What are you looking for ?
Mobile Search Icon
Mobile Menu Icon
Advertise with us
RAIDON

NetApp Published 4 Security Advisories Concerning Linux Kernel Vulnerability

Affected products including HCI Baseboard Management Controller - H300S/H500S/H700S/H410S and HCI Baseboard Management Controller - H410C

This is a Press Release edited by StorageNewsletter.com on September 28, 2023 at 2:00 pm

NetApp Inc. had published 4 security advisories concerning Linux kernel vulnerability.

CVE-2022-4744 Linux kernel vulnerability in NetApp products    
This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding full support products and versions.

Advisory ID: NTAP-20230526-0009
Version: 4.0
Last updated: 09/18/2023
Status: Final.
CVEs: CVE-2022-4744

Summary
Multiple NetApp products incorporate Linux kernel. Linux kernel versions prior to 5.16-rc7 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Affected products

  • NetApp HCI Baseboard Management Controller (BMC) – H300S/H500S/H700S/H410S

  • NetApp HCI Baseboard Management Controller (BMC) – H410C

Impact
Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Vulnerability scoring details

CVE

Score

Vector

CVE-2022-4744

7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation and public announcements
NetApp is aware of public discussion of this vulnerability.

Reference link

CVE-2023-1670 Linux kernel vulnerability in NetApp products     
This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding Full Support products and versions.

Advisory ID:
NTAP-20230526-0010
Version: 4.0
Last updated: 09/18/2023
Status: Final. CVEs: CVE-2023-1670

Summary
Multiple NetApp products incorporate Linux kernel. Linux kernel versions prior to 6.3-rc4 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Affected products

  • NetApp HCI Baseboard Management Controller (BMC) – H300S/H500S/H700S/H410S

  • NetApp HCI Baseboard Management Controller (BMC) – H410C

Impact
Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Vulnerability scoring details

CVE

Score

Vector

CVE-2023-1670

7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation and public announcements
NetApp is aware of public discussion of this vulnerability.

Reference link

CVE-2023-31436 Linux kernel vulnerability in NetApp products    
This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding Full Support products and versions.

Advisory ID: NTAP-20230609-0001
Version: 5.0
Last updated: 09/18/2023
Status: Final.
CVEs: CVE-2023-31436

Summary
Multiple NetApp products incorporate Linux kernel. Linux kernel versions prior to 6.2.13 are susceptible to a vulnerability which when successfully exploited could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Affected products

  • NetApp HCI Baseboard Management Controller (BMC) – H300S/H500S/H700S/H410S

  • NetApp HCI Baseboard Management Controller (BMC) – H410C

Impact
Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Vulnerability scoring details

CVE

Score

Vector

CVE-2023-31436

7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation and public announcements
NetApp is aware of public discussion of this vulnerability.

Reference link

CVE-2023-2124 Linux kernel vulnerability in NetApp products    
This advisory should be considered the single source of current, up-to-date, authorized and accurate information from NetApp regarding Full Support products and versions.

Advisory ID: NTAP-20230622-0010
Version: 4.0
Last updated: 09/18/2023
Status: Final.
CVEs: CVE-2023-2124

Summary

Multiple NetApp products incorporate Linux kernel. Linux kernel versions prior to 6.4-rc1 are susceptible to a vulnerability which when successfully exploited could lead to Denial of Service (DoS).

Affected products

  • NetApp HCI Baseboard Management Controller (BMC) – H300S/H500S/H700S/H410S

  • NetApp HCI Baseboard Management Controller (BMC) – H410C

Impact

Successful exploitation of this vulnerability could lead to disclosure of sensitive information, addition or modification of data, or Denial of Service (DoS).

Vulnerability scoring details

CVE

Score

Vector

CVE-2023-2124

7.8 (HIGH)

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Exploitation and public announcements
NetApp is aware of public discussion of this vulnerability.

Reference link

 

Articles_bottom
ExaGrid
AIC
Teledyne
ATTO
OPEN-E