Vulnerabilities > Netapp > Solidfire > Medium
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-05-08 | CVE-2020-10690 | Use After Free vulnerability in multiple products There is a use-after-free in kernel versions before 5.5 due to a race condition between the release of ptp_clock and cdev while resource deallocation. | 6.4 |
2020-04-08 | CVE-2019-20636 | Out-of-bounds Write vulnerability in multiple products In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. | 6.7 |
2020-03-04 | CVE-2020-10029 | Out-of-bounds Write vulnerability in multiple products The GNU C Library (aka glibc or libc6) before 2.32 could overflow an on-stack buffer during range reduction if an input to an 80-bit long double function contains a non-canonical bit pattern, a seen when passing a 0x5d414141414141410000 value to sinl on x86 targets. | 5.5 |
2020-02-25 | CVE-2020-9391 | Out-of-bounds Write vulnerability in multiple products An issue was discovered in the Linux kernel 5.4 and 5.5 through 5.5.6 on the AArch64 architecture. | 5.5 |
2020-02-14 | CVE-2020-8992 | Excessive Iteration vulnerability in multiple products ext4_protect_reserved_inode in fs/ext4/block_validity.c in the Linux kernel through 5.5.3 allows attackers to cause a denial of service (soft lockup) via a crafted journal size. | 5.5 |
2020-01-16 | CVE-2019-18282 | Use of Insufficiently Random Values vulnerability in multiple products The flow_dissector feature in the Linux kernel 4.3 through 5.x before 5.3.10 has a device tracking vulnerability, aka CID-55667441c84f. | 5.3 |
2019-12-30 | CVE-2019-20095 | Memory Leak vulnerability in multiple products mwifiex_tm_cmd in drivers/net/wireless/marvell/mwifiex/cfg80211.c in the Linux kernel before 5.1.6 has some error-handling cases that did not free allocated hostcmd memory, aka CID-003b686ace82. | 5.5 |
2019-12-25 | CVE-2019-19965 | NULL Pointer Dereference vulnerability in multiple products In the Linux kernel through 5.4.6, there is a NULL pointer dereference in drivers/scsi/libsas/sas_discover.c because of mishandling of port disconnection during discovery, related to a PHY down race condition, aka CID-f70267f379b5. | 4.7 |
2019-12-23 | CVE-2019-5108 | Improper Authentication vulnerability in multiple products An exploitable denial-of-service vulnerability exists in the Linux kernel prior to mainline 5.3. | 6.5 |
2019-12-17 | CVE-2019-19813 | Use After Free vulnerability in multiple products In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. | 5.5 |