Product:

H500s

(Netapp)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 26
Date Id Summary Products Score Patch Annotated
2023-07-24 CVE-2023-32247 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_SESSION_SETUP commands. The issue results from the lack of control of resource consumption. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Linux_kernel, H300s, H410s, H500s, H700s 7.5
2023-07-18 CVE-2023-38427 An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/smb2pdu.c in ksmbd has an integer underflow and out-of-bounds read in deassemble_neg_contexts. Linux_kernel, H300s, H410s, H500s, H700s 9.8
2023-04-11 CVE-2023-1989 A use-after-free flaw was found in btsdio_remove in drivers\bluetooth\btsdio.c in the Linux Kernel. In this flaw, a call to btsdio_remove with an unfinished job, may cause a race problem leading to a UAF on hdev devices. Debian_linux, Linux_kernel, H300s, H410c, H410s, H500s, H700s 7.0
2023-07-24 CVE-2023-32257 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP and SMB2_LOGOFF commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. Linux_kernel, H300s, H410s, H500s, H700s, Solidfire_\&_hci_storage_node 8.1
2023-07-24 CVE-2023-32258 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_LOGOFF and SMB2_CLOSE commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. Linux_kernel, H300s, H410s, H500s, H700s 8.1
2023-07-10 CVE-2023-32250 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_SESSION_SETUP commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. Linux_kernel, H300s, H410s, H500s, H700s, Hci, Hci_storage_nodes 8.1
2023-07-10 CVE-2023-32254 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the processing of SMB2_TREE_DISCONNECT commands. The issue results from the lack of proper locking when performing operations on an object. An attacker can leverage this vulnerability to execute code in the context of the kernel. Linux_kernel, H300s, H410s, H500s, H700s, Hci_management_node 8.1
2023-07-18 CVE-2023-38430 An issue was discovered in the Linux kernel before 6.3.9. ksmbd does not validate the SMB request protocol ID, leading to an out-of-bounds read. Linux_kernel, H300s, H410s, H500s, H700s, Hci_management_node 9.1
2023-07-18 CVE-2023-38431 An issue was discovered in the Linux kernel before 6.3.8. fs/smb/server/connection.c in ksmbd does not validate the relationship between the NetBIOS header's length field and the SMB header sizes, via pdu_size in ksmbd_conn_handler_loop, leading to an out-of-bounds read. Linux_kernel, H300s, H410s, H500s, H700s, Solidfire_\&_hci_management_node 9.1
2023-06-28 CVE-2023-3390 A use-after-free vulnerability was found in the Linux kernel's netfilter subsystem in net/netfilter/nf_tables_api.c. Mishandled error handling with NFT_MSG_NEWRULE makes it possible to use a dangling pointer in the same transaction causing a use-after-free vulnerability. This flaw allows a local attacker with user access to cause a privilege escalation issue. We recommend upgrading past commit 1240eb93f0616b21c675416516ff3d74798fdc97. Linux_kernel, H300s, H410c, H410s, H500s, H700s 7.8