Product:

Solidfire_baseboard_management_controller_firmware

(Netapp)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 70
Date Id Summary Products Score Patch Annotated
2020-02-25 CVE-2020-9383 An issue was discovered in the Linux kernel 3.16 through 5.5.6. set_fdc in drivers/block/floppy.c leads to a wait_til_ready out-of-bounds read because the FDC index is not checked for errors before assigning it, aka CID-2e90ca68b0d2. Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Cloud_backup, Data_availability_services, H410c_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage, Leap 7.1
2020-04-10 CVE-2020-8832 The fix for the Linux kernel in Ubuntu 18.04 LTS for CVE-2019-14615 ("The Linux kernel did not properly clear data structures on context switches for certain Intel graphics processors.") was discovered to be incomplete, meaning that in versions of the kernel before 4.15.0-91.92, an attacker could use this vulnerability to expose sensitive information. Ubuntu_linux, Aff_8300_firmware, Aff_8700_firmware, Aff_a220_firmware, Aff_a320_firmware, Aff_a400_firmware, Aff_a700s_firmware, Aff_c190_firmware, Cloud_backup, Fas2720_firmware, Fas2750_firmware, Fas8300_firmware, Fas8700_firmware, Fas_baseboard_management_controller_a220_firmware, Fas_baseboard_management_controller_a320_firmware, Fas_baseboard_management_controller_a400_firmware, Fas_baseboard_management_controller_a800_firmware, Fas_baseboard_management_controller_c190_firmware, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage 5.5
2020-05-15 CVE-2020-12888 The VFIO PCI driver in the Linux kernel through 5.6.13 mishandles attempts to access disabled memory space. Ubuntu_linux, Debian_linux, Fedora, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Bootstrap_os, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage, Leap 5.3
2020-05-18 CVE-2020-13143 gadget_dev_desc_UDC_store in drivers/usb/gadget/configfs.c in the Linux kernel 3.16 through 5.6.13 relies on kstrdup without considering the possibility of an internal '\0' value, which allows attackers to trigger an out-of-bounds read, aka CID-15753588bcd4. Ubuntu_linux, Debian_linux, Linux_kernel, A700s_firmware, Active_iq_unified_manager, Bootstrap_os, Cloud_backup, Element_software, H300e_firmware, H300s_firmware, H410c_firmware, H410s_firmware, H500e_firmware, H500s_firmware, H610c_firmware, H610s_firmware, H615c_firmware, H700e_firmware, H700s_firmware, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Steelstore_cloud_integrated_storage, Leap 6.5
2020-08-19 CVE-2020-14356 A flaw null pointer dereference in the Linux kernel cgroupv2 subsystem in versions before 5.7.10 was found in the way when reboot the system. A local user could use this flaw to crash the system or escalate their privileges on the system. Ubuntu_linux, Debian_linux, Linux_kernel, Active_iq_unified_manager, Cloud_backup, Hci_management_node, Solidfire, Solidfire_baseboard_management_controller_firmware, Leap, Enterprise_linux 7.8
2020-11-23 CVE-2020-15436 Use-after-free vulnerability in fs/block_dev.c in the Linux kernel before 5.8 allows local users to gain privileges or cause a denial of service by leveraging improper access to a certain error field. Brocade_fabric_operating_system_firmware, Linux_kernel, A250_firmware, A700s_firmware, Aff_500f_firmware, Aff_8300_firmware, Aff_8700_firmware, Aff_a400_firmware, Cloud_backup, Fabric\-Attached_storage_a400_firmware, Fas_500f_firmware, Fas_8300_firmware, Fas_8700_firmware, H410c_firmware, H610c_firmware, H610s_firmware, H615c_firmware, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware 6.7
2020-11-28 CVE-2020-29370 An issue was discovered in kmem_cache_alloc_bulk in mm/slub.c in the Linux kernel before 5.5.11. The slowpath lacks the required TID increment, aka CID-fd4d9c7d0c71. Linux_kernel, Cloud_backup, H410c_firmware, Hci_compute_node_firmware, Solidfire\,_enterprise_sds_\&_hci_storage_node, Solidfire_\&_hci_management_node, Solidfire_baseboard_management_controller_firmware 7.0
2020-12-02 CVE-2020-14305 An out-of-bounds memory write flaw was found in how the Linux kernel’s Voice Over IP H.323 connection tracking functionality handled connections on ipv6 port 1720. This flaw allows an unauthenticated remote user to crash the system, causing a denial of service. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability. Linux_kernel, A250_firmware, Aff_500f_firmware, Cloud_backup, Fas_500f_firmware, Solidfire_baseboard_management_controller_firmware 8.1
2020-12-08 CVE-2020-25692 A NULL pointer dereference was found in OpenLDAP server and was fixed in openldap 2.4.55, during a request for renaming RDNs. An unauthenticated attacker could remotely crash the slapd process by sending a specially crafted request, causing a Denial of Service. Cloud_backup, Solidfire_baseboard_management_controller_firmware, Openldap, Enterprise_linux 7.5
2020-12-09 CVE-2020-29660 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. Fabric_operating_system, Debian_linux, Fedora, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, H410c_firmware, Solidfire_baseboard_management_controller_firmware 4.4