Product:

Aff_a700s_firmware

(Netapp)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 18
Date Id Summary Products Score Patch Annotated
2019-12-17 CVE-2019-19816 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image and performing some operations can cause slab-out-of-bounds write access in __btrfs_map_block in fs/btrfs/volumes.c, because a value of 1 for the number of data stripes is mishandled. Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage 7.8
2022-08-18 CVE-2021-33060 Out-of-bounds write in the BIOS firmware for some Intel(R) Processors may allow an authenticated user to potentially enable escalation of privilege via local access. Xeon_gold_5315y_firmware, Xeon_gold_5317_firmware, Xeon_gold_5318h_firmware, Xeon_gold_5318n_firmware, Xeon_gold_5318s_firmware, Xeon_gold_5318y_firmware, Xeon_gold_5320_firmware, Xeon_gold_5320h_firmware, Xeon_gold_5320t_firmware, Xeon_gold_6312u_firmware, Xeon_gold_6314u_firmware, Xeon_gold_6326_firmware, Xeon_gold_6328h_firmware, Xeon_gold_6328hl_firmware, Xeon_gold_6330_firmware, Xeon_gold_6330h_firmware, Xeon_gold_6330n_firmware, Xeon_gold_6334_firmware, Xeon_gold_6336y_firmware, Xeon_gold_6338_firmware, Xeon_gold_6338n_firmware, Xeon_gold_6338t_firmware, Xeon_gold_6342_firmware, Xeon_gold_6346_firmware, Xeon_gold_6348_firmware, Xeon_gold_6348h_firmware, Xeon_gold_6354_firmware, Xeon_platinum_8351n_firmware, Xeon_platinum_8352m_firmware, Xeon_platinum_8352s_firmware, Xeon_platinum_8352v_firmware, Xeon_platinum_8352y_firmware, Xeon_platinum_8353h_firmware, Xeon_platinum_8354h_firmware, Xeon_platinum_8356h_firmware, Xeon_platinum_8358_firmware, Xeon_platinum_8358p_firmware, Xeon_platinum_8360h_firmware, Xeon_platinum_8360hl_firmware, Xeon_platinum_8360y_firmware, Xeon_platinum_8362_firmware, Xeon_platinum_8368_firmware, Xeon_platinum_8368q_firmware, Xeon_platinum_8376h_firmware, Xeon_platinum_8376hl_firmware, Xeon_platinum_8380_firmware, Xeon_platinum_8380h_firmware, Xeon_platinum_8380hl_firmware, Xeon_silver_4309y_firmware, Xeon_silver_4310_firmware, Xeon_silver_4310t_firmware, Xeon_silver_4314_firmware, Xeon_silver_4316_firmware, Aff_a200_firmware, Aff_a220_firmware, Aff_a250_firmware, Aff_a300_firmware, Aff_a320_firmware, Aff_a400_firmware, Aff_a700_firmware, Aff_a700s_firmware, Aff_a800_firmware, Aff_a900_firmware, Aff_c190_firmware, Fas2600_firmware, Fas2700_firmware, Fas500f_firmware, Fas8200_firmware, Fas8300_firmware, Fas8700_firmware, Fas9000_firmware, Fas9500_firmware 7.8
2021-06-07 CVE-2019-25045 An issue was discovered in the Linux kernel before 5.0.19. The XFRM subsystem has a use-after-free, related to an xfrm_state_fini panic, aka CID-dbb2483b2a46. Linux_kernel, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Aff_a700s_firmware, Cloud_backup, Fabric\-Attached_storage_a400_firmware, Fas_8300_firmware, Fas_8700_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware 7.8
2020-06-29 CVE-2020-14145 The client side in OpenSSH 5.7 through 8.4 has an Observable Discrepancy leading to an information leak in the algorithm negotiation. This allows man-in-the-middle attackers to target initial connection attempts (where no host key for the server has been cached by the client). NOTE: some reports state that 8.5 and 8.6 are also affected. Active_iq_unified_manager, Aff_a700s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Ontap_select_deploy_administration_utility, Solidfire, Steelstore_cloud_integrated_storage, Openssh 5.9
2019-09-30 CVE-2019-16995 In the Linux kernel before 5.0.3, a memory leak exits in hsr_dev_finalize() in net/hsr/hsr_device.c if hsr_add_port fails to add a port, which may cause denial of service, aka CID-6caabe7f197d. Linux_kernel, Aff_a700s_firmware, Data_availability_services, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610s_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Service_processor, Solidfire, Steelstore_cloud_integrated_storage, Leap 7.5
2019-11-18 CVE-2019-19069 A memory leak in the fastrpc_dma_buf_attach() function in drivers/misc/fastrpc.c in the Linux kernel before 5.3.9 allows attackers to cause a denial of service (memory consumption) by triggering dma_get_sgtable() failures, aka CID-fc739a058d99. Fabric_operating_system, Ubuntu_linux, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, E\-Series_santricity_os_controller, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Solidfire, Steelstore_cloud_integrated_storage 7.5
2019-11-07 CVE-2019-18805 An issue was discovered in net/ipv4/sysctl_net_ipv4.c in the Linux kernel before 5.0.11. There is a net/ipv4/tcp_input.c signed integer overflow in tcp_ack_update_rtt() when userspace writes a very large integer to /proc/sys/net/ipv4/tcp_min_rtt_wlen, leading to a denial of service or possibly unspecified other impact, aka CID-19fad20d15a6. Fabric_operating_system, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, E\-Series_santricity_os_controller, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_compute_node, Hci_management_node, Hci_storage_node, Solidfire, Steelstore_cloud_integrated_storage, Leap, Enterprise_linux 9.8
2019-11-28 CVE-2019-19318 In the Linux kernel 5.3.11, mounting a crafted btrfs image twice can cause an rwsem_down_write_slowpath use-after-free because (in rwsem_can_spin_on_owner in kernel/locking/rwsem.c) rwsem_owner_flags returns an already freed pointer, Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage, Leap 4.4
2019-12-17 CVE-2019-19813 In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and then making a syncfs system call can lead to a use-after-free in __mutex_lock in kernel/locking/mutex.c. This is related to mutex_can_spin_on_owner in kernel/locking/mutex.c, __btrfs_qgroup_free_meta in fs/btrfs/qgroup.c, and btrfs_insert_delayed_items in fs/btrfs/delayed-inode.c. Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Aff_a400_firmware, Aff_a700s_firmware, Data_availability_services, Fas8300_firmware, Fas8700_firmware, H610s_firmware, Hci_management_node, Solidfire, Steelstore_cloud_integrated_storage 5.5
2019-07-01 CVE-2019-5497 NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution. Aff_a700s_firmware, Clustered_data_ontap 9.8