NetApp Solidfire Baseboard Management Controller
By the Year
In 2024 there have been 0 vulnerabilities in NetApp Solidfire Baseboard Management Controller . Solidfire Baseboard Management Controller did not have any published security vulnerabilities last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 0 | 0.00 |
| 2022 | 0 | 0.00 |
| 2021 | 5 | 7.64 |
| 2020 | 9 | 7.23 |
| 2019 | 18 | 5.06 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Solidfire Baseboard Management Controller vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent NetApp Solidfire Baseboard Management Controller Security Vulnerabilities
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6
CVE-2021-41073
7.8 - High
- September 19, 2021
loop_rw_iter in fs/io_uring.c in the Linux kernel 5.10 through 5.14.6 allows local users to gain privileges by using IORING_OP_PROVIDE_BUFFERS to trigger a free of a kernel buffer, as demonstrated by using /proc/<pid>/maps for exploitation.
Release of Invalid Pointer or Reference
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579
CVE-2021-33200
7.8 - High
- May 27, 2021
kernel/bpf/verifier.c in the Linux kernel through 5.12.7 enforces incorrect limits for pointer arithmetic operations, aka CID-bb01a1bba579. This can be abused to perform out-of-bounds reads and writes in kernel memory, leading to local privilege escalation to root. In particular, there is a corner case where the off reg causes a masking direction change, which then results in an incorrect final aux->alu_limit.
Memory Corruption
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed
CVE-2020-25669
7.8 - High
- May 26, 2021
A vulnerability was found in the Linux Kernel where the function sunkbd_reinit having been scheduled by sunkbd_interrupt before sunkbd being freed. Though the dangling pointer is set to NULL in sunkbd_disconnect, there is still an alias in sunkbd_reinit causing Use After Free.
Dangling pointer
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM
CVE-2021-22543
7.8 - High
- May 26, 2021
An issue was discovered in Linux: KVM through Improper handling of VM_IO|VM_PFNMAP vmas in KVM can bypass RO checks and can lead to pages being freed while still accessible by the VMM and guest. This allows users with the ability to start and control a VM to read/write random pages of memory and can result in local privilege escalation.
Buffer Overflow
A local privilege escalation was discovered in the Linux kernel before 5.10.13
CVE-2021-26708
7 - High
- February 05, 2021
A local privilege escalation was discovered in the Linux kernel before 5.10.13. Multiple race conditions in the AF_VSOCK implementation are caused by wrong locking in net/vmw_vsock/af_vsock.c. The race conditions were implicitly introduced in the commits that added VSOCK multi-transport support.
Improper Locking
A flaw was found in the Linux kernels implementation of MIDI
CVE-2020-27786
7.8 - High
- December 11, 2020
A flaw was found in the Linux kernels implementation of MIDI, where an attacker with a local account and the permissions to issue ioctl commands to midi devices could trigger a use-after-free issue. A write to this specific memory while freed and before use causes the flow of execution to change and possibly allow for memory corruption or privilege escalation. The highest threat from this vulnerability is to confidentiality, integrity, as well as system availability.
Dangling pointer
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-
CVE-2020-29573
7.5 - High
- December 06, 2020
sysdeps/i386/ldbl2mpn.c in the GNU C Library (aka glibc or libc6) before 2.23 on x86 targets has a stack-based buffer overflow if the input to any of the printf family of functions is an 80-bit long double with a non-canonical bit pattern, as seen when passing a \x00\x04\x00\x00\x00\x00\x00\x00\x00\x04 value to sprintf. NOTE: the issue does not affect glibc by default in 2016 or later (i.e., 2.23 or later) because of commits made in 2015 for inlining of C99 math functions through use of GCC built-ins. In other words, the reference to 2.23 is intentional despite the mention of "Fixed for glibc 2.33" in the 26649 reference.
Memory Corruption
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page
CVE-2020-25221
7.8 - High
- September 10, 2020
get_gate_page in mm/gup.c in the Linux kernel 5.7.x and 5.8.x before 5.8.7 allows privilege escalation because of incorrect reference counting (caused by gate page mishandling) of the struct page that backs the vsyscall page. The result is a refcount underflow. This can be triggered by any 64-bit process that can use ptrace() or process_vm_readv(), aka CID-9fa2dd946743.
Operation on a Resource after Expiration or Release
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests
CVE-2020-15852
7.8 - High
- July 20, 2020
An issue was discovered in the Linux kernel 5.5 through 5.7.9, as used in Xen through 4.13.x for x86 PV guests. An attacker may be granted the I/O port permissions of an unrelated task. This occurs because tss_invalidate_io_bitmap mishandling causes a loss of synchronization between the I/O bitmaps of TSS and Xen, aka CID-cadfad870154.
Incorrect Default Permissions
An issue was discovered in the Linux kernel before 5.6.7
CVE-2020-12659
6.7 - Medium
- May 05, 2020
An issue was discovered in the Linux kernel before 5.6.7. xdp_umem_reg in net/xdp/xdp_umem.c has an out-of-bounds write (by a user with the CAP_NET_ADMIN capability) because of a lack of headroom validation.
Memory Corruption
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10
CVE-2020-12465
6.7 - Medium
- April 29, 2020
An array overflow was discovered in mt76_add_fragment in drivers/net/wireless/mediatek/mt76/dma.c in the Linux kernel before 5.5.10, aka CID-b102f0c522cf. An oversized packet with too many rx fragments can corrupt memory of adjacent pages.
Classic Buffer Overflow
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free
CVE-2020-12464
6.7 - Medium
- April 29, 2020
usb_sg_cancel in drivers/usb/core/message.c in the Linux kernel before 5.6.8 has a use-after-free because a transfer occurs without a reference, aka CID-056ad39ee925.
Dangling pointer
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c
CVE-2020-11884
7 - High
- April 29, 2020
In the Linux kernel 4.19 through 5.6.7 on the s390 platform, code execution may occur because of a race condition, as demonstrated by code in enable_sacf_uaccess in arch/s390/lib/uaccess.c that fails to protect against a concurrent page table upgrade, aka CID-3f777e19d171. A crash could also occur.
Race Condition
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
CVE-2020-8648
7.1 - High
- February 06, 2020
There is a use-after-free vulnerability in the Linux kernel through 5.5.2 in the n_tty_receive_buf_common function in drivers/tty/n_tty.c.
Dangling pointer
In the Linux kernel before 5.0.6
CVE-2019-20054
5.5 - Medium
- December 28, 2019
In the Linux kernel before 5.0.6, there is a NULL pointer dereference in drop_sysctl_table() in fs/proc/proc_sysctl.c, related to put_links, aka CID-23da9588037e.
NULL Pointer Dereference
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c
CVE-2019-19966
4.6 - Medium
- December 25, 2019
In the Linux kernel before 5.1.6, there is a use-after-free in cpia2_exit() in drivers/media/usb/cpia2/cpia2_v4l.c that will cause denial of service, aka CID-dea37a972655.
Dangling pointer
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/
CVE-2019-19947
4.6 - Medium
- December 24, 2019
In the Linux kernel through 5.4.6, there are information leaks of uninitialized memory to a USB device in the drivers/net/can/usb/kvaser_usb/kvaser_usb_leaf.c driver, aka CID-da2311a6385c.
Use of Uninitialized Resource
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g
CVE-2019-19922
5.5 - Medium
- December 22, 2019
kernel/sched/fair.c in the Linux kernel before 5.3.9, when cpu.cfs_quota_us is used (e.g., with Kubernetes), allows attackers to cause a denial of service against non-cpu-bound applications by generating a workload that triggers unwanted slice expiration, aka CID-de53fd7aedb1. (In other words, although this slice expiration would typically be seen with benign workloads, it is possible that an attacker could calculate how many stray requests are required to force an entire Kubernetes cluster into a low-performance state caused by slice expiration, and ensure that a DDoS attack sent that number of stray requests. An attack does not affect the stability of the kernel; it only causes mismanagement of application execution.)
Resource Exhaustion
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting
CVE-2019-19447
7.8 - High
- December 08, 2019
In the Linux kernel 5.0.21, mounting a crafted ext4 filesystem image, performing some operations, and unmounting can lead to a use-after-free in ext4_put_super in fs/ext4/super.c, related to dump_orphan_list in fs/ext4/super.c.
Dangling pointer
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting
CVE-2019-19377
7.8 - High
- November 29, 2019
In the Linux kernel 5.0.21, mounting a crafted btrfs filesystem image, performing some operations, and unmounting can lead to a use-after-free in btrfs_queue_work in fs/btrfs/async-thread.c.
Dangling pointer
An issue was discovered in the Linux kernel before 5.0.14
CVE-2019-15216
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.0.14. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/yurex.c driver.
NULL Pointer Dereference
An issue was discovered in the Linux kernel before 5.2.3
CVE-2019-15213
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.2.3. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/dvb-usb/dvb-usb-init.c driver.
Dangling pointer
An issue was discovered in the Linux kernel before 5.1.8
CVE-2019-15212
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.1.8. There is a double-free caused by a malicious USB device in the drivers/usb/misc/rio500.c driver.
Double-free
An issue was discovered in the Linux kernel before 5.2.6
CVE-2019-15215
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/usb/cpia2/cpia2_usb.c driver.
Dangling pointer
An issue was discovered in the Linux kernel before 5.2.6
CVE-2019-15211
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.2.6. There is a use-after-free caused by a malicious USB device in the drivers/media/v4l2-core/v4l2-dev.c driver because drivers/media/radio/radio-raremono.c does not properly allocate memory.
Dangling pointer
An issue was discovered in the Linux kernel before 5.2.3
CVE-2019-15217
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.2.3. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/zr364xx/zr364xx.c driver.
NULL Pointer Dereference
An issue was discovered in the Linux kernel before 5.1.8
CVE-2019-15218
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/media/usb/siano/smsusb.c driver.
NULL Pointer Dereference
An issue was discovered in the Linux kernel before 5.1.8
CVE-2019-15219
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the drivers/usb/misc/sisusbvga/sisusb.c driver.
NULL Pointer Dereference
An issue was discovered in the Linux kernel before 5.2.1
CVE-2019-15220
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.2.1. There is a use-after-free caused by a malicious USB device in the drivers/net/wireless/intersil/p54/p54usb.c driver.
Dangling pointer
An issue was discovered in the Linux kernel before 5.1.17
CVE-2019-15221
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.1.17. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/pcm.c driver.
NULL Pointer Dereference
An issue was discovered in the Linux kernel before 5.2.8
CVE-2019-15222
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.2.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/helper.c (motu_microbookii) driver.
NULL Pointer Dereference
An issue was discovered in the Linux kernel before 5.1.8
CVE-2019-15223
4.6 - Medium
- August 19, 2019
An issue was discovered in the Linux kernel before 5.1.8. There is a NULL pointer dereference caused by a malicious USB device in the sound/usb/line6/driver.c driver.
NULL Pointer Dereference
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Canonical Ubuntu Linux or by NetApp? Click the Watch button to subscribe.
