Note:
This project will be discontinued after December 13, 2021. [more]
Product:
8300_firmware
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 14 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-04-03 | CVE-2024-26733 | In the Linux kernel, the following vulnerability has been resolved: arp: Prevent overflow in arp_req_get(). syzkaller reported an overflown write in arp_req_get(). [0] When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour entry and copies neigh->ha to struct arpreq.arp_ha.sa_data. The arp_ha here is struct sockaddr, not struct sockaddr_storage, so the sa_data buffer is just 14 bytes. In the splat below, 2 bytes are overflown to the next int field, arp_flags. We initialise... | Debian_linux, Linux_kernel, 8200_firmware, 8300_firmware, 8700_firmware, 9000_firmware, 9500_firmware, A150_firmware, A1k_firmware, A220_firmware, A300_firmware, A320_firmware, A400_firmware, A700_firmware, A700s_firmware, A70_firmware, A800_firmware, A900_firmware, A90_firmware, C190_firmware, C400_firmware, C800_firmware, E\-Series_santricity_os_controller, Fas2720_firmware, Fas2750_firmware, Fas2820_firmware, H610c_firmware, H610s_firmware, H615c_firmware | 5.5 | ||
| 2024-04-03 | CVE-2024-26735 | In the Linux kernel, the following vulnerability has been resolved: ipv6: sr: fix possible use-after-free and null-ptr-deref The pernet operations structure for the subsystem must be registered before registering the generic netlink family. | Debian_linux, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, C400_firmware, E\-Series_santricity_os_controller, H610c_firmware, H610s_firmware, H615c_firmware | 5.5 | ||
| 2020-04-02 | CVE-2020-8835 | In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780) | Ubuntu_linux, Fedora, Linux_kernel, 8300_firmware, 8700_firmware, A220_firmware, A320_firmware, A400_firmware, A700s_firmware, A800_firmware, C190_firmware, Cloud_backup, Fas2720_firmware, Fas2750_firmware, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage | 7.8 | ||
| 2020-06-24 | CVE-2020-15025 | ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file. | 8300_firmware, 8700_firmware, A400_firmware, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Steelstore_cloud_integrated_storage, Ntp, Leap, Zfs_storage_appliance_kit | 4.9 |