Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Solidfire_baseboard_management_controller_firmware
(Netapp)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 69 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-12-11 | CVE-2020-27825 | A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. | Debian_linux, Linux_kernel, Cloud_backup, H410c_firmware, Solidfire_baseboard_management_controller_firmware, Enterprise_linux, Enterprise_mrg | 5.7 | ||
| 2021-01-05 | CVE-2020-36158 | mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. | Debian_linux, Fedora, Linux_kernel, Cloud_backup, Solidfire_baseboard_management_controller_firmware | 6.7 | ||
| 2021-03-15 | CVE-2021-28375 | An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. | Fedora, Linux_kernel, Cloud_backup, Solidfire_baseboard_management_controller_firmware | 7.8 | ||
| 2021-03-20 | CVE-2021-28951 | An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. | Fedora, Linux_kernel, A250_firmware, Aff_500f_firmware, Cloud_backup, Fas_500f_firmware, Solidfire_baseboard_management_controller_firmware | 5.5 | ||
| 2021-03-20 | CVE-2021-28952 | An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) | Fedora, Linux_kernel, A250_firmware, Aff_500f_firmware, Cloud_backup, Fas_500f_firmware, Solidfire_baseboard_management_controller_firmware | 7.8 | ||
| 2021-03-22 | CVE-2021-28964 | A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. | Debian_linux, Fedora, Linux_kernel, Aff_a250_firmware, Cloud_backup, Fas_500f_firmware, Solidfire_baseboard_management_controller_firmware | 4.7 | ||
| 2021-03-22 | CVE-2021-28971 | In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. | Debian_linux, Fedora, Linux_kernel, Aff_500f_firmware, Aff_a250_firmware, Cloud_backup, Solidfire_baseboard_management_controller_firmware | 5.5 | ||
| 2021-03-22 | CVE-2021-28972 | In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8. | Fedora, Linux_kernel, Cloud_backup, Fas\/aff_baseboard_management_controller, Solidfire_baseboard_management_controller_firmware | 6.7 | ||
| 2021-04-19 | CVE-2021-3506 | An out-of-bounds (OOB) memory access flaw was found in fs/f2fs/node.c in the f2fs module in the Linux kernel in versions before 5.12.0-rc4. A bounds check failure allows a local attacker to gain access to out-of-bounds memory leading to a system crash or a leak of internal kernel information. The highest threat from this vulnerability is to system availability. | Debian_linux, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_baseboard_management_controller_firmware | 7.1 | ||
| 2021-04-22 | CVE-2021-23133 | A race condition in Linux kernel SCTP sockets (net/sctp/socket.c) before 5.12-rc8 can lead to kernel privilege escalation from the context of a network service or an unprivileged process. If sctp_destroy_sock is called without sock_net(sk)->sctp.addr_wq_lock then an element is removed from the auto_asconf_splist list without any proper locking. This can be exploited by an attacker with network service privileges to escalate to root or from the context of an unprivileged user directly if a... | Brocade_fabric_operating_system, Debian_linux, Fedora, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware | 7.0 |