|
2024-05-06
|
CVE-2024-33600
|
nscd: Null pointer crashes after notfound response
If the Name Service Cache Daemon's (nscd) cache fails to add a not-found
netgroup response to the cache, the client request can result in a null
pointer dereference. This flaw was introduced in glibc 2.15 when the
cache was added to nscd.
This vulnerability is only present in the nscd binary.
|
Debian_linux, Glibc, Active_iq_unified_manager, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_bootstrap_os
|
N/A
|
|
|
|
2024-02-29
|
CVE-2024-26458
|
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
|
Kerberos_5, Active_iq_unified_manager, Cloud_volumes_ontap_mediator, H610c_firmware, H610s_firmware, H615c_firmware, Management_services_for_element_software_and_netapp_hci, Ontap_9, Ontap_select_deploy_administration_utility
|
N/A
|
|
|
|
2024-02-29
|
CVE-2024-26461
|
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
|
Kerberos_5, Active_iq_unified_manager, Cloud_volumes_ontap_mediator, H610c_firmware, H610s_firmware, H615c_firmware, Management_services_for_element_software_and_netapp_hci, Ontap_9, Ontap_select_deploy_administration_utility
|
N/A
|
|
|
|
2024-02-29
|
CVE-2024-26458
|
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c.
|
Kerberos_5, Active_iq_unified_manager, Cloud_volumes_ontap_mediator, H610c_firmware, H610s_firmware, H615c_firmware, Management_services_for_element_software_and_netapp_hci, Ontap_9, Ontap_select_deploy_administration_utility
|
N/A
|
|
|
|
2024-02-29
|
CVE-2024-26461
|
Kerberos 5 (aka krb5) 1.21.2 contains a memory leak vulnerability in /krb5/src/lib/gssapi/krb5/k5sealv3.c.
|
Kerberos_5, Active_iq_unified_manager, Cloud_volumes_ontap_mediator, H610c_firmware, H610s_firmware, H615c_firmware, Management_services_for_element_software_and_netapp_hci, Ontap_9, Ontap_select_deploy_administration_utility
|
N/A
|
|
|
|
2022-07-27
|
CVE-2022-36879
|
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
|
Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Aff_500f_firmware, Aff_8300_firmware, Aff_8700_firmware, Aff_a250_firmware, Aff_a400_firmware, E\-Series_santricity_os_controller, Fas_500f_firmware, Fas_8300_firmware, Fas_8700_firmware, Fas_a250_firmware, Fas_a400_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_bootstrap_os
|
5.5
|
|
|
|
2022-07-27
|
CVE-2022-36879
|
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
|
Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Aff_500f_firmware, Aff_8300_firmware, Aff_8700_firmware, Aff_a250_firmware, Aff_a400_firmware, E\-Series_santricity_os_controller, Fas_500f_firmware, Fas_8300_firmware, Fas_8700_firmware, Fas_a250_firmware, Fas_a400_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_bootstrap_os
|
5.5
|
|
|
|
2022-06-21
|
CVE-2022-2068
|
In addition to the c_rehash shell command injection identified in CVE-2022-1292, further circumstances where the c_rehash script does not properly sanitise shell metacharacters to prevent command injection were found by code review. When the CVE-2022-1292 was fixed it was not discovered that there are other places in the script where the file names of certificates being hashed were possibly passed to a command executed through the shell. This script is distributed by some operating systems...
|
Sannav, Debian_linux, Fedora, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Bootstrap_os, Element_software, Fas_8300_firmware, Fas_8700_firmware, Fas_a400_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_management_node, Ontap_antivirus_connector, Ontap_select_deploy_administration_utility, Santricity_smi\-S_provider, Smi\-S_provider, Snapmanager, Solidfire, Openssl, Sinec_ins
|
9.8
|
|
|
|
2022-07-27
|
CVE-2022-36879
|
An issue was discovered in the Linux kernel through 5.18.14. xfrm_expand_policies in net/xfrm/xfrm_policy.c can cause a refcount to be dropped twice.
|
Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Aff_500f_firmware, Aff_8300_firmware, Aff_8700_firmware, Aff_a250_firmware, Aff_a400_firmware, E\-Series_santricity_os_controller, Fas_500f_firmware, Fas_8300_firmware, Fas_8700_firmware, Fas_a250_firmware, Fas_a400_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700s_firmware, Hci_bootstrap_os
|
5.5
|
|
|
|
2024-04-03
|
CVE-2024-26733
|
In the Linux kernel, the following vulnerability has been resolved:
arp: Prevent overflow in arp_req_get().
syzkaller reported an overflown write in arp_req_get(). [0]
When ioctl(SIOCGARP) is issued, arp_req_get() looks up an neighbour
entry and copies neigh->ha to struct arpreq.arp_ha.sa_data.
The arp_ha here is struct sockaddr, not struct sockaddr_storage, so
the sa_data buffer is just 14 bytes.
In the splat below, 2 bytes are overflown to the next int field,
arp_flags. We initialise...
|
Debian_linux, Linux_kernel, 8200_firmware, 8300_firmware, 8700_firmware, 9000_firmware, 9500_firmware, A150_firmware, A1k_firmware, A220_firmware, A300_firmware, A320_firmware, A400_firmware, A700_firmware, A700s_firmware, A70_firmware, A800_firmware, A900_firmware, A90_firmware, C190_firmware, C400_firmware, C800_firmware, E\-Series_santricity_os_controller, Fas2720_firmware, Fas2750_firmware, Fas2820_firmware, H610c_firmware, H610s_firmware, H615c_firmware
|
5.5
|
|
|