buffer Overflow vulnerability in multiple products
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf.
local
low complexity
linux netapp CWE-120
6.7
2020-04-29 CVE-2020-12464 Use After Free vulnerability in multiple products
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
local
low complexity
linux netapp CWE-416
6.7
2020-02-06 CVE-2020-8648 Use After Free vulnerability in multiple products
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
7.1
2019-12-25 CVE-2019-19966 Use After Free vulnerability in multiple products
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
4.6