Product:

Solidfire_baseboard_management_controller_firmware

(Netapp)
Repositories

Unknown:

This might be proprietary software.

#Vulnerabilities 70
Date Id Summary Products Score Patch Annotated
2020-12-09 CVE-2020-29660 A locking inconsistency issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_io.c and drivers/tty/tty_jobctrl.c may allow a read-after-free attack against TIOCGSID, aka CID-c8bcd9c5be24. Fabric_operating_system, Debian_linux, Fedora, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, H410c_firmware, Solidfire_baseboard_management_controller_firmware 4.4
2020-12-09 CVE-2020-29661 A locking issue was discovered in the tty subsystem of the Linux kernel through 5.9.13. drivers/tty/tty_jobctrl.c allows a use-after-free attack against TIOCSPGRP, aka CID-54ffccbf053b. Fabric_operating_system, Debian_linux, Fedora, Linux_kernel, 8300_firmware, 8700_firmware, A400_firmware, A700s_firmware, Active_iq_unified_manager, H410c_firmware, Solidfire_baseboard_management_controller_firmware, Tekelec_platform_distribution 7.8
2020-12-11 CVE-2020-27825 A use-after-free flaw was found in kernel/trace/ring_buffer.c in Linux kernel (before 5.10-rc1). There was a race problem in trace_open and resize of cpu buffer running parallely on different cpus, may cause a denial of service problem (DOS). This flaw could even allow a local attacker with special user privilege to a kernel information leak threat. Debian_linux, Linux_kernel, Cloud_backup, H410c_firmware, Solidfire_baseboard_management_controller_firmware, Enterprise_linux, Enterprise_mrg 5.7
2021-01-05 CVE-2020-36158 mwifiex_cmd_802_11_ad_hoc_start in drivers/net/wireless/marvell/mwifiex/join.c in the Linux kernel through 5.10.4 might allow remote attackers to execute arbitrary code via a long SSID value, aka CID-5c455c5ab332. Debian_linux, Fedora, Linux_kernel, Cloud_backup, Solidfire_baseboard_management_controller_firmware 6.7
2021-03-15 CVE-2021-28375 An issue was discovered in the Linux kernel through 5.11.6. fastrpc_internal_invoke in drivers/misc/fastrpc.c does not prevent user applications from sending kernel RPC messages, aka CID-20c40794eb85. This is a related issue to CVE-2019-2308. Fedora, Linux_kernel, Cloud_backup, Solidfire_baseboard_management_controller_firmware 7.8
2021-03-20 CVE-2021-28951 An issue was discovered in fs/io_uring.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (deadlock) because exit may be waiting to park a SQPOLL thread, but concurrently that SQPOLL thread is waiting for a signal to start, aka CID-3ebba796fa25. Fedora, Linux_kernel, A250_firmware, Aff_500f_firmware, Cloud_backup, Fas_500f_firmware, Solidfire_baseboard_management_controller_firmware 5.5
2021-03-20 CVE-2021-28952 An issue was discovered in the Linux kernel through 5.11.8. The sound/soc/qcom/sdm845.c soundwire device driver has a buffer overflow when an unexpected port ID number is encountered, aka CID-1c668e1c0a0f. (This has been fixed in 5.12-rc4.) Fedora, Linux_kernel, A250_firmware, Aff_500f_firmware, Cloud_backup, Fas_500f_firmware, Solidfire_baseboard_management_controller_firmware 7.8
2021-03-22 CVE-2021-28964 A race condition was discovered in get_old_root in fs/btrfs/ctree.c in the Linux kernel through 5.11.8. It allows attackers to cause a denial of service (BUG) because of a lack of locking on an extent buffer before a cloning operation, aka CID-dbcc7d57bffc. Debian_linux, Fedora, Linux_kernel, Aff_a250_firmware, Cloud_backup, Fas_500f_firmware, Solidfire_baseboard_management_controller_firmware 4.7
2021-03-22 CVE-2021-28971 In intel_pmu_drain_pebs_nhm in arch/x86/events/intel/ds.c in the Linux kernel through 5.11.8 on some Haswell CPUs, userspace applications (such as perf-fuzzer) can cause a system crash because the PEBS status in a PEBS record is mishandled, aka CID-d88d05a9e0b6. Debian_linux, Fedora, Linux_kernel, Aff_500f_firmware, Aff_a250_firmware, Cloud_backup, Solidfire_baseboard_management_controller_firmware 5.5
2021-03-22 CVE-2021-28972 In drivers/pci/hotplug/rpadlpar_sysfs.c in the Linux kernel through 5.11.8, the RPA PCI Hotplug driver has a user-tolerable buffer overflow when writing a new device name to the driver from userspace, allowing userspace to write data to the kernel stack frame directly. This occurs because add_slot_store and remove_slot_store mishandle drc_name '\0' termination, aka CID-cc7a0bb058b8. Fedora, Linux_kernel, Cloud_backup, Fas\/aff_baseboard_management_controller, Solidfire_baseboard_management_controller_firmware 6.7