Note:
This project will be discontinued after December 13, 2021. [more]
Product:
H300s
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 26 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2023-06-28 | CVE-2023-3390 | A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. | Linux_kernel, H300s, H410c, H410s, H500s, H700s | 7.8 | ||
| 2023-04-05 | CVE-2023-1838 | A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem. | Linux_kernel, H300s, H410c, H410s, H500s, H700s | 7.1 | ||
| 2023-06-18 | CVE-2023-35829 | An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in rkvdec_remove in drivers/staging/media/rkvdec/rkvdec.c. | Linux_kernel, H300s, H410s, H500s, H700s | 7.0 | ||
| 2023-04-11 | CVE-2023-1989 | A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. | Debian_linux, Linux_kernel, H300s, H410c, H410s, H500s, H700s | 7.0 | ||
| 2023-07-05 | CVE-2023-35001 | Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace | Debian_linux, Fedora, Linux_kernel, H300s, H410c, H410s, H500s, H700s | 7.8 | ||
| 2023-07-31 | CVE-2023-4004 | A use-after-free flaw was found in the Linux kernel's netfilter in the way a user triggers the nft_pipapo_remove function with the element, without a NFT_SET_EXT_KEY_END. This issue could allow a local user to crash the system or potentially escalate their privileges on the system. | Debian_linux, Fedora, Linux_kernel, H300s, H410s, H500s, H700s, Enterprise_linux | 7.8 | ||
| 2023-07-18 | CVE-2023-38430 | An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. | Linux_kernel, H300s, H410s, H500s, H700s, Hci_management_node | 9.1 | ||
| 2023-07-18 | CVE-2023-38426 | An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length. | Linux_kernel, H300s, H410s, H500s, H700s, Solidfire_\&_hci_management_node, Solidfire_\&_hci_storage_node | 9.1 | ||
| 2023-07-18 | CVE-2023-38432 | An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read. | Linux_kernel, H300s, H410s, H500s, H700s, Solidfire, Solidfire_\&_hci_storage_node | 9.1 | ||
| 2023-07-24 | CVE-2023-32257 | A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. | Linux_kernel, H300s, H410s, H500s, H700s, Solidfire_\&_hci_storage_node | 8.1 |