Product:

H700s

(Netapp)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 26
Date Id Summary Products Score Patch Annotated
2023-07-18 CVE-2023-38426 An issue was discovered in the Linux kernel before 6.3.4. ksmbd has an out-of-bounds read in smb2_find_context_vals when create_context's name_len is larger than the tag length. Linux_kernel, H300s, H410s, H500s, H700s, Solidfire_\&_hci_management_node, Solidfire_\&_hci_storage_node 9.1
2023-07-18 CVE-2023-38432 An issue was discovered in the Linux kernel before 6.3.10. fs/smb/server/smb2misc.c in ksmbd does not validate the relationship between the command payload size and the RFC1002 length specification, leading to an out-of-bounds read. Linux_kernel, H300s, H410s, H500s, H700s, Solidfire, Solidfire_\&_hci_storage_node 9.1
2023-05-31 CVE-2022-48502 An issue was discovered in the Linux kernel before 6.2. The ntfs3 subsystem does not properly check for correctness during disk reads, leading to an out-of-bounds read in ntfs_set_ea in fs/ntfs3/xattr.c. Linux_kernel, H300s, H410c, H410s, H500s, H700s 7.1
2022-03-03 CVE-2022-0492 A vulnerability was found in the Linux kernel’s cgroup_release_agent_write in the kernel/cgroup/cgroup-v1.c function. This flaw, under certain circumstances, allows the use of the cgroups v1 release_agent feature to escalate privileges and bypass the namespace isolation unexpectedly. Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, H300e, H300s, H410c, H410s, H500e, H500s, H700e, H700s, Hci_compute_node, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Codeready_linux_builder, Codeready_linux_builder_for_power_little_endian, Enterprise_linux, Enterprise_linux_eus, Enterprise_linux_for_ibm_z_systems, Enterprise_linux_for_ibm_z_systems_eus, Enterprise_linux_for_power_little_endian, Enterprise_linux_for_power_little_endian_eus, Enterprise_linux_for_real_time_for_nfv_tus, Enterprise_linux_for_real_time_tus, Enterprise_linux_server_aus, Enterprise_linux_server_for_power_little_endian_update_services_for_sap_solutions, Enterprise_linux_server_tus, Enterprise_linux_server_update_services_for_sap_solutions, Virtualization_host 7.8
2023-06-18 CVE-2023-35826 An issue was discovered in the Linux kernel before 6.3.2. A use-after-free was found in cedrus_remove in drivers/staging/media/sunxi/cedrus/cedrus.c. Linux_kernel, H300s, H410c, H410s, H500s, H700s 7.0
2023-06-28 CVE-2023-1295 A time-of-check to time-of-use issue exists in io_uring subsystem's IORING_OP_CLOSE operation in the Linux kernel's versions 5.6 - 5.11 (inclusive), which allows a local user to elevate their privileges to root. Introduced in b5dba59e0cf7e2cc4d3b3b1ac5fe81ddf21959eb, patched in 9eac1904d3364254d622bf2c771c4f85cd435fc2, backported to stable in 788d0824269bef539fe31a785b1517882eafed93. Linux_kernel, H300s, H410c, H410s, H500s, H700s 7.0
2023-07-24 CVE-2023-32248 A flaw was found in the Linux kernel's ksmbd, a high-performance in-kernel SMB server. The specific flaw exists within the handling of SMB2_TREE_CONNECT and SMB2_QUERY_INFO commands. The issue results from the lack of proper validation of a pointer prior to accessing it. An attacker can leverage this vulnerability to create a denial-of-service condition on the system. Linux_kernel, H300s, H410c, H410s, H500s, H700s 7.5
2020-04-08 CVE-2019-20636 In the Linux kernel before 5.4.12, drivers/input/input.c has out-of-bounds writes via a crafted keycode table, as demonstrated by input_set_keycode, aka CID-cb222aed03d7. Linux_kernel, Cloud_backup, Fas_8300, Fas_8700, Fas_a400, Fas_baseboard_management_controller_a220, Fas_baseboard_management_controller_a320, Fas_baseboard_management_controller_a800, Fas_baseboard_management_controller_c190, H300s, H410s, H500s, H610c, H610s, H615c, H700s, Solidfire, Steelstore_cloud_integrated_storage 6.7
2022-02-24 CVE-2022-25636 net/netfilter/nf_dup_netdev.c in the Linux kernel 5.4 through 5.6.10 allows local users to gain privileges because of a heap out-of-bounds write. This is related to nf_tables_offload. Debian_linux, Linux_kernel, H300e, H300s, H410c, H410s, H500e, H500s, H700e, H700s, Communications_cloud_native_core_binding_support_function, Communications_cloud_native_core_network_exposure_function, Communications_cloud_native_core_policy 7.8
2023-03-16 CVE-2023-28466 do_tls_getsockopt in net/tls/tls_main.c in the Linux kernel through 6.2.6 lacks a lock_sock call, leading to a race condition (with a resultant use-after-free or NULL pointer dereference). Debian_linux, Linux_kernel, H300s, H410c, H410s, H500s, H700s 7.0