Solidfire Baseboard Management Controller Security Vulnerabilities and Issues — Solidfire Baseboard Management Controller CVE List

Lucene search

NetappSolidfire Baseboard Management Controller

9 matches found

CVE•added 2020/02/06 1:15 a.m.•454 views

CVE-2020-8648

There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.

7.1CVSS7AI score0.0003EPSS

CVE•added 2020/05/05 7:15 a.m.•431 views

CVE-2020-12659

An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.

7.2CVSS6.5AI score0.00143EPSS

CVE•added 2020/12/06 12:15 a.m.•346 views

CVE-2020-29573

sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00...

7.5CVSS7.6AI score0.001EPSS

CVE•added 2020/04/29 6:15 p.m.•335 views

CVE-2020-12464

usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.

7.2CVSS6.6AI score0.00089EPSS

CVE•added 2020/12/11 5:15 a.m.•321 views

CVE-2020-27786

A flaw was found in the Linux kernel’s implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change a...

7.8CVSS8.6AI score0.12248EPSS

CVE•added 2020/04/29 1:15 p.m.•245 views

CVE-2020-11884

In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.

7CVSS6.6AI score0.0011EPSS

CVE•added 2020/04/29 7:15 p.m.•162 views

CVE-2020-12465

An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.

7.2CVSS6.6AI score0.00169EPSS

CVE•added 2020/07/20 7:15 p.m.•72 views

CVE-2020-15852

An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps...

7.8CVSS7.3AI score0.0016EPSS

CVE•added 2020/09/10 2:15 p.m.•64 views

CVE-2020-25221

get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit p...

7.8CVSS7.5AI score0.00193EPSS