Vulnerabilities > Netapp > HCI Baseboard Management Controller > High

DATE CVE VULNERABILITY TITLE RISK
2022-09-01 CVE-2022-1729 Race Condition vulnerability in multiple products
A race condition was found the Linux kernel in perf_event_open() which can be exploited by an unprivileged user to gain root privileges.
local
high complexity
linux netapp CWE-362
7.0
2022-04-03 CVE-2022-28390 Double Free vulnerability in multiple products
ems_usb_start_xmit in drivers/net/can/usb/ems_usb.c in the Linux kernel through 5.17.1 has a double free.
local
low complexity
linux fedoraproject debian netapp CWE-415
7.8
2022-02-04 CVE-2021-4154 Use After Free vulnerability in multiple products
A use-after-free flaw was found in cgroup1_parse_param in kernel/cgroup/cgroup-v1.c in the Linux kernel's cgroup v1 parser.
local
low complexity
linux redhat netapp CWE-416
8.8
2022-01-06 CVE-2021-46143 Integer Overflow or Wraparound vulnerability in multiple products
In doProlog in xmlparse.c in Expat (aka libexpat) before 2.4.3, an integer overflow exists for m_groupSize.
7.8
2022-01-01 CVE-2021-45960 Incorrect Calculation vulnerability in multiple products
In Expat (aka libexpat) before 2.4.3, a left shift by 29 (or more) places in the storeAtts function in xmlparse.c can lead to realloc misbehavior (e.g., allocating too few bytes, or only freeing memory).
8.8
2020-02-06 CVE-2020-8648 Use After Free vulnerability in multiple products
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
7.1
2019-12-08 CVE-2019-19447 Use After Free vulnerability in multiple products
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
local
low complexity
linux netapp CWE-416
7.8
2019-11-18 CVE-2019-19061 Memory Leak vulnerability in multiple products
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5
2019-11-18 CVE-2019-19060 Memory Leak vulnerability in multiple products
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
network
low complexity
linux netapp broadcom canonical opensuse CWE-401
7.5
2019-11-18 CVE-2019-19053 Memory Leak vulnerability in multiple products
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5