H410c

h410c

Vendor: Netapp • 12 CVEs

CVEs (12)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2023-32248 2Linux Netapp 6H300s H410cH410s+3 more Nov 21, 2024 Jul 24, 2023 N/A· v4 7.5 HIGH· v3 N/A· v2 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of pr...Show more A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system.Show less
CVE-2023-35001 4Debian FedoraprojectLinux+1 more 8Debian Linux FedoraH300s+5 more Nov 21, 2024 Jul 5, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 Linux Kernel nftables Out-Of-Bounds Read/Write Vulnerability; nft_byteorder poorly handled vm register contents when CAP_NET_ADMIN is in any user or network namespace
CVE-2023-3390 2Linux Netapp 6H300s H410cH410s+3 more Nov 21, 2024 Jun 28, 2023 N/A· v4 7.8 HIGH· v3 N/A· v2 A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same...Show more A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97.Show less
CVE-2023-1295 2Linux Netapp 6H300s H410cH410s+3 more Nov 21, 2024 Jun 28, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduc...Show more A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93.Show less
CVE-2023-35828 2Linux Netapp 6H300s H410cH410s+3 more Nov 21, 2024 Jun 18, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in renesas_usb3_remove in drivers/usb/gadget/udc/renesas_usb3.c.
CVE-2023-35826 2Linux Netapp 6H300s H410cH410s+3 more Nov 21, 2024 Jun 18, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c.
CVE-2022-48502 2Linux Netapp 6H300s H410cH410s+3 more Nov 21, 2024 May 31, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c.
CVE-2023-1989 3Debian LinuxNetapp 7Debian Linux H300sH410c+4 more Nov 21, 2024 Apr 11, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices.
CVE-2023-1838 2Linux Netapp 6H300s H410cH410s+3 more Nov 21, 2024 Apr 5, 2023 N/A· v4 7.1 HIGH· v3 N/A· v2 A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and cou...Show more A use-after-free flaw was found in vhost_net_set_backend in drivers/vhost/net.c in virtio network subcomponent in the Linux kernel due to a double fget. This flaw could allow a local attacker to crash the system, and could even lead to a kernel information leak problem.Show less
CVE-2023-28466 3Debian LinuxNetapp 7Debian Linux H300sH410c+4 more May 5, 2025 Mar 16, 2023 N/A· v4 7.0 HIGH· v3 N/A· v2 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference).
CVE-2022-0492 6Canonical DebianFedoraproject+3 more 37Bootstrap Os Codeready Linux BuilderCodeready Linux Builder For Power Little Endian+34 more Jun 3, 2026 Mar 3, 2022 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to esca...Show more A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly.Show less
CVE-2022-25636 4Debian LinuxNetapp+1 more 13Communications Cloud Native Core Binding Support Function Communications Cloud Native Core Network Exposure FunctionCommunications Cloud Native Core Policy+10 more Nov 21, 2024 Feb 24, 2022 N/A· v4 7.8 HIGH· v3 6.9 MEDIUM· v2 net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload.