H300s Firmware

h300s_firmware

Vendor: Netapp • 289 CVEs

CVEs (289)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2022-1048 4Debian LinuxNetapp+1 more 11Debian Linux Enterprise LinuxH300e Firmware+8 more Nov 21, 2024 Apr 29, 2022 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. T...Show more A use-after-free flaw was found in the Linux kernel’s sound subsystem in the way a user triggers concurrent calls of PCM hw_params. The hw_free ioctls or similar race condition happens inside ALSA PCM for other ioctls. This flaw allows a local user to crash or potentially escalate their privileges on the system.Show less
CVE-2022-29156 2Linux Netapp 9H300e Firmware H300s FirmwareH410c Firmware+6 more Nov 21, 2024 Apr 13, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 drivers/infiniband/ulp/rtrs/rtrs-clt.c in the Linux kernel before 5.16.12 has a double free related to rtrs_clt_dev_release.
CVE-2022-28893 3Debian LinuxNetapp 13Debian Linux H300e FirmwareH300s Firmware+10 more Nov 21, 2024 Apr 11, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 The SUNRPC subsystem in the Linux kernel through 5.17.2 can call xs_xprt_free before ensuring that sockets are in the intended state.
CVE-2022-28796 4Fedoraproject LinuxNetapp+1 more 15Active Iq Unified Manager Enterprise LinuxFedora+12 more Nov 21, 2024 Apr 8, 2022 N/A· v4 7.0 HIGH· v3 6.9 MEDIUM· v2 jbd2_journal_wait_updates in fs/jbd2/transaction.c in the Linux kernel before 5.17.1 has a use-after-free caused by a transaction_t race condition.
CVE-2022-28389 4Debian FedoraprojectLinux+1 more 11Debian Linux FedoraH300e Firmware+8 more Nov 21, 2024 Apr 3, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 mcba_usb_start_xmit in drivers/net/can/usb/mcba_usb.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-28388 4Debian FedoraprojectLinux+1 more 11Debian Linux FedoraH300e Firmware+8 more May 5, 2025 Apr 3, 2022 N/A· v4 5.5 MEDIUM· v3 2.1 LOW· v2 usb_8dev_start_xmit in drivers/net/can/usb/usb_8dev.c in the Linux kernel through 5.17.1 has a double free.
CVE-2022-0998 2Linux Netapp 9H300e Firmware H300s FirmwareH410c Firmware+6 more Nov 21, 2024 Mar 30, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. This flaw allows a local user to crash or potentially escalate their...Show more An integer overflow flaw was found in the Linux kernel’s virtio device driver code in the way a user triggers the vhost_vdpa_config_validate function. This flaw allows a local user to crash or potentially escalate their privileges on the system.Show less
CVE-2022-1055 5Canonical FedoraprojectLinux+2 more 12Enterprise Linux FedoraH300e Firmware+9 more Nov 21, 2024 Mar 29, 2022 8.6 HIGH· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47f...Show more A use-after-free exists in the Linux Kernel in tc_new_tfilter that could allow a local attacker to gain privilege escalation. The exploit requires unprivileged user namespaces. We recommend upgrading past commit 04c2a47ffb13c29778e2a14e414ad4cb5a5db4b5Show less
CVE-2022-0995 3Fedoraproject LinuxNetapp 13Fedora H300e FirmwareH300s Firmware+10 more Nov 21, 2024 Mar 25, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged a...Show more An out-of-bounds (OOB) memory write flaw was found in the Linux kernel’s watch_queue event notification subsystem. This flaw can overwrite parts of the kernel state, potentially allowing a local user to gain privileged access or cause a denial of service on the system.Show less
CVE-2022-0500 3Fedoraproject LinuxNetapp 10Fedora H300e FirmwareH300s Firmware+7 more Nov 21, 2024 Mar 25, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to cras...Show more A flaw was found in unrestricted eBPF usage by the BPF_BTF_LOAD, leading to a possible out-of-bounds memory write in the Linux kernel’s BPF subsystem due to the way a user loads BTF. This flaw allows a local user to crash or escalate their privileges on the system.Show less
CVE-2022-0435 5Fedoraproject LinuxNetapp+2 more 30Codeready Linux Builder Codeready Linux Builder EusCodeready Linux Builder Eus For Power Little Endian+27 more Nov 21, 2024 Mar 25, 2022 N/A· v4 8.8 HIGH· v3 9.0 HIGH· v2 A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw a...Show more A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly escalate their privileges if they have access to the TIPC network.Show less
CVE-2022-0330 4Fedoraproject LinuxNetapp+1 more 383scale Api Management Codeready Linux BuilderCodeready Linux Builder Eus+35 more Nov 21, 2024 Mar 25, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their pr...Show more A random memory access flaw was found in the Linux kernel's GPU i915 kernel driver functionality in the way a user may run malicious code on the GPU. This flaw allows a local user to crash the system or escalate their privileges on the system.Show less
CVE-2021-4203 3Linux NetappOracle 16A700s Firmware Active Iq Unified ManagerBootstrap Os+13 more Nov 21, 2024 Mar 25, 2022 N/A· v4 6.8 MEDIUM· v3 4.9 MEDIUM· v2 A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges m...Show more A use-after-free read flaw was found in sock_getsockopt() in net/core/sock.c due to SO_PEERCRED and SO_PEERGROUPS race with listen() (and connect()) in the Linux kernel. In this flaw, an attacker with a user privileges may crash the system or leak internal kernel information.Show less
CVE-2021-4157 4Fedoraproject LinuxNetapp+1 more 10Communications Cloud Native Core Binding Support Function FedoraH300e Firmware+7 more Nov 21, 2024 Mar 25, 2022 N/A· v4 8.0 HIGH· v3 7.4 HIGH· v2 An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potent...Show more An out of memory bounds write flaw (1 or 2 bytes of memory) in the Linux kernel NFS subsystem was found in the way users use mirroring (replication of files with NFS). A user, having access to the NFS mount, could potentially use this flaw to crash the system or escalate privileges on the system.Show less
CVE-2018-25032 11Apple AzulDebian+8 more 27Active Iq Unified Manager Debian LinuxE Series Santricity Os Controller+24 more Aug 21, 2025 Mar 25, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 zlib before 1.2.12 allows memory corruption when deflating (i.e., when compressing) if the input has many distant matches.
CVE-2021-4197 5Broadcom DebianLinux+2 more 9Brocade Fabric Operating System Firmware Communications Cloud Native Core Binding Support FunctionDebian Linux+6 more Nov 21, 2024 Mar 23, 2022 N/A· v4 7.8 HIGH· v3 7.2 HIGH· v2 An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have...Show more An unprivileged write to the file handler flaw in the Linux kernel's control groups and namespaces subsystem was found in the way users have access to some less privileged process that are controlled by cgroups and have higher privileged parent process. It is actually both for cgroup2 and cgroup1 versions of control groups. A local user could use this flaw to crash the system or escalate their privileges on the system.Show less
CVE-2021-25220 5Fedoraproject IscJuniper+2 more 12Bind FedoraH300e Firmware+9 more Nov 21, 2024 Mar 23, 2022 N/A· v4 6.8 MEDIUM· v3 4.0 MEDIUM· v2 BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported...Show more BIND 9.11.0 -> 9.11.36 9.12.0 -> 9.16.26 9.17.0 -> 9.18.0 BIND Supported Preview Editions: 9.11.4-S1 -> 9.11.36-S1 9.16.8-S1 -> 9.16.26-S1 Versions of BIND 9 earlier than those shown - back to 9.1.0, including Supported Preview Editions - are also believed to be affected but have not been tested as they are EOL. The cache could become poisoned with incorrect records leading to queries being made to the wrong servers, which might also result in false information being returned to clients.Show less
CVE-2022-0635 2Isc Netapp 9Bind H300e FirmwareH300s Firmware+6 more Nov 21, 2024 Mar 23, 2022 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 Versions affected: BIND 9.18.0 When a vulnerable version of named receives a series of specific queries, the named process will eventually terminate due to a failed assertion check.
CVE-2022-0396 4Fedoraproject IscNetapp+1 more 11Bind FedoraH300e Firmware+8 more Nov 21, 2024 Mar 23, 2022 N/A· v4 5.3 MEDIUM· v3 4.3 MEDIUM· v2 BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an...Show more BIND 9.16.11 -> 9.16.26, 9.17.0 -> 9.18.0 and versions 9.16.11-S1 -> 9.16.26-S1 of the BIND Supported Preview Edition. Specifically crafted TCP streams can cause connections to BIND to remain in CLOSE_WAIT status for an indefinite period of time, even after the client has terminated the connection.Show less
CVE-2022-27666 5Debian FedoraprojectLinux+2 more 13Debian Linux Enterprise LinuxFedora+10 more Nov 21, 2024 Mar 23, 2022 N/A· v4 7.8 HIGH· v3 4.6 MEDIUM· v2 A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause...Show more A heap buffer overflow flaw was found in IPsec ESP transformation code in net/ipv4/esp4.c and net/ipv6/esp6.c. This flaw allows a local attacker with a normal user privilege to overwrite kernel heap objects and may cause a local privilege escalation threat.Show less

Previous 1...789...15 Next