Aff_a700s_firmware - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Aff_a700s_firmware
(Netapp)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	18

Date	Id	Summary	Products	Score	Patch	Annotated
2019-07-17	CVE-2019-13272	In the Linux kernel before 5.1.17, ptrace_link in kernel/ptrace.c mishandles the recording of the credentials of a process that wants to create a ptrace relationship, which allows local users to obtain root access by leveraging certain scenarios with a parent-child process relationship, where a parent drops privileges and calls execve (potentially allowing control by an attacker). One contributing factor is an object lifetime issue (which can also cause a panic). Another contributing factor...	Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Active_iq_unified_manager, Aff_a700s_firmware, E\-Series_performance_analyzer, E\-Series_santricity_os_controller, H410c_firmware, H610s_firmware, Hci_compute_node, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Enterprise_linux, Enterprise_linux_for_real_time	7.8
2019-08-25	CVE-2019-15538	An issue was discovered in xfs_setattr_nonsize in fs/xfs/xfs_iops.c in the Linux kernel through 5.2.9. XFS partially wedges when a chgrp fails on account of being out of disk quota. xfs_setattr_nonsize is failing to unlock the ILOCK after the xfs_qm_vop_chown_reserve call fails. This is primarily a local DoS attack vector, but it might result as well in remote DoS if the XFS filesystem is exported for instance via NFS.	Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, Aff_a700s_firmware, Data_availability_services, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Leap	7.5
2019-11-18	CVE-2019-19050	A memory leak in the crypto_reportstat() function in crypto/crypto_user_stat.c in the Linux kernel through 5.3.11 allows attackers to cause a denial of service (memory consumption) by triggering crypto_reportstat_alg() failures, aka CID-c03b04dcdba1.	Fabric_operating_system, Ubuntu_linux, Fedora, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, E\-Series_santricity_os_controller, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Solidfire, Steelstore_cloud_integrated_storage	7.5
2019-12-17	CVE-2019-19816	In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled.	Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage	7.8
2022-08-18	CVE-2021-33060	Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access.	Xeon_gold_5315y_firmware, Xeon_gold_5317_firmware, Xeon_gold_5318h_firmware, Xeon_gold_5318n_firmware, Xeon_gold_5318s_firmware, Xeon_gold_5318y_firmware, Xeon_gold_5320_firmware, Xeon_gold_5320h_firmware, Xeon_gold_5320t_firmware, Xeon_gold_6312u_firmware, Xeon_gold_6314u_firmware, Xeon_gold_6326_firmware, Xeon_gold_6328h_firmware, Xeon_gold_6328hl_firmware, Xeon_gold_6330_firmware, Xeon_gold_6330h_firmware, Xeon_gold_6330n_firmware, Xeon_gold_6334_firmware, Xeon_gold_6336y_firmware, Xeon_gold_6338_firmware, Xeon_gold_6338n_firmware, Xeon_gold_6338t_firmware, Xeon_gold_6342_firmware, Xeon_gold_6346_firmware, Xeon_gold_6348_firmware, Xeon_gold_6348h_firmware, Xeon_gold_6354_firmware, Xeon_platinum_8351n_firmware, Xeon_platinum_8352m_firmware, Xeon_platinum_8352s_firmware, Xeon_platinum_8352v_firmware, Xeon_platinum_8352y_firmware, Xeon_platinum_8353h_firmware, Xeon_platinum_8354h_firmware, Xeon_platinum_8356h_firmware, Xeon_platinum_8358_firmware, Xeon_platinum_8358p_firmware, Xeon_platinum_8360h_firmware, Xeon_platinum_8360hl_firmware, Xeon_platinum_8360y_firmware, Xeon_platinum_8362_firmware, Xeon_platinum_8368_firmware, Xeon_platinum_8368q_firmware, Xeon_platinum_8376h_firmware, Xeon_platinum_8376hl_firmware, Xeon_platinum_8380_firmware, Xeon_platinum_8380h_firmware, Xeon_platinum_8380hl_firmware, Xeon_silver_4309y_firmware, Xeon_silver_4310_firmware, Xeon_silver_4310t_firmware, Xeon_silver_4314_firmware, Xeon_silver_4316_firmware, Aff_a200_firmware, Aff_a220_firmware, Aff_a250_firmware, Aff_a300_firmware, Aff_a320_firmware, Aff_a400_firmware, Aff_a700_firmware, Aff_a700s_firmware, Aff_a800_firmware, Aff_a900_firmware, Aff_c190_firmware, Fas2600_firmware, Fas2700_firmware, Fas500f_firmware, Fas8200_firmware, Fas8300_firmware, Fas8700_firmware, Fas9000_firmware, Fas9500_firmware	7.8
2021-06-07	CVE-2019-25045	An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46.	Linux_kernel, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Aff_a700s_firmware, Cloud_backup, Fabric\-Attached_storage_a400_firmware, Fas_8300_firmware, Fas_8700_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware	7.8
2020-06-29	CVE-2020-14145	The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected.	Active_iq_unified_manager, Aff_a700s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Ontap_select_deploy_administration_utility, Solidfire, Steelstore_cloud_integrated_storage, Openssh	5.9
2019-09-30	CVE-2019-16995	In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d.	Linux_kernel, Aff_a700s_firmware, Data_availability_services, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Leap	7.5
2019-11-18	CVE-2019-19069	A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99.	Fabric_operating_system, Ubuntu_linux, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, E\-Series_santricity_os_controller, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Solidfire, Steelstore_cloud_integrated_storage	7.5
2019-11-07	CVE-2019-18805	An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6.	Fabric_operating_system, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, E\-Series_santricity_os_controller, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_linux	9.8