Lucene search
K
NetappSolidfire Baseboard Management Controller

32 matches found

CVE
CVE
added 2021/07/07 11:20 a.m.854 views

CVE-2021-22555

CVE-2021-22555 is a Linux kernel heap out-of-bounds write vulnerability in net/netfilter/x_tables.c, dating to 2.6.19-rc1. The issue allows a local attacker to gain privileges or cause a DoS via heap memory corruption in the username space. Public sources in the connected docs confirm the vulnera...

8.3CVSS8.3AI score0.78684EPSS
In wild
CVE
CVE
added 2020/02/06 12:6 a.m.516 views

CVE-2020-8648

CVE-2020-8648 is a use-after-free in the Linux kernel’s n_tty_receive_buf_common function (drivers/tty/n_tty.c), affecting kernel builds up to 5.5.2. It is a local vulnerability; exploitation could crash the kernel (DoS), with CVSS notes indicating local access and high impact on availability. Co...

7.1CVSS7AI score0.00661EPSS
CVE
CVE
added 2020/05/05 6:13 a.m.505 views

CVE-2020-12659

Concrete details found: CVE-2020-12659 affects the Linux kernel before 5.6.7. The vulnerability is an out-of-bounds write in xdp_umem_reg() of net/xdp/xdp_umem.c, exploitable by a user with CAP_NET_ADMIN due to missing headroom validation. Impact described across connected docs includes potential...

7.2CVSS6.5AI score0.00707EPSS
CVE
CVE
added 2019/12/28 4:7 a.m.454 views

CVE-2019-20054

CVE-2019-20054 affects the Linux kernel prior to 5.0.6, with a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c (related to put_links, CID-23da9588037e). The fix is included in kernel 5.0.6 (and later). Public exploit details are not provided in the supplied documents. Rec...

5.5CVSS6.5AI score0.00477EPSS
CVE
CVE
added 2019/12/08 12:48 a.m.448 views

CVE-2019-19447

CVE-2019-19447 is a Linux kernel 5.0.21 flaw where mounting a crafted ext4 filesystem image can trigger a use-after-free in ext4_put_super (fs/ext4/super.c, related to dump_orphan_list). Reports in multiple connected sources corroborate a local, post-authentication impact with potential arbitrary...

7.8CVSS8AI score0.03539EPSS
CVE
CVE
added 2019/08/19 9:45 p.m.443 views

CVE-2019-15221

CVE-2019-15221 affects the Linux kernel up to version 5.1.17. A NULL pointer dereference can be triggered by a malicious USB device via the sound/usb/line6/pcm.c driver, leading to denial of service or system instability. Affected component is the kernel sound USB Line6 PCM driver; root cause is ...

4.9CVSS6AI score0.00712EPSS
CVE
CVE
added 2019/08/19 9:45 p.m.410 views

CVE-2019-15220

CVE-2019-15220 affects the Linux kernel prior to 5.2.1 and involves a use-after-free in the p54usb.c driver caused by a malicious USB device. The issue can lead to a denial of service via kernel memory corruption when a vulnerable USB device is connected to drivers/net/wireless/intersil/p54. The ...

4.9CVSS6AI score0.00756EPSS
CVE
CVE
added 2021/05/27 12:0 a.m.410 views

CVE-2021-33200

CVE-2021-33200 affects the Linux kernel’s eBPF verifier (kernel/bpf/verifier.c) where incorrect limits for pointer arithmetic operations allow out-of-bounds reads/writes in kernel memory, enabling local privilege escalation to root. The issue exists in kernels up to 5.12.7 (upstream). The root ca...

7.8CVSS7.5AI score0.00377EPSS
CVE
CVE
added 2019/08/19 9:46 p.m.397 views

CVE-2019-15217

The CVE-2019-15217 entry concerns a NULL pointer dereference in the Linux kernel before 5.2.3, triggered by a malicious USB device via the zr364xx USB driver (drivers/media/usb/zr364xx/zr364xx.c). The issue can lead to a denial of service on a physical USB attack vector. Public references indicat...

4.9CVSS6.1AI score0.0068EPSS
CVE
CVE
added 2020/04/29 5:59 p.m.388 views

CVE-2020-12464

CVE-2020-12464 is a Linux kernel use-after-free in the USB core path. The vulnerability stems from usb_sg_cancel in drivers/usb/core/message.c where a transfer can occur without a proper reference, enabling a local attacker to potentially crash or execute code. Connected documents confirm this is...

7.2CVSS6.6AI score0.00802EPSS
CVE
CVE
added 2020/12/05 11:18 p.m.387 views

CVE-2020-29573

CVE-2020-29573 affects the GNU C Library (glibc) on x86, where sysdeps/i386/ldbl2mpn.c allows a stack-based buffer overflow when a printf-family input is an 80-bit long double with a non-canonical pattern (example: 0x0004000000000000000000000000000000000004 passed to sprintf). Public notes indica...

7.5CVSS7.6AI score0.02765EPSS
CVE
CVE
added 2020/12/11 4:5 a.m.379 views

CVE-2020-27786

CVE-2020-27786 affects the Linux kernel MIDI subsystem (rawmidi) with a use-after-free in the MIDI ioctl handling path. A local attacker with access to issue ioctl commands to MIDI devices could trigger memory corruption, potentially enabling privilege escalation. Public documentation in connecte...

7.8CVSS8.6AI score0.01659EPSS
CVE
CVE
added 2019/12/23 11:12 p.m.374 views

CVE-2019-19947

CVE-2019-19947 affects the Linux kernel up to version 5.4.6, where the kvaser_usb_leaf.c driver (drivers/net/can/usb/kvaser_usb) leaks information from uninitialized memory to a USB device (CID-da2311a6385c). Connected advisories corroborate this kernel info-leak issue and link it to the Kvaser C...

4.6CVSS5.1AI score0.00493EPSS
CVE
CVE
added 2019/08/19 9:45 p.m.337 views

CVE-2019-15219

This CVE (CVE-2019-15219) affects the Linux kernel prior to 5.1.8. Description confirms a NULL pointer dereference caused by a malicious USB device in drivers/usb/misc/sisusbvga/sisusb.c, enabling local hardware interaction to crash the system. Connected advisories (Unity Linux UTSA-2026-003808 a...

4.9CVSS5.9AI score0.00712EPSS
CVE
CVE
added 2021/09/19 4:2 p.m.320 views

CVE-2021-41073

The CVE-2021-41073 issue affects the Linux kernel (affected versions 5.10 to 5.14.6) where loop_rw_iter in fs/io_uring.c can be abused via IORING_OP_PROVIDE_BUFFERS to trigger a use-after-free of a kernel buffer, enabling local privilege escalation. Exploitation relies on reading /proc//maps and ...

7.8CVSS7.2AI score0.01692EPSS
CVE
CVE
added 2019/12/25 3:1 a.m.316 views

CVE-2019-19966

CVE-2019-19966 affects the Linux kernel prior to 5.1.6, where a use-after-free in cpia2_exit() (drivers/media/usb/cpia2/cpia2_v4l.c) can lead to denial of service. Connected advisories (Unity Linux UTSA-2026-004036 and related Nessus plugins) reference the same issue and note a fix in kernel 5.1....

4.6CVSS6.1AI score0.00632EPSS
CVE
CVE
added 2021/02/05 7:41 a.m.312 views

CVE-2021-26708

CVE-2021-26708 describes a local privilege-escalation in the Linux kernel prior to 5.10.13 caused by race conditions in AF_VSOCK (net/vmw_vsock/af_vsock.c) related to wrong locking during VSOCK multi-transport changes. The vulnerability can be exploited via use-after-free primitives in the vsock_...

7CVSS6.6AI score0.01602EPSS
Web
CVE
CVE
added 2019/08/19 9:46 p.m.311 views

CVE-2019-15216

CVE-2019-15216 affects the Linux kernel prior to 5.0.14, with a NULL pointer dereference triggered by a malicious USB device in drivers/usb/misc/yurex.c. Exploitation could cause a denial of service; impact is indicated as HIGH for availability. A fix is available in kernel 5.0.14 and later. Reme...

4.9CVSS6AI score0.00693EPSS
CVE
CVE
added 2019/08/19 9:46 p.m.309 views

CVE-2019-15218

CVE-2019-15218: Linux kernel before 5.1.8 contains a NULL pointer dereference in drivers/media/usb/siano/smsusb.c triggered by a malicious USB device. Affected is the Linux kernel version range up to 5.1.7; exploitation could lead to a crash or denial of service on affected systems. Remediation i...

4.9CVSS6.1AI score0.00839EPSS
CVE
CVE
added 2020/04/29 12:7 p.m.294 views

CVE-2020-11884

CVE-2020-11884 affects the Linux kernel on s390x (versions 4.19–5.6.7). The issue is a race in enable_sacf_uaccess (arch/s390/lib/uaccess.c) that fails to protect against a concurrent page table upgrade (CID-3f777e19d171), potentially allowing code execution or a crash. The initial documents do n...

7CVSS6.6AI score0.00397EPSS
CVE
CVE
added 2019/08/19 9:47 p.m.293 views

CVE-2019-15212

CVE-2019-15212 describes a vulnerability in the Linux kernel prior to 5.1.8 where a malicious USB device can trigger a double-free in drivers/usb/misc/rio500.c. This is a local/physical-access issue with potential impact to availability as per CVSS metrics shown. The connected Unity Nessus adviso...

4.9CVSS5.9AI score0.00767EPSS
CVE
CVE
added 2019/12/22 7:7 p.m.293 views

CVE-2019-19922

CVE-2019-19922 affects the Linux kernel sched subsystem (kernel/sched/fair.c) and is triggered when cpu.cfs_quota_us is in use (e.g., with Kubernetes). The issue allows a local attacker to cause a denial of service for non–CPU-bound applications by generating work that triggers slice expiration, ...

5.5CVSS6.4AI score0.00949EPSS
CVE
CVE
added 2019/08/19 9:47 p.m.277 views

CVE-2019-15211

CVE-2019-15211 : Linux kernel before 5.2.6 contains a use-after-free in drivers/media/v4l2-core/v4l2-dev.c triggered by a malicious USB device; the issue is tied to memory allocation in drivers/media/radio/radio-raremono.c. Evidence from multiple Nessus/SUSE/OpenOpen advisories confirms the descr...

4.9CVSS6AI score0.00756EPSS
CVE
CVE
added 2019/08/19 9:47 p.m.274 views

CVE-2019-15213

CVE-2019-15213: Linux kernel before 5.2.3 contains a use-after-free in the DVB‑USB driver (drivers/media/usb/dvb-usb/dvb-usb-init.c) triggered by a malicious USB device. The issue is limited to the kernel plasma stack in this component and is mitigated by upgrading to kernel 5.2.3 or newer, per t...

4.9CVSS6AI score0.00624EPSS
CVE
CVE
added 2021/05/26 11:25 a.m.262 views

CVE-2020-25669

CVE-2020-25669 is a Linux kernel use-after-free in sunkbd_reinit triggered after sunkbd interrupts and before freed; an alias remains after NULLing in sinkbd_disconnect, enabling a use-after-free condition. Documents indicate this is a kernel issue with local impact, potentially causing a crash o...

7.8CVSS7.7AI score0.00627EPSS
CVE
CVE
added 2019/08/19 9:46 p.m.260 views

CVE-2019-15215

The CVE-2019-15215 issue is a use-after-free in the Linux kernel, caused by a malicious USB device via the cpia2_usb.c driver (drivers/media/usb/cpia2). Affected: kernel versions before 5.2.6. Impact: potential local denial of service or privilege issues due to use-after-free in USB cpia2 handlin...

4.9CVSS6AI score0.00762EPSS
CVE
CVE
added 2019/08/19 9:45 p.m.241 views

CVE-2019-15222

CVE-2019-15222 entry is rejected/not used and not an active vulnerability.

4.9CVSS5.9AI score0.00603EPSS
CVE
CVE
added 2020/04/29 6:52 p.m.228 views

CVE-2020-12465

CVE-2020-12465: An array overflow in mt76_add_fragment (drivers/net/wireless/mediatek/mt76/dma.c) of the Linux kernel before 5.5.10 can cause memory corruption by an oversized packet with too many RX fragments. The issue is documented in the Uniti/Miracle Linux advisories referencing CVE-2020-124...

7.2CVSS6.6AI score0.00382EPSS
CVE
CVE
added 2019/11/29 3:55 p.m.208 views

CVE-2019-19377

CVE-2019-19377 concerns Linux kernel 5.0.21 where mounting a crafted btrfs image, performing actions, and unmounting can trigger a use-after-free in btrfs_queue_work (fs/btrfs/async-thread.c). Connected Nessus advisories for Unity Linux (UTSA-2026-004393) reiterate this, tying the issue to kernel...

7.8CVSS7.1AI score0.034EPSS
CVE
CVE
added 2019/08/19 9:45 p.m.164 views

CVE-2019-15223

CVE-2019-15223 affects the Linux kernel up to version 5.1.7 where a NULL pointer dereference can be triggered by a malicious USB device in the sound/usb/line6/driver.c driver. This is a local physical attack vector through USB, potentially causing a kernel crash by dereferencing a NULL pointer. T...

4.9CVSS5.9AI score0.006EPSS
CVE
CVE
added 2020/07/20 6:54 p.m.93 views

CVE-2020-15852

CVE-2020-15852 affects Linux kernel 5.5–5.7.9 (and Xen via 4.13.x for x86 PV guests). The issue stems from mishandling of tss_invalidate_io_bitmap, causing desynchronization between TSS I/O bitmaps and Xen, which may let an attacker gain I/O port permissions of an unrelated task. Public advisorie...

7.8CVSS7.3AI score0.00325EPSS
CVE
CVE
added 2020/09/10 1:39 p.m.88 views

CVE-2020-25221

CVE-2020-25221 affects Linux kernel 5.7.x and 5.8.x before 5.8.7. The vulnerability arises in get_gate_page() implemented in mm/gup.c, due to incorrect reference counting of the backing struct page for the vsyscall page, causing a refcount underflow. It can be triggered by any 64-bit process that...

7.8CVSS7.5AI score0.00668EPSS