Lucene search
K
BroadcomMost viewed

879 matches found

Broadcom
Broadcom
added 2022/12/24 12:0 a.m.12 views

CVE-2022-47941, CVE-2022-47942, CVE-2022-47938, CVE-2022-47939, CVE-2022-47940. Vulnerabilities affecting the ksmb module in the Linux kernel versions 5.14 through 5.15.61. (BSA-2022-2157).

Security Advisory ID: BSA-2022-2157 Component: ksmbd module in the Linux kernel Revision: 2.1 Brocade PSIRT has become aware of several vulnerabilities affecting theksmbdmodule in the Linux kernel published by Trend Micro Zero Day Initiative. ZDI-22-1687 - CVSS SCORE: 5.3 - CVE-2022-47941...

9.8CVSS6.8AI score0.58461EPSS
Exploits0
Broadcom
Broadcom
added 2022/12/09 12:0 a.m.12 views

CVE-2022-40259, CVE-2022-40242, CVE-2022-2827 -- Vulnerabilities in AMI MegaRAC Baseboard Management Controller (BMC) software.(BSA-2022-2147)

Security Advisory ID: BSA-2022-2147 Component: BMC Software Revision: 1.0 Brocade PSIRT has become aware of several vulnerabilities discovered by Eclypsium Research affecting AMI MegaRAC Baseboard Management Controller BMC software. More information at:...

9.8CVSS7.4AI score0.0171EPSS
Exploits0
Broadcom
Broadcom
added 2022/10/20 12:0 a.m.12 views

CVE-2022-42889. Apache Commons Text prior to 1.10.0 allows RCE when applied to untrusted input due to insecure interpolation defaults.

Security Advisory ID : BSA-2022-2096 Component : Apache Commons Text Revision : 1.1 Apache Commons Text performs variable interpolation, allowing properties to be dynamically evaluated and expanded. The standard format for interpolation is "$prefix:name", where "prefix" is used to locate an...

9.8CVSS6.7AI score0.99931EPSS
Exploits41
Broadcom
Broadcom
added 2022/03/02 12:0 a.m.12 views

BSA-2022-1680

Security Advisory ID : BSA-2022-1680 Component : Apache Log4j Revision : 2.0 CVE-2022-23302 is a high severity deserialization vulnerability in JMSSink. JMSSink uses JNDI in an unprotected manner allowing any application using the JMSSink to be vulnerable if it is configured to reference an...

9.8CVSS8.8AI score0.6906EPSS
Exploits4
Broadcom
Broadcom
added 2021/12/11 12:0 a.m.12 views

BSA-2021-1651

Security Advisory ID : BSA-2021-1651 Component : Apache Log4j Revision : 4.0 Brocade Security has become aware of Apache Log4j version 2.x remote code execution vulnerability CVE-2021-44228. Additional vulnerabilities CVE-2021-45046, CVE-2021-45105 and CVE-2021-44832 have also been identified...

10CVSS8AI score0.99999EPSS
Exploits358
Broadcom
Broadcom
added 2018/05/08 12:0 a.m.12 views

BSA-2018-604

Security Advisory ID : BSA-2018-604 Component : System Revision : 1.0: Final Multiple GPON Home Routers could allow a remote attacker to execute arbitrary commands on the system, caused by the ping and trace route commands running at root level on the diagnostic page. An attacker could exploit th...

9.8CVSS7.7AI score0.99948EPSS
Exploits7
Broadcom
Broadcom
added 2017/11/17 12:0 a.m.12 views

BSA-2017-447

Security Advisory ID : BSA-2017-447 Component : Apache Revision : 2.0: Final When running Apache Tomcat versions 9.0.0.M1 to 9.0.0, 8.5.0 to 8.5.22, 8.0.0.RC1 to 8.0.46 and 7.0.0 to 7.0.81 with HTTP PUTs enabled e.g. via setting the readonly initialisation parameter of the Default servlet to fals...

8.1CVSS8.7AI score0.99988EPSS
Exploits23
Broadcom
Broadcom
added 2017/05/17 12:0 a.m.12 views

BSA-2017-273

Security Advisory ID : BSA-2017-273 Component : sshd in OpenSSH Revision : 3.1 sshdinOpenSSHbefore 7.4, when privilege separation is not used, creates forwarded Unix-domain sockets as root, which might allow local users to gain privileges via unspecified vectors, related toserverloop.c. Affected...

7CVSS7.2AI score0.0424EPSS
Exploits2
Broadcom
Broadcom
added 2016/10/10 12:0 a.m.12 views

BSA-2016-010

Summary Security Advisory ID : BSA-2016-010 Component : Linux Kernel Revision : 5.0 N/A...

5CVSS9.2AI score0.02483EPSS
Exploits0
Broadcom
Broadcom
added 2015/06/17 12:0 a.m.12 views

BSA-2015-1935

Security Advisory ID : BSA-2015-1935 Component : TLS protocol 1.2 Revision : 5.0 The TLS protocol 1.2 and earlier, when a DHEEXPORT ciphersuite is enabled on a server but not on a client, does not properly convey a DHEEXPORT choice, which allows man-in-the-middle attackers to conduct...

4.3CVSS6.5AI score0.9986EPSS
Exploits1
Broadcom
Broadcom
added 2025/06/10 12:0 a.m.11 views

Linux Kernel Vulnerable to Denial-of-Service (DoS) via NULL Pointer Dereference in 'rawv6_push_pending_frames()' Function in 'raw.c' File (CVE-2023-0394)

Linux Kernel contains a vulnerability that can lead to a NULL pointer dereference condition due to insufficient checks. Exploiting this vulnerability could allow an attacker to cause a denial-of-service DoS...

5.5CVSS6.6AI score0.01016EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.11 views

Rocky Linux Brocade SANnav OVA updates: kernel (RLSA-2024:8856) expat (RLSA-2024:9502, RLSA-2024-6989) bzip2 (RLSA-2024:8922) krb5 (RLSA-2024:8860) and python3 (RLSA-2024:6975)

Rocky Linux updates for SANnav OVA releases. The listed updates are available for OVA deployments of SANnav. kernel RLSA-2024:8856 CVE-2024-44935, CVE-2024-43854, CVE-2024-35898, CVE-2024-27062, CVE-2024-42244, CVE-2024-27017, CVE-2024-42070, CVE-2024-43880, CVE-2023-52492, CVE-2024-46826,...

9.8CVSS7AI score0.14859EPSS
Exploits4
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.11 views

Weak TLS Ciphers on Brocade SANnav OVA SSH port 22. (CVE-2024-4282)

Brocade SANnav OVA before SANnav 2.3.1b enables SHA1 deprecated setting for SSH for port 22. Detail The SSH protocol Secure Shell is a method for secure remote login from one computer to another. The target is using deprecated SHA1 cryptographic settings to communicate. IMPACT: vulnerable to...

9.8CVSS7AI score0.0028EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.11 views

PostgreSQL JDBC Driver allows attacker to inject SQL if using PreferQueryMode=SIMPLE

pgjdbc, the PostgreSQL JDBC Driver, allows an attacker to inject SQL if using PreferQueryMode=SIMPLE. Note, this is not the default. In the default mode there is no vulnerability. A placeholder for a numeric value must be immediately preceded by a minus. There must be a second placeholder for a...

10CVSS7.8AI score0.0481EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.11 views

AZUL Zulu Java Multiple Vulnerabilities - July 2024

CVE-ID Component Base Score CVE-2024-21131 Hotspot 3.7 CVE-2024-21138 Hotspot 3.7 CVE-2024-21140 Hotspot 4.8 CVE-2024-21145 2D 4.8 CVE-2024-21147 Hotspot 7.4 CVE-2024-21144 Concurrency 3.7 CVE-2024-27983 Oracle GrallVM for JDK 8.2 More details can be found at...

8.2CVSS6.9AI score0.87211EPSS
Exploits1
Broadcom
Broadcom
added 2025/01/13 12:0 a.m.11 views

Linux kernel vulnerabilities CVE-2024-41090 and CVE-2024-41091

Brocade Security has investigated the two CVEs below related to Linux Kernel. CVE-2024-41090 Description In the Linux kernel, the following vulnerability has been resolved: tap: add missing verification for short frame The cited commit missed to check against the validity of the frame length in t...

7.1CVSS5.7AI score0.00254EPSS
Exploits0
Broadcom
Broadcom
added 2024/11/02 12:0 a.m.11 views

Apache Tomcat - information disclosure (CVE-2023-42795 )

When recycling various internal objects, including the request and the response, prior to re-use by the next request/response, an error could cause Tomcat to skip some parts of the recycling process leading to information leaking from the current request/response to the next...

5.3CVSS6.7AI score0.0216EPSS
Exploits1
Broadcom
Broadcom
added 2024/05/29 12:0 a.m.11 views

Multiple CVEs identified by vulnerability scanning tools in Brocade ASCG

Secuirty updates provided with latest patch update: Security Update| CVEID ---|--- General remote services| CVE-2014-8730,CVE-2015-3642 binutils RLSA-2023:6236| CVE-2022-4285 open-vm-tools RLSA-2023:7265| CVE-2023-34058,CVE-2023-34059 container-tools RLSA-2023:7202| CVE-2023-29406 procps-ng...

8.2CVSS7.1AI score0.1372EPSS
Exploits3Affected Software1
Broadcom
Broadcom
added 2024/05/29 12:0 a.m.11 views

Fabric OS versions prior to v9.0 have default community strings (CVE-2024-5460)

A vulnerability in the default configuration of the Simple Network Management Protocol SNMP feature of Brocade Fabric OS versions before v9.0.0 could allow an authenticated, remote attacker to read data from an affected device via SNMP. The vulnerability is due to hard-coded, default community...

8.1CVSS6.8AI score0.00542EPSS
Exploits1Affected Software1
Broadcom
Broadcom
added 2024/04/01 12:0 a.m.11 views

XZ: Embedded Malicious Code (CVE-2024-3094)

A Malicious code was discovered in the upstream tarballs of xz, starting with version 5.6.0. Through a series of complex obfuscations, the liblzma build process extracts a prebuilt object file from a disguised test file existing in the source code. This file is then used to modify specific...

10CVSS7.5AI score0.85974EPSS
Exploits40
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.11 views

Rocky Linux Security Updates RLSA-2023:5312 (CVE-2023-20900) and RSLA-2023:5244 (CVE-2023-35001, CVE-2023-4004, CVE-2023-3390, CVE-2023-3776, CVE-2023-3090, CVE-2023-35788, CVE-2023-20593, CVE-2023-2002)

Rocky Linux security update RLSA-2023:5312 CVE-2023-20900 A malicious actor that has been granted Guest Operation Privilegesin a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias Rocky Linux security updat...

7.8CVSS6.8AI score0.05794EPSS
Exploits7Affected Software1
Broadcom
Broadcom
added 2023/11/07 12:0 a.m.11 views

Integer overflow in the keycompare_mb function in sort.c in sort in GNU Coreutils through 8.23 (CVE-2015-4042)

Integer overflow in the keycomparemb function in sort.c in sort in GNU Coreutils through 8.23 might allow attackers to cause a denial of service application crash or possibly have unspecified other impact via long strings...

9.8CVSS7.7AI score0.02323EPSS
Exploits1
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.11 views

CVE-2021-23841: Null pointer deref in X509_issuer_and_serial_hash()

Security Advisory ID : BSA-2022-1303 Component : OpenSSL Revision : 1.0 The OpenSSL public API function X509issuerandserialhash attempts to create a unique hash value based on the issuer and serial number data contained within an X509 certificate. However it fails to correctly handle any errors...

5.9CVSS6.9AI score0.07471EPSS
Exploits0
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.11 views

CVE-2014-9984: nscd in the GNU C Library (aka glibc or libc6) before version 2.20 does not correctly compute the size of an internal buffer

Security Advisory ID : BSA-2022-607 Component : GNU C Library Revision : 1.1 nscd in the GNU C Library aka glibc or libc6 before version 2.20 does not correctly compute the size of an internal buffer when processing netgroup requests, possibly leading to an nscd daemon crash or code execution as...

9.8CVSS7.9AI score0.0444EPSS
Exploits2
Broadcom
Broadcom
added 2022/04/04 12:0 a.m.11 views

BSA-2022-1769

Security Advisory ID : BSA-2022-1769 Component : Spring Framework RCE Revision : 1.0 Brocade PSIRT has become aware ofan RCE vulnerability in the Spring Framework. A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution RCE via data binding. More...

9.8CVSS8AI score0.99677EPSS
Exploits102
Broadcom
Broadcom
added 2021/05/10 12:0 a.m.11 views

BSA-2020-948

Security Advisory ID : BSA-2020-948 Component : OpenSSL Revision : 1.0 Server or client applications that call the SSLcheckchain function during or after a TLS 1.3 handshake may crash due to a NULL pointer dereference as a result of incorrect handling of the "signaturealgorithmscert" TLS extensio...

7.5CVSS6.8AI score0.53336EPSS
Exploits2
Broadcom
Broadcom
added 2020/07/06 12:0 a.m.11 views

BSA-2020-1046

Security Advisory ID : BSA-2020-1046 Component : Apache Tomcat Revision : 1.0: Final When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory e.g. redirecting to '/foo/' when the user requested '/foo' a speciall...

4.3CVSS6.7AI score0.94494EPSS
Exploits3
Broadcom
Broadcom
added 2019/04/16 12:0 a.m.11 views

BSA-2019-783

Security Advisory ID : BSA-2019-783 Component : VPN Revision : 1.0: Final Virtual Private Networks VPNs are used to create a secure connection with another network over the internet. Multiple VPN applications store the authentication and/or session cookies insecurely in memory and/or log files...

2.5CVSS7AI score0.00275EPSS
Exploits0
Broadcom
Broadcom
added 2019/04/01 12:0 a.m.11 views

BSA-2018-616

Security Advisory ID : BSA-2018-616 Component : bzip2recover Revision : 2.0 The glob function in glob.c in the GNU C Library aka glibc or libc6 before 2.27 contains a buffer overflow during unescaping of user names with the operator. Affected Products Security update provided inBrocade Fabric OS...

9.8CVSS9.6AI score0.02801EPSS
Exploits0
Broadcom
Broadcom
added 2018/02/26 12:0 a.m.11 views

BSA-2018-564

Security Advisory ID : BSA-2018-564 Component : Oracle Java Revision : 1.1: update The January 2018 Critical Patch Update provides security updatesfor certain Oracle Java Platform software libraries. Java SE JDK and JRE versions through 6u171, 7u161, 8u152, and 9.0.1 are affected by vulnerabiliti...

8.3CVSS8.8AI score0.07525EPSS
Exploits0
Broadcom
Broadcom
added 2017/12/09 12:0 a.m.11 views

BSA-2018-588

Security Advisory ID : BSA-2018-588 Component : Apache Strusts2 Revision : 2.0: Final In Apache Struts 2.5 to 2.5.14, the REST Plugin is using an outdated JSON-lib library which is vulnerable and allow perform a DoS attack using malicious request with specially crafted JSON payload...

6.2CVSS7AI score0.04889EPSS
Exploits2
Broadcom
Broadcom
added 2017/11/17 12:0 a.m.11 views

BSA-2017-474

Security Advisory ID : BSA-2017-474 Component : Infineon RSA Library Revision : 2.0: Final The Infineon RSA library version 1.02.013 in Infineon Trusted Platform Module TPM firmware mishandles RSA key generation, which makes it easier for attackers to defeat various cryptographic protection...

5.9CVSS6.7AI score0.09825EPSS
Exploits0
Broadcom
Broadcom
added 2017/09/29 12:0 a.m.11 views

BSA-2017-444

Security Advisory ID : BSA-2017-444 Component : DENX Das U-Boot Revision : 3.0: Final Das U-Boot is a devicebootloader that can read its configuration from an AES encrypted file. For devices utilizing this environment encryption mode, U-Boot's use of a zero initialization vector and improper...

4.6CVSS6.6AI score0.00309EPSS
Exploits0
Broadcom
Broadcom
added 2017/09/08 12:0 a.m.11 views

BSA-2017-427

Security Advisory ID : BSA-2017-427 Component : Apache Struts 2 Revision : 2.0: Interim The REST Plugin in Apache Struts2 is usingaXStreamHandlerwith an instance ofXStreamfor deserialization without any type filtering which could lead to Remote Code Execution whendeserializingXML payloads. An...

8.1CVSS9.1AI score0.99461EPSS
Exploits23
Broadcom
Broadcom
added 2017/07/27 12:0 a.m.11 views

BSA-2017-500

Security Advisory ID : BSA-2017-500 Component : Apache HTTPD Revision : 1.0: Final It was discovered that the modsessioncrypto module of httpd did not use any mechanisms to verify integrity of the encrypted session data stored in the user's browser. A remote attacker could use this flaw to decryp...

7.5CVSS7.7AI score0.49024EPSS
Exploits4
Broadcom
Broadcom
added 2017/06/23 12:0 a.m.11 views

BSA-2017-318

Security Advisory ID : BSA-2017-318 Component : SSH1 Revision : 1.0: Interim The SSH-1 protocol allows remote servers to conduct man-in-the-middle attacks and replay a client challenge response to a target server by creating a Session ID that matches the Session ID of the target, but which uses a...

7.5CVSS6.9AI score0.06268EPSS
Exploits0
Broadcom
Broadcom
added 2015/02/13 12:0 a.m.11 views

BSA-2015-001

Summary Security Advisory ID : BSA-2015-001 Component : N/A Revision : 5.0 N/A...

10CVSS7.7AI score0.94859EPSS
Exploits29
Broadcom
Broadcom
added 2025/05/01 12:0 a.m.10 views

AMI Security Advisory AMI-SA-2025003 (CVE-2024-54084,CVE-2024-54085)

Brocade is aware of AMI Security Advisory AMI-SA202503 disclosing CVE-2024-54084, CVE-2024-54085. CVE-2024-54084 APTIOV contains a vulnerability in BIOS where an attacker may cause a Time-of-check Time-of-use TOCTOU Race Condition by local means. Successful exploitation of this vulnerability may...

10CVSS7.8AI score0.61202EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.10 views

Docker implementation in Brocade SANnav is missing Audit Rules. (CVE-2024-2240)

Docker daemon in Brocade SANnav before SANnav 2.3.1b runs without auditing. The vulnerability could allow a remote authenticated attacker to execute various attacks. Details. 'dockerd' is the Docker daemon/process that manages containers through the use of different binaries for the daemon and...

8.6CVSS7.1AI score0.00486EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.10 views

Weak TLS Ciphers on Brocade SANnav port 443 & 18082. (CVE-2024-10405)

Brocade SANnav before SANnav 2.3.1b enables weak TLS ciphers on ports 443 and 18082. In case of a successful exploit, an attacker can read Brocade SANnav data stream that includes monitored Brocade Fabric OS switches performance data, port status, zoninginformation, WWNs, IP Addresses, but no...

6.9CVSS6.8AI score0.00192EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.10 views

Clear text password seen in switch-asset-collectors-mw in Brocade SANnav supportsave (CVE-2024-10404)

CalInvocationHandler in Brocade SANnav before 2.3.1b logs sensitive information in clear text. The vulnerability could allow an authenticated, local attacker to view Brocade Fabric OS switch sensitive information in clear text. An attacker with administrative privileges could retrieve sensitive...

5.5CVSS6.2AI score0.00107EPSS
Exploits0
Broadcom
Broadcom
added 2025/02/13 12:0 a.m.10 views

PostgreSQL Vulnerable to Privileged Execution of Arbitrary SQL due to Late Privilege Drop in 'REFRESH MATERIALIZED VIEW CONCURRENTLY'

An authenticated attacker that has created a materialized view could run arbitrary SQL commands on a PostgreSQL server if a victim runs REFRESH MATERIALIZED VIEW CONCURRENTLY on the attacker's view. If the victim is a superuser this could result in full compromise of the PostgreSQL server...

8CVSS7.7AI score0.01465EPSS
Exploits0
Broadcom
Broadcom
added 2024/11/02 12:0 a.m.10 views

Container vulnerabilities in Brocade SANnav docker containers (CVE-2024-23653 & CVE-2024-21626)

Brocade Security is aware of multiple vulnerabilities affecting Brocade SANnav docker container CVE-2024-23653 & CVE-2024-21626. CVE-2024-23653: Interactive containers API does not validate entitlements check. Description: Buildkit GRPC Security Mode privilege check: Build-time container breakout...

9.8CVSS7.5AI score0.18087EPSS
Exploits18
Broadcom
Broadcom
added 2024/11/02 12:0 a.m.10 views

Oracle Critical Patch Update Advisory - January 2024 (CVE-2024-20952, CVE-2024-20945, CVE-2024-20926, CVE-2024-20921, CVE-2024-20919, CVE-2024-20918)

Brocade SANnav has provided a Security update for the JAVA vulnerabilities below. CVE-2024-20952 CVE-2024-20945 CVE-2024-20926 CVE-2024-20921 CVE-2024-20919 CVE-2024-20918...

7.4CVSS7.1AI score0.01026EPSS
Exploits0
Broadcom
Broadcom
added 2024/11/02 12:0 a.m.10 views

Azul Zulu Java Multiple Vulnerabilities (2023-10-17). (CVE-2023-22025, CVE-2023-22067, CVE-2023-22081)

The version of Azul Zulu installed on the remote host is prior to 6 6.59.0.14 / 7 7.65.0.14 / 8 8.73.0.12 / 11 11.67.16 / 17 17.45.16 / 21 21.30.16. It is, therefore, affected by multiple vulnerabilities as referenced in the 2023-10-17 advisory. Vulnerability in the Oracle Java SE, Oracle GraalVM...

5.3CVSS5.9AI score0.014EPSS
Exploits0
Broadcom
Broadcom
added 2024/09/24 12:0 a.m.10 views

Blast-RADIUS is a vulnerability that affects the RADIUS protocol (CVE-2024-3596)

A vulnerability in the verification of RADIUS Response from a RADIUS server has been disclosed by a team of researchers from UC San Diego and their partners. An attacker, with access to the network where the RADIUS protocol is being transmitted, can spoof a UDP-based RADIUS Response packet to...

9CVSS6.7AI score0.14859EPSS
Exploits2
Broadcom
Broadcom
added 2024/07/30 12:0 a.m.10 views

Multiple Vulnerabilities within libexpat (CVE-2018-20843, CVE-2019-15903, CVE-2021-46143, CVE-2022-22825, CVE-2022-23990)

Summary CVE-2018-20843 In libexpat in Expat before 2.2.7, XML input including XML names that contain a large number of colons could make the XML parser consume a high amount of RAM and CPU resources while processing enough to be usable for denial-of-service attacks. Base CVSS score: 7.5...

8.8CVSS7.3AI score0.07107EPSS
Exploits3
Broadcom
Broadcom
added 2024/04/25 12:0 a.m.10 views

Insecure sannav access using undocumented Brocade SANnav user "sannav" (no CVE)

An external researcher made a claim that an undocumented "sannav" user with a default password existed in Brocade SANnav OVA v2.1.1 Brocade Response The "sannav" user is documented in the Brocade® SANnav™ Management Portal Installation and Migration Guide, 2.1.1x...

7AI score
Exploits0
Broadcom
Broadcom
added 2023/08/29 12:0 a.m.10 views

Oracle Java SE Multiple Vulnerabilities (Apr 2022 CPU update) CVE-2022-21449 CVE-2022-21476 CVE-2022-21426

The version of Oracle formerly Sun Java SE or Java for Business installed on the remote host is affected by multiple vulnerabilities as referenced in the April 2022 CPU advisory: - Vulnerability in the Oracle Java SE, Oracle GraalVM Enterprise Edition product of Oracle Java SE component:...

7.5CVSS6.8AI score0.48235EPSS
Exploits6
Broadcom
Broadcom
added 2022/09/13 12:0 a.m.10 views

CVE-2020-29371: An issue was discovered in romfs_dev_read in fs/romfs/storage.c

Security Advisory ID : BSA-2022-1195 Component : Kernel Revision : 1.0 An issue was discovered in romfsdevread in fs/romfs/storage.c in the Linux kernel before 5.8.4. Uninitialized memory leaks to userspace, aka CID-bcf85fcedfdd. Notes: Brocade Fabric OS does not utilize the problematic code...

3.3CVSS6.5AI score0.0069EPSS
Exploits1
Total number of security vulnerabilities879