Vulnerabilities > Netapp > HCI Management Node
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2019-12-08 | CVE-2019-19448 | Use After Free vulnerability in multiple products In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure. | 7.8 |
| 2019-11-30 | CVE-2019-19462 | NULL Pointer Dereference vulnerability in multiple products relay_open in kernel/relay.c in the Linux kernel through 5.4.1 allows local users to cause a denial of service (such as relay blockage) by triggering a NULL alloc_percpu result. | 5.5 |
| 2019-11-28 | CVE-2019-18276 | Improper Check for Dropped Privileges vulnerability in multiple products An issue was discovered in disable_priv_mode in shell.c in GNU Bash through 5.0 patch 11. | 7.8 |
| 2019-11-28 | CVE-2019-19318 | Use After Free vulnerability in multiple products In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer, | 2.1 |
| 2019-11-18 | CVE-2019-19069 | Memory Leak vulnerability in multiple products A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. | 7.8 |
| 2019-11-18 | CVE-2019-19050 | Memory Leak vulnerability in multiple products A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1. | 7.5 |
| 2019-11-07 | CVE-2019-18805 | Integer Overflow or Wraparound vulnerability in multiple products An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. | 7.5 |
| 2019-11-04 | CVE-2019-18683 | Use After Free vulnerability in multiple products An issue was discovered in drivers/media/platform/vivid in the Linux kernel through 5.3.8. | 7.0 |
| 2019-10-21 | CVE-2019-17498 | Integer Overflow or Wraparound vulnerability in multiple products In libssh2 v1.9.0 and earlier versions, the SSH_MSG_DISCONNECT logic in packet.c has an integer overflow in a bounds check, enabling an attacker to specify an arbitrary (out-of-bounds) offset for a subsequent memory read. | 8.1 |
| 2019-10-03 | CVE-2019-15166 | Classic Buffer Overflow vulnerability in multiple products lmp_print_data_link_subobjs() in print-lmp.c in tcpdump before 4.9.3 lacks certain bounds checks. | 7.5 |