Vulnerabilities > Netapp > Steelstore Cloud Integrated Storage > High

DATE CVE VULNERABILITY TITLE RISK
2019-12-08 CVE-2019-19448 Use After Free vulnerability in multiple products
In the Linux kernel 5.0.21 and 5.3.11, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in try_merge_free_space in fs/btrfs/free-space-cache.c because the pointer to a left data structure can be the same as the pointer to a right data structure.
local
low complexity
linux debian canonical netapp CWE-416
7.8
2019-12-08 CVE-2019-19447 Use After Free vulnerability in multiple products
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
local
low complexity
linux netapp CWE-416
7.8
2019-11-29 CVE-2019-19377 Use After Free vulnerability in multiple products
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
local
low complexity
linux netapp CWE-416
7.8
2019-11-18 CVE-2019-19069 Memory Leak vulnerability in multiple products
A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5
2019-11-18 CVE-2019-19061 Memory Leak vulnerability in multiple products
A memory leak in the adis_update_scan_mode_burst() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-9c0530e898f3.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5
2019-11-18 CVE-2019-19060 Memory Leak vulnerability in multiple products
A memory leak in the adis_update_scan_mode() function in drivers/iio/imu/adis_buffer.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption), aka CID-ab612b1daf41.
network
low complexity
linux netapp broadcom canonical opensuse CWE-401
7.5
2019-11-18 CVE-2019-19053 Memory Leak vulnerability in multiple products
A memory leak in the rpmsg_eptdev_write_iter() function in drivers/rpmsg/rpmsg_char.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering copy_from_iter_full() failures, aka CID-bbe692e349e2.
network
low complexity
linux canonical netapp broadcom CWE-401
7.5
2019-11-18 CVE-2019-19052 Memory Leak vulnerability in multiple products
A memory leak in the gs_can_open() function in drivers/net/can/usb/gs_usb.c in the Linux kernel before 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering usb_submit_urb() failures, aka CID-fb5be6a7b486.
7.5
2019-11-18 CVE-2019-19050 Memory Leak vulnerability in multiple products
A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.
7.5
2019-11-18 CVE-2019-19044 Memory Leak vulnerability in multiple products
Two memory leaks in the v3d_submit_cl_ioctl() function in drivers/gpu/drm/v3d/v3d_gem.c in the Linux kernel before 5.3.11 allow attackers to cause a denial of service (memory consumption) by triggering kcalloc() or v3d_job_init() failures, aka CID-29cd13cfd762.
network
low complexity
linux netapp broadcom canonical CWE-401
7.5