Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Cloud_backup
(Netapp)| Repositories |
• https://github.com/openbsd/src
• https://github.com/torvalds/linux • https://github.com/madler/zlib • https://github.com/openssh/openssh-portable |
| #Vulnerabilities | 342 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2021-05-26 | CVE-2020-25673 | A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system. | Fedora, Linux_kernel, Active_iq_unified_manager, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_baseboard_management_controller_firmware | 5.5 | ||
| 2021-05-26 | CVE-2021-22543 | An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation. | Debian_linux, Fedora, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_baseboard_management_controller_firmware | 7.8 | ||
| 2021-05-26 | CVE-2020-25668 | A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op. | Debian_linux, Linux_kernel, 500f_firmware, A250_firmware, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware | 7.0 | ||
| 2021-05-26 | CVE-2020-25669 | A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free. | Debian_linux, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller | 7.8 | ||
| 2021-05-27 | CVE-2021-33200 | kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit. | Fedora, Linux_kernel, Cloud_backup, H300e_firmware, H300s_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller | 7.8 | ||
| 2021-06-02 | CVE-2021-3520 | There's a flaw in lz4. An attacker who submits a crafted file to an application linked with lz4 may be able to trigger an integer overflow, leading to calling of memmove() on a negative size argument, causing an out-of-bounds write and/or a crash. The greatest impact of this flaw is to availability, with some potential impact to confidentiality and integrity as well. | Lz4, Active_iq_unified_manager, Cloud_backup, Ontap_select_deploy_administration_utility, Communications_cloud_native_core_policy, Zfs_storage_appliance_kit, Universal_forwarder | 9.8 | ||
| 2021-06-09 | CVE-2020-24486 | Improper input validation in the firmware for some Intel(R) Processors may allow an authenticated user to potentially enable denial of service via local access. | Bios, Aff_bios, Cloud_backup, E\-Series_bios, Fas_bios, Hci_compute_node_bios, Hci_storage_node_bios, Solidfire_bios, Simatic_ipc547g_firmware | 5.5 | ||
| 2021-06-09 | CVE-2020-8670 | Race condition in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | Bios, Aff_bios, Cloud_backup, Fas_bios, Hci_compute_node_bios, Hci_storage_node_bios, Solidfire_bios, Simatic_field_pg_m6_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware | 6.4 | ||
| 2021-06-09 | CVE-2020-8700 | Improper input validation in the firmware for some Intel(R) Processors may allow a privileged user to potentially enable escalation of privilege via local access. | Bios, Aff_bios, Cloud_backup, E\-Series_bios, Fas_bios, Hci_compute_node_bios, Hci_storage_node_bios, Solidfire_bios | 6.7 | ||
| 2021-06-09 | CVE-2020-8703 | Improper buffer restrictions in a subsystem in the Intel(R) CSME versions before 11.8.86, 11.12.86, 11.22.86, 12.0.81, 13.0.47, 13.30.17, 14.1.53, 14.5.32 and 15.0.22 may allow a privileged user to potentially enable escalation of privilege via local access. | Converged_security_and_manageability_engine, Cloud_backup, Simatic_field_pg_m5_firmware, Simatic_field_pg_m6_firmware, Simatic_ipc427e_firmware, Simatic_ipc477e_firmware, Simatic_ipc477e_pro_firmware, Simatic_ipc527g_firmware, Simatic_ipc547g_firmware, Simatic_ipc627e_firmware, Simatic_ipc647e_firmware, Simatic_ipc677e_firmware, Simatic_ipc847e_firmware, Simatic_itp1000_firmware | 6.7 |