Vulnerabilities > Netapp > High

DATE CVE VULNERABILITY TITLE RISK
2022-03-29 CVE-2022-1055 Use After Free vulnerability in multiple products
A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation.
7.8
2022-03-25 CVE-2021-4157 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products
An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS).
8.0
2022-03-25 CVE-2022-0330 Improper Preservation of Permissions vulnerability in multiple products
A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU.
local
low complexity
linux redhat fedoraproject netapp CWE-281
7.8
2022-03-25 CVE-2022-0435 Out-of-bounds Write vulnerability in multiple products
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed.
network
low complexity
linux redhat ovirt fedoraproject netapp CWE-787
8.8
2022-03-25 CVE-2022-0500 Out-of-bounds Write vulnerability in multiple products
A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF.
local
low complexity
linux fedoraproject netapp CWE-787
7.8
2022-03-25 CVE-2022-0995 Out-of-bounds Write vulnerability in multiple products
An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem.
local
low complexity
linux fedoraproject netapp CWE-787
7.8
2022-03-25 CVE-2018-25032 Out-of-bounds Write vulnerability in multiple products
zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
7.5
2022-03-23 CVE-2021-4197 Improper Authentication vulnerability in multiple products
An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process.
local
low complexity
linux debian oracle broadcom netapp CWE-287
7.8
2022-03-23 CVE-2022-0635 Reachable Assertion vulnerability in multiple products
Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.
network
low complexity
isc netapp CWE-617
7.5
2022-03-23 CVE-2022-27666 Out-of-bounds Write vulnerability in multiple products
A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c.
7.8