Solidfire Baseboard Management Controller Firmware Security Vulnerabilities and Issues — Solidfire Baseboard Management Controller Firmware CVE List

Lucene search

NetappSolidfire Baseboard Management Controller Firmware

12 matches found

CVE•added 2021/05/26 11:15 a.m.•512 views

CVE-2021-22543

An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and ca...

8.7CVSS7.6AI score0.00005EPSS

CVE•added 2021/05/10 10:15 p.m.•479 views

CVE-2021-32399

net/bluetooth/hci_request.c in the Linux kernel through 5.12.2 has a race condition for removal of the HCI controller.

7CVSS7AI score0.00077EPSS

CVE•added 2021/05/25 10:15 p.m.•314 views

CVE-2021-33574

The mq_notify function in the GNU C Library (aka glibc) versions 2.32 and 2.33 has a use-after-free. It may use the notification thread attributes object (passed through its struct sigevent parameter) after it has been freed by the caller, leading to a denial of service (application crash) or possi...

9.8CVSS8.7AI score0.00129EPSS

CVE•added 2021/05/25 8:15 p.m.•288 views

CVE-2020-25672

A memory leak vulnerability was found in Linux kernel in llcp_sock_connect

7.5CVSS7.3AI score0.01286EPSS

CVE•added 2021/05/26 11:15 a.m.•278 views

CVE-2020-25671

A vulnerability was found in Linux Kernel, where a refcount leak in llcp_sock_connect() causing use-after-free which might lead to privilege escalations.

7.8CVSS7.6AI score0.00131EPSS

CVE•added 2021/05/26 11:15 a.m.•259 views

CVE-2020-25670

A vulnerability was found in Linux Kernel where refcount leak in llcp_sock_bind() causing use-after-free which might lead to privilege escalations.

7.8CVSS7.7AI score0.00044EPSS

CVE•added 2021/05/21 3:15 p.m.•259 views

CVE-2021-31440

This vulnerability allows local attackers to escalate privileges on affected installations of Linux Kernel 5.11.15. An attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability. The specific flaw exists within the handling of e...

8.8CVSS7.4AI score0.01589EPSS

CVE•added 2021/05/26 11:15 a.m.•238 views

CVE-2020-25673

A vulnerability was found in Linux kernel where non-blocking socket in llcp_sock_connect() leads to leak and eventually hanging-up the system.

5.5CVSS6.1AI score0.00136EPSS

CVE•added 2021/05/26 12:15 p.m.•235 views

CVE-2020-25668

A flaw was found in Linux Kernel because access to the global variable fg_console is not properly synchronized leading to a use after free in con_font_op.

7CVSS7.4AI score0.00132EPSS

CVE•added 2021/05/06 3:15 p.m.•213 views

CVE-2020-35519

An out-of-bounds (OOB) memory access flaw was found in x25_bind in net/x25/af_x25.c in the Linux kernel version v5.12-rc5. A bounds check failure allows a local attacker with a user account on the system to gain access to out-of-bounds memory, leading to a system crash or a leak of internal kernel ...

7.8CVSS7.6AI score0.00125EPSS

CVE•added 2021/05/06 1:15 p.m.•176 views

CVE-2021-3501

A flaw was found in the Linux kernel in versions before 5.12. The value of internal.ndata, in the KVM API, is mapped to an array index, which can be updated by a user process at anytime which could lead to an out-of-bounds write. The highest threat from this vulnerability is to data integrity and s...

7.1CVSS6.3AI score0.00042EPSS

CVE•added 2021/05/14 11:15 p.m.•131 views

CVE-2019-25044

The block subsystem in the Linux kernel before 5.2 has a use-after-free that can lead to arbitrary code execution in the kernel context and privilege escalation, aka CID-c3e2219216c9. This is related to blk_mq_free_rqs and blk_cleanup_queue.

7.8CVSS7.6AI score0.00133EPSS