Vulnerabilites related to netapp - a800_firmware
cve-2019-14814
Vulnerability from cvelistv5
Published
2019-09-20 18:27
Modified
2024-08-05 00:26
Summary
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
References
http://www.openwall.com/lists/oss-security/2019/08/28/1mailing-list, x_refsource_MLIST
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/vendor-advisory, x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/vendor-advisory, x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814x_refsource_CONFIRM
https://www.openwall.com/lists/oss-security/2019/08/28/1x_refsource_MISC
https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3ax_refsource_MISC
https://access.redhat.com/security/cve/cve-2019-14814x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlvendor-advisory, x_refsource_SUSE
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlmailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4157-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4162-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4157-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4163-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4163-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4162-2/vendor-advisory, x_refsource_UBUNTU
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlx_refsource_MISC
https://security.netapp.com/advisory/ntap-20191031-0005/x_refsource_CONFIRM
https://seclists.org/bugtraq/2019/Nov/11mailing-list, x_refsource_BUGTRAQ
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlx_refsource_MISC
https://access.redhat.com/errata/RHSA-2020:0174vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0328vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0339vendor-advisory, x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlmailing-list, x_refsource_MLIST
Impacted products
Vendor Product Version
Linux kernel Version: all versions up to, excluding 5.3
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T00:26:39.067Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
               },
               {
                  name: "FEDORA-2019-4c91a2f76e",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
               },
               {
                  name: "FEDORA-2019-97380355ae",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/cve-2019-14814",
               },
               {
                  name: "openSUSE-SU-2019:2173",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
               },
               {
                  name: "openSUSE-SU-2019:2181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
               },
               {
                  name: "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
               },
               {
                  name: "USN-4157-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4157-1/",
               },
               {
                  name: "USN-4162-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4162-1/",
               },
               {
                  name: "USN-4157-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4157-2/",
               },
               {
                  name: "USN-4163-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4163-1/",
               },
               {
                  name: "USN-4163-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4163-2/",
               },
               {
                  name: "USN-4162-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4162-2/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
               },
               {
                  name: "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "https://seclists.org/bugtraq/2019/Nov/11",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
               },
               {
                  name: "RHSA-2020:0174",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0174",
               },
               {
                  name: "RHSA-2020:0328",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0328",
               },
               {
                  name: "RHSA-2020:0339",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0339",
               },
               {
                  name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "kernel",
               vendor: "Linux",
               versions: [
                  {
                     status: "affected",
                     version: "all versions up to, excluding 5.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-122",
                     description: "CWE-122",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-03-02T19:06:06",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "[oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
            },
            {
               name: "FEDORA-2019-4c91a2f76e",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
            },
            {
               name: "FEDORA-2019-97380355ae",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://access.redhat.com/security/cve/cve-2019-14814",
            },
            {
               name: "openSUSE-SU-2019:2173",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
            },
            {
               name: "openSUSE-SU-2019:2181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
            },
            {
               name: "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
            },
            {
               name: "USN-4157-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4157-1/",
            },
            {
               name: "USN-4162-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4162-1/",
            },
            {
               name: "USN-4157-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4157-2/",
            },
            {
               name: "USN-4163-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4163-1/",
            },
            {
               name: "USN-4163-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4163-2/",
            },
            {
               name: "USN-4162-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4162-2/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
            },
            {
               name: "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "https://seclists.org/bugtraq/2019/Nov/11",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
            },
            {
               name: "RHSA-2020:0174",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0174",
            },
            {
               name: "RHSA-2020:0328",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0328",
            },
            {
               name: "RHSA-2020:0339",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0339",
            },
            {
               name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2019-14814",
      datePublished: "2019-09-20T18:27:42",
      dateReserved: "2019-08-10T00:00:00",
      dateUpdated: "2024-08-05T00:26:39.067Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-14816
Vulnerability from cvelistv5
Published
2019-09-20 18:25
Modified
2024-08-05 00:26
Summary
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
References
http://www.openwall.com/lists/oss-security/2019/08/28/1mailing-list, x_refsource_MLIST
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/vendor-advisory, x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/vendor-advisory, x_refsource_FEDORA
https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816x_refsource_CONFIRM
https://www.openwall.com/lists/oss-security/2019/08/28/1x_refsource_MISC
https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3x_refsource_MISC
https://access.redhat.com/security/cve/cve-2019-14816x_refsource_MISC
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlvendor-advisory, x_refsource_SUSE
https://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlmailing-list, x_refsource_MLIST
https://usn.ubuntu.com/4157-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4162-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4157-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4163-1/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4163-2/vendor-advisory, x_refsource_UBUNTU
https://usn.ubuntu.com/4162-2/vendor-advisory, x_refsource_UBUNTU
http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlx_refsource_MISC
https://security.netapp.com/advisory/ntap-20191031-0005/x_refsource_CONFIRM
https://seclists.org/bugtraq/2019/Nov/11mailing-list, x_refsource_BUGTRAQ
http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlx_refsource_MISC
https://access.redhat.com/errata/RHSA-2020:0174vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0204vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0328vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0339vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0374vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0375vendor-advisory, x_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlmailing-list, x_refsource_MLIST
https://access.redhat.com/errata/RHSA-2020:0653vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0661vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2020:0664vendor-advisory, x_refsource_REDHAT
Impacted products
Vendor Product Version
Linux kernel Version: all versions up to, excluding 5.3
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-05T00:26:39.113Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "[oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
               },
               {
                  name: "FEDORA-2019-4c91a2f76e",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
               },
               {
                  name: "FEDORA-2019-97380355ae",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/security/cve/cve-2019-14816",
               },
               {
                  name: "openSUSE-SU-2019:2173",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
               },
               {
                  name: "openSUSE-SU-2019:2181",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
               },
               {
                  name: "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
               },
               {
                  name: "USN-4157-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4157-1/",
               },
               {
                  name: "USN-4162-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4162-1/",
               },
               {
                  name: "USN-4157-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4157-2/",
               },
               {
                  name: "USN-4163-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4163-1/",
               },
               {
                  name: "USN-4163-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4163-2/",
               },
               {
                  name: "USN-4162-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4162-2/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
               },
               {
                  name: "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "https://seclists.org/bugtraq/2019/Nov/11",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
               },
               {
                  name: "RHSA-2020:0174",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0174",
               },
               {
                  name: "RHSA-2020:0204",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0204",
               },
               {
                  name: "RHSA-2020:0328",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0328",
               },
               {
                  name: "RHSA-2020:0339",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0339",
               },
               {
                  name: "RHSA-2020:0374",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0374",
               },
               {
                  name: "RHSA-2020:0375",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0375",
               },
               {
                  name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
               },
               {
                  name: "RHSA-2020:0653",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0653",
               },
               {
                  name: "RHSA-2020:0661",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0661",
               },
               {
                  name: "RHSA-2020:0664",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2020:0664",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "kernel",
               vendor: "Linux",
               versions: [
                  {
                     status: "affected",
                     version: "all versions up to, excluding 5.3",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.",
            },
         ],
         metrics: [
            {
               cvssV3_0: {
                  attackComplexity: "LOW",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 5.5,
                  baseSeverity: "MEDIUM",
                  confidentialityImpact: "NONE",
                  integrityImpact: "NONE",
                  privilegesRequired: "LOW",
                  scope: "UNCHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  version: "3.0",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     cweId: "CWE-122",
                     description: "CWE-122",
                     lang: "en",
                     type: "CWE",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-03-03T18:06:10",
            orgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
            shortName: "redhat",
         },
         references: [
            {
               name: "[oss-security] 20190828 Linux kernel: three heap overflow in the marvell wifi driver",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
            },
            {
               name: "FEDORA-2019-4c91a2f76e",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
            },
            {
               name: "FEDORA-2019-97380355ae",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://access.redhat.com/security/cve/cve-2019-14816",
            },
            {
               name: "openSUSE-SU-2019:2173",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
            },
            {
               name: "openSUSE-SU-2019:2181",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
            },
            {
               name: "[debian-lts-announce] 20190925 [SECURITY] [DLA 1930-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
            },
            {
               name: "USN-4157-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4157-1/",
            },
            {
               name: "USN-4162-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4162-1/",
            },
            {
               name: "USN-4157-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4157-2/",
            },
            {
               name: "USN-4163-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4163-1/",
            },
            {
               name: "USN-4163-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4163-2/",
            },
            {
               name: "USN-4162-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4162-2/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
            },
            {
               name: "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "https://seclists.org/bugtraq/2019/Nov/11",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
            },
            {
               name: "RHSA-2020:0174",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0174",
            },
            {
               name: "RHSA-2020:0204",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0204",
            },
            {
               name: "RHSA-2020:0328",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0328",
            },
            {
               name: "RHSA-2020:0339",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0339",
            },
            {
               name: "RHSA-2020:0374",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0374",
            },
            {
               name: "RHSA-2020:0375",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0375",
            },
            {
               name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
            },
            {
               name: "RHSA-2020:0653",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0653",
            },
            {
               name: "RHSA-2020:0661",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0661",
            },
            {
               name: "RHSA-2020:0664",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2020:0664",
            },
         ],
      },
   },
   cveMetadata: {
      assignerOrgId: "53f830b8-0a3f-465b-8143-3b8a9948e749",
      assignerShortName: "redhat",
      cveId: "CVE-2019-14816",
      datePublished: "2019-09-20T18:25:15",
      dateReserved: "2019-08-10T00:00:00",
      dateUpdated: "2024-08-05T00:26:39.113Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-1559
Vulnerability from cvelistv5
Published
2019-02-27 23:00
Modified
2024-09-17 04:20
Severity ?
Summary
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
References
http://www.securityfocus.com/bid/107174vdb-entry, x_refsource_BID
https://security.gentoo.org/glsa/201903-10vendor-advisory, x_refsource_GENTOO
https://usn.ubuntu.com/3899-1/vendor-advisory, x_refsource_UBUNTU
https://lists.debian.org/debian-lts-announce/2019/03/msg00003.htmlmailing-list, x_refsource_MLIST
https://www.debian.org/security/2019/dsa-4400vendor-advisory, x_refsource_DEBIAN
http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.htmlvendor-advisory, x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.htmlvendor-advisory, x_refsource_SUSE
https://access.redhat.com/errata/RHSA-2019:2304vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2439vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2437vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:2471vendor-advisory, x_refsource_REDHAT
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/vendor-advisory, x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/vendor-advisory, x_refsource_FEDORA
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/vendor-advisory, x_refsource_FEDORA
https://access.redhat.com/errata/RHSA-2019:3929vendor-advisory, x_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2019:3931vendor-advisory, x_refsource_REDHAT
https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlx_refsource_MISC
https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlx_refsource_MISC
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlx_refsource_MISC
https://www.oracle.com/security-alerts/cpujan2020.htmlx_refsource_MISC
https://usn.ubuntu.com/4376-2/vendor-advisory, x_refsource_UBUNTU
https://www.oracle.com/security-alerts/cpujan2021.htmlx_refsource_MISC
https://security.netapp.com/advisory/ntap-20190301-0001/x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20190301-0002/x_refsource_CONFIRM
https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8ex_refsource_CONFIRM
https://www.openssl.org/news/secadv/20190226.txtx_refsource_CONFIRM
https://support.f5.com/csp/article/K18549143x_refsource_CONFIRM
https://www.tenable.com/security/tns-2019-02x_refsource_CONFIRM
https://security.netapp.com/advisory/ntap-20190423-0002/x_refsource_CONFIRM
https://www.tenable.com/security/tns-2019-03x_refsource_CONFIRM
https://kc.mcafee.com/corporate/index?page=content&id=SB10282x_refsource_CONFIRM
https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSSx_refsource_CONFIRM
Impacted products
Vendor Product Version
OpenSSL OpenSSL Version: Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q)
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T18:20:27.982Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "107174",
                  tags: [
                     "vdb-entry",
                     "x_refsource_BID",
                     "x_transferred",
                  ],
                  url: "http://www.securityfocus.com/bid/107174",
               },
               {
                  name: "GLSA-201903-10",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_GENTOO",
                     "x_transferred",
                  ],
                  url: "https://security.gentoo.org/glsa/201903-10",
               },
               {
                  name: "USN-3899-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/3899-1/",
               },
               {
                  name: "[debian-lts-announce] 20190301 [SECURITY] [DLA 1701-1] openssl security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html",
               },
               {
                  name: "DSA-4400",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_DEBIAN",
                     "x_transferred",
                  ],
                  url: "https://www.debian.org/security/2019/dsa-4400",
               },
               {
                  name: "openSUSE-SU-2019:1076",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html",
               },
               {
                  name: "openSUSE-SU-2019:1105",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html",
               },
               {
                  name: "openSUSE-SU-2019:1173",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html",
               },
               {
                  name: "openSUSE-SU-2019:1175",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html",
               },
               {
                  name: "openSUSE-SU-2019:1432",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html",
               },
               {
                  name: "openSUSE-SU-2019:1637",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_SUSE",
                     "x_transferred",
                  ],
                  url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html",
               },
               {
                  name: "RHSA-2019:2304",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:2304",
               },
               {
                  name: "RHSA-2019:2439",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:2439",
               },
               {
                  name: "RHSA-2019:2437",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:2437",
               },
               {
                  name: "RHSA-2019:2471",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:2471",
               },
               {
                  name: "FEDORA-2019-db06efdea1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/",
               },
               {
                  name: "FEDORA-2019-00c25b9379",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
               },
               {
                  name: "FEDORA-2019-9a0a7c0986",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
               },
               {
                  name: "RHSA-2019:3929",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:3929",
               },
               {
                  name: "RHSA-2019:3931",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_REDHAT",
                     "x_transferred",
                  ],
                  url: "https://access.redhat.com/errata/RHSA-2019:3931",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2020.html",
               },
               {
                  name: "USN-4376-2",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4376-2/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.oracle.com/security-alerts/cpujan2021.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20190301-0001/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20190301-0002/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.openssl.org/news/secadv/20190226.txt",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.f5.com/csp/article/K18549143",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.tenable.com/security/tns-2019-02",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20190423-0002/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://www.tenable.com/security/tns-2019-03",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10282",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "OpenSSL",
               vendor: "OpenSSL",
               versions: [
                  {
                     status: "affected",
                     version: "Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q)",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Juraj Somorovsky, Robert Merget and Nimrod Aviram, with additional investigation by Steven Collison and Andrew Hourselt",
            },
         ],
         datePublic: "2019-02-26T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable \"non-stitched\" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).",
            },
         ],
         metrics: [
            {
               other: {
                  content: {
                     lang: "eng",
                     url: "https://www.openssl.org/policies/secpolicy.html#Moderate",
                     value: "Moderate",
                  },
                  type: "unknown",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Padding Oracle",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-01-20T14:42:01",
            orgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
            shortName: "openssl",
         },
         references: [
            {
               name: "107174",
               tags: [
                  "vdb-entry",
                  "x_refsource_BID",
               ],
               url: "http://www.securityfocus.com/bid/107174",
            },
            {
               name: "GLSA-201903-10",
               tags: [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
               ],
               url: "https://security.gentoo.org/glsa/201903-10",
            },
            {
               name: "USN-3899-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/3899-1/",
            },
            {
               name: "[debian-lts-announce] 20190301 [SECURITY] [DLA 1701-1] openssl security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html",
            },
            {
               name: "DSA-4400",
               tags: [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
               ],
               url: "https://www.debian.org/security/2019/dsa-4400",
            },
            {
               name: "openSUSE-SU-2019:1076",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html",
            },
            {
               name: "openSUSE-SU-2019:1105",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html",
            },
            {
               name: "openSUSE-SU-2019:1173",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html",
            },
            {
               name: "openSUSE-SU-2019:1175",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html",
            },
            {
               name: "openSUSE-SU-2019:1432",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html",
            },
            {
               name: "openSUSE-SU-2019:1637",
               tags: [
                  "vendor-advisory",
                  "x_refsource_SUSE",
               ],
               url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html",
            },
            {
               name: "RHSA-2019:2304",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:2304",
            },
            {
               name: "RHSA-2019:2439",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:2439",
            },
            {
               name: "RHSA-2019:2437",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:2437",
            },
            {
               name: "RHSA-2019:2471",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:2471",
            },
            {
               name: "FEDORA-2019-db06efdea1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/",
            },
            {
               name: "FEDORA-2019-00c25b9379",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
            },
            {
               name: "FEDORA-2019-9a0a7c0986",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
            },
            {
               name: "RHSA-2019:3929",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:3929",
            },
            {
               name: "RHSA-2019:3931",
               tags: [
                  "vendor-advisory",
                  "x_refsource_REDHAT",
               ],
               url: "https://access.redhat.com/errata/RHSA-2019:3931",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2020.html",
            },
            {
               name: "USN-4376-2",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4376-2/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.oracle.com/security-alerts/cpujan2021.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20190301-0001/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20190301-0002/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.openssl.org/news/secadv/20190226.txt",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.f5.com/csp/article/K18549143",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.tenable.com/security/tns-2019-02",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20190423-0002/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://www.tenable.com/security/tns-2019-03",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10282",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS",
            },
         ],
         title: "0-byte record padding oracle",
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "openssl-security@openssl.org",
               DATE_PUBLIC: "2019-02-26",
               ID: "CVE-2019-1559",
               STATE: "PUBLIC",
               TITLE: "0-byte record padding oracle",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "OpenSSL",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q)",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "OpenSSL",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Juraj Somorovsky, Robert Merget and Nimrod Aviram, with additional investigation by Steven Collison and Andrew Hourselt",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable \"non-stitched\" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).",
                  },
               ],
            },
            impact: [
               {
                  lang: "eng",
                  url: "https://www.openssl.org/policies/secpolicy.html#Moderate",
                  value: "Moderate",
               },
            ],
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Padding Oracle",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "107174",
                     refsource: "BID",
                     url: "http://www.securityfocus.com/bid/107174",
                  },
                  {
                     name: "GLSA-201903-10",
                     refsource: "GENTOO",
                     url: "https://security.gentoo.org/glsa/201903-10",
                  },
                  {
                     name: "USN-3899-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/3899-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20190301 [SECURITY] [DLA 1701-1] openssl security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html",
                  },
                  {
                     name: "DSA-4400",
                     refsource: "DEBIAN",
                     url: "https://www.debian.org/security/2019/dsa-4400",
                  },
                  {
                     name: "openSUSE-SU-2019:1076",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1105",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1173",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1175",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1432",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html",
                  },
                  {
                     name: "openSUSE-SU-2019:1637",
                     refsource: "SUSE",
                     url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html",
                  },
                  {
                     name: "RHSA-2019:2304",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:2304",
                  },
                  {
                     name: "RHSA-2019:2439",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:2439",
                  },
                  {
                     name: "RHSA-2019:2437",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:2437",
                  },
                  {
                     name: "RHSA-2019:2471",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:2471",
                  },
                  {
                     name: "FEDORA-2019-db06efdea1",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/",
                  },
                  {
                     name: "FEDORA-2019-00c25b9379",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
                  },
                  {
                     name: "FEDORA-2019-9a0a7c0986",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
                  },
                  {
                     name: "RHSA-2019:3929",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:3929",
                  },
                  {
                     name: "RHSA-2019:3931",
                     refsource: "REDHAT",
                     url: "https://access.redhat.com/errata/RHSA-2019:3931",
                  },
                  {
                     name: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
                  },
                  {
                     name: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
                  },
                  {
                     name: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2020.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2020.html",
                  },
                  {
                     name: "USN-4376-2",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4376-2/",
                  },
                  {
                     name: "https://www.oracle.com/security-alerts/cpujan2021.html",
                     refsource: "MISC",
                     url: "https://www.oracle.com/security-alerts/cpujan2021.html",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20190301-0001/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20190301-0001/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20190301-0002/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20190301-0002/",
                  },
                  {
                     name: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e",
                     refsource: "CONFIRM",
                     url: "https://git.openssl.org/gitweb/?p=openssl.git;a=commitdiff;h=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e",
                  },
                  {
                     name: "https://www.openssl.org/news/secadv/20190226.txt",
                     refsource: "CONFIRM",
                     url: "https://www.openssl.org/news/secadv/20190226.txt",
                  },
                  {
                     name: "https://support.f5.com/csp/article/K18549143",
                     refsource: "CONFIRM",
                     url: "https://support.f5.com/csp/article/K18549143",
                  },
                  {
                     name: "https://www.tenable.com/security/tns-2019-02",
                     refsource: "CONFIRM",
                     url: "https://www.tenable.com/security/tns-2019-02",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20190423-0002/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20190423-0002/",
                  },
                  {
                     name: "https://www.tenable.com/security/tns-2019-03",
                     refsource: "CONFIRM",
                     url: "https://www.tenable.com/security/tns-2019-03",
                  },
                  {
                     name: "https://kc.mcafee.com/corporate/index?page=content&id=SB10282",
                     refsource: "CONFIRM",
                     url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10282",
                  },
                  {
                     name: "https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS",
                     refsource: "CONFIRM",
                     url: "https://support.f5.com/csp/article/K18549143?utm_source=f5support&utm_medium=RSS",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "3a12439a-ef3a-4c79-92e6-6081a721f1e5",
      assignerShortName: "openssl",
      cveId: "CVE-2019-1559",
      datePublished: "2019-02-27T23:00:00Z",
      dateReserved: "2018-11-28T00:00:00",
      dateUpdated: "2024-09-17T04:20:35.057Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2019-2215
Vulnerability from cvelistv5
Published
2019-10-11 18:16
Modified
2025-02-07 13:04
Summary
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
Impacted products
Vendor Product Version
n/a Android Version: Kernel
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T18:42:50.933Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://source.android.com/security/bulletin/2019-10-01",
               },
               {
                  name: "20191018 CVE 2019-2215 Android Binder Use After Free",
                  tags: [
                     "mailing-list",
                     "x_refsource_FULLDISC",
                     "x_transferred",
                  ],
                  url: "http://seclists.org/fulldisclosure/2019/Oct/38",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
               },
               {
                  name: "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                  tags: [
                     "mailing-list",
                     "x_refsource_BUGTRAQ",
                     "x_transferred",
                  ],
                  url: "https://seclists.org/bugtraq/2019/Nov/11",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
               },
               {
                  name: "USN-4186-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4186-1/",
               },
               {
                  name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
               },
               {
                  name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
               },
            ],
            title: "CVE Program Container",
         },
         {
            metrics: [
               {
                  cvssV3_1: {
                     attackComplexity: "LOW",
                     attackVector: "LOCAL",
                     availabilityImpact: "HIGH",
                     baseScore: 7.8,
                     baseSeverity: "HIGH",
                     confidentialityImpact: "HIGH",
                     integrityImpact: "HIGH",
                     privilegesRequired: "LOW",
                     scope: "UNCHANGED",
                     userInteraction: "NONE",
                     vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                     version: "3.1",
                  },
               },
               {
                  other: {
                     content: {
                        id: "CVE-2019-2215",
                        options: [
                           {
                              Exploitation: "active",
                           },
                           {
                              Automatable: "no",
                           },
                           {
                              "Technical Impact": "total",
                           },
                        ],
                        role: "CISA Coordinator",
                        timestamp: "2025-02-07T13:04:20.328785Z",
                        version: "2.0.3",
                     },
                     type: "ssvc",
                  },
               },
               {
                  other: {
                     content: {
                        dateAdded: "2021-11-03",
                        reference: "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?search_api_fulltext=CVE-2019-2215",
                     },
                     type: "kev",
                  },
               },
            ],
            problemTypes: [
               {
                  descriptions: [
                     {
                        cweId: "CWE-416",
                        description: "CWE-416 Use After Free",
                        lang: "en",
                        type: "CWE",
                     },
                  ],
               },
            ],
            providerMetadata: {
               dateUpdated: "2025-02-07T13:04:23.933Z",
               orgId: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
               shortName: "CISA-ADP",
            },
            title: "CISA ADP Vulnrichment",
         },
      ],
      cna: {
         affected: [
            {
               product: "Android",
               vendor: "n/a",
               versions: [
                  {
                     status: "affected",
                     version: "Kernel",
                  },
               ],
            },
         ],
         descriptions: [
            {
               lang: "en",
               value: "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095",
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "Elevation of privilege",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2020-03-02T19:06:43.000Z",
            orgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
            shortName: "google_android",
         },
         references: [
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://source.android.com/security/bulletin/2019-10-01",
            },
            {
               name: "20191018 CVE 2019-2215 Android Binder Use After Free",
               tags: [
                  "mailing-list",
                  "x_refsource_FULLDISC",
               ],
               url: "http://seclists.org/fulldisclosure/2019/Oct/38",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
            },
            {
               name: "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
               tags: [
                  "mailing-list",
                  "x_refsource_BUGTRAQ",
               ],
               url: "https://seclists.org/bugtraq/2019/Nov/11",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
            },
            {
               name: "USN-4186-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4186-1/",
            },
            {
               name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
            },
            {
               name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
            },
         ],
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@android.com",
               ID: "CVE-2019-2215",
               STATE: "PUBLIC",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Android",
                                 version: {
                                    version_data: [
                                       {
                                          version_value: "Kernel",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "n/a",
                     },
                  ],
               },
            },
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095",
                  },
               ],
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "Elevation of privilege",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "https://source.android.com/security/bulletin/2019-10-01",
                     refsource: "CONFIRM",
                     url: "https://source.android.com/security/bulletin/2019-10-01",
                  },
                  {
                     name: "20191018 CVE 2019-2215 Android Binder Use After Free",
                     refsource: "FULLDISC",
                     url: "http://seclists.org/fulldisclosure/2019/Oct/38",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
                  },
                  {
                     name: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
                     refsource: "CONFIRM",
                     url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20191031-0005/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
                  },
                  {
                     name: "20191108 [slackware-security] Slackware 14.2 kernel (SSA:2019-311-01)",
                     refsource: "BUGTRAQ",
                     url: "https://seclists.org/bugtraq/2019/Nov/11",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
                  },
                  {
                     name: "USN-4186-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4186-1/",
                  },
                  {
                     name: "[debian-lts-announce] 20200118 [SECURITY] [DLA 2068-1] linux security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
                  },
                  {
                     name: "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
                     refsource: "MISC",
                     url: "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
                  },
                  {
                     name: "[debian-lts-announce] 20200302 [SECURITY] [DLA 2114-1] linux-4.9 security update",
                     refsource: "MLIST",
                     url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
                  },
               ],
            },
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "baff130e-b8d5-4e15-b3d3-c3cf5d5545c6",
      assignerShortName: "google_android",
      cveId: "CVE-2019-2215",
      datePublished: "2019-10-11T18:16:48.000Z",
      dateReserved: "2018-12-10T00:00:00.000Z",
      dateUpdated: "2025-02-07T13:04:23.933Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

cve-2020-8835
Vulnerability from cvelistv5
Published
2020-04-02 18:00
Modified
2024-09-17 02:15
Summary
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)
Impacted products
Vendor Product Version
Linux kernel Linux kernel Version: 5.6-stable   < 5.6.1
Version: 5.5-stable   < 5.5.14
Version: 5.4.7   < 5.4-stable*
Create a notification for this product.
Show details on NVD website


{
   containers: {
      adp: [
         {
            providerMetadata: {
               dateUpdated: "2024-08-04T10:12:10.621Z",
               orgId: "af854a3a-2127-422b-91ae-364da2661108",
               shortName: "CVE",
            },
            references: [
               {
                  name: "USN-4313-1",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_UBUNTU",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/4313-1/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel%40iogearbox.net/T/",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://www.openwall.com/lists/oss-security/2020/03/30/3",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://usn.ubuntu.com/usn/usn-4313-1",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
               },
               {
                  tags: [
                     "x_refsource_MISC",
                     "x_transferred",
                  ],
                  url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
               },
               {
                  name: "FEDORA-2020-4ef0bcc89c",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7OONYGMSYBEFHLHZJK3GOI5Z553G4LD/",
               },
               {
                  name: "FEDORA-2020-666f3b1ac3",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBWSHZ6DJIZVXKXGZPK6QPFCY7VKZEG/",
               },
               {
                  name: "FEDORA-2020-73c00eda1c",
                  tags: [
                     "vendor-advisory",
                     "x_refsource_FEDORA",
                     "x_transferred",
                  ],
                  url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD/",
               },
               {
                  tags: [
                     "x_refsource_CONFIRM",
                     "x_transferred",
                  ],
                  url: "https://security.netapp.com/advisory/ntap-20200430-0004/",
               },
               {
                  name: "[oss-security] 20210720 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer",
                  tags: [
                     "mailing-list",
                     "x_refsource_MLIST",
                     "x_transferred",
                  ],
                  url: "http://www.openwall.com/lists/oss-security/2021/07/20/1",
               },
            ],
            title: "CVE Program Container",
         },
      ],
      cna: {
         affected: [
            {
               product: "Linux kernel",
               vendor: "Linux kernel",
               versions: [
                  {
                     lessThan: "5.6.1",
                     status: "affected",
                     version: "5.6-stable",
                     versionType: "custom",
                  },
                  {
                     lessThan: "5.5.14",
                     status: "affected",
                     version: "5.5-stable",
                     versionType: "custom",
                  },
                  {
                     changes: [
                        {
                           at: "5.4.29",
                           status: "unaffected",
                        },
                     ],
                     lessThan: "5.4-stable*",
                     status: "affected",
                     version: "5.4.7",
                     versionType: "custom",
                  },
               ],
            },
         ],
         credits: [
            {
               lang: "en",
               value: "Manfred Paul",
            },
            {
               lang: "en",
               value: "Anatoly Trosinenko",
            },
         ],
         datePublic: "2020-03-30T00:00:00",
         descriptions: [
            {
               lang: "en",
               value: "In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)",
            },
         ],
         metrics: [
            {
               cvssV3_1: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
         ],
         problemTypes: [
            {
               descriptions: [
                  {
                     description: "n/a",
                     lang: "en",
                     type: "text",
                  },
               ],
            },
         ],
         providerMetadata: {
            dateUpdated: "2021-07-20T14:06:18",
            orgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc",
            shortName: "canonical",
         },
         references: [
            {
               name: "USN-4313-1",
               tags: [
                  "vendor-advisory",
                  "x_refsource_UBUNTU",
               ],
               url: "https://usn.ubuntu.com/4313-1/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel%40iogearbox.net/T/",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://www.openwall.com/lists/oss-security/2020/03/30/3",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://usn.ubuntu.com/usn/usn-4313-1",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
            },
            {
               tags: [
                  "x_refsource_MISC",
               ],
               url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
            },
            {
               name: "FEDORA-2020-4ef0bcc89c",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7OONYGMSYBEFHLHZJK3GOI5Z553G4LD/",
            },
            {
               name: "FEDORA-2020-666f3b1ac3",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBWSHZ6DJIZVXKXGZPK6QPFCY7VKZEG/",
            },
            {
               name: "FEDORA-2020-73c00eda1c",
               tags: [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
               ],
               url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD/",
            },
            {
               tags: [
                  "x_refsource_CONFIRM",
               ],
               url: "https://security.netapp.com/advisory/ntap-20200430-0004/",
            },
            {
               name: "[oss-security] 20210720 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer",
               tags: [
                  "mailing-list",
                  "x_refsource_MLIST",
               ],
               url: "http://www.openwall.com/lists/oss-security/2021/07/20/1",
            },
         ],
         solutions: [
            {
               lang: "en",
               value: "Revert commit 581738a681b6 (\"bpf: Provide better register bounds after jmp32 instructions\").",
            },
         ],
         source: {
            discovery: "EXTERNAL",
         },
         title: "Linux kernel bpf verifier vulnerability",
         workarounds: [
            {
               lang: "en",
               value: "Mitigation for this vulnerability is available by setting the kernel.unprivileged_bpf_disabled sysctl to 1:\n\n   $ sudo sysctl kernel.unprivileged_bpf_disabled=1\n   $ echo kernel.unprivileged_bpf_disabled=1 |  sudo tee /etc/sysctl.d/90-CVE-2020-8835.conf\n\nThis issue is also mitigated on systems that use secure boot with the kernel lockdown feature which blocks BPF program loading.",
            },
         ],
         x_generator: {
            engine: "Vulnogram 0.0.9",
         },
         x_legacyV4Record: {
            CVE_data_meta: {
               ASSIGNER: "security@ubuntu.com",
               DATE_PUBLIC: "2020-03-30T16:00:00.000Z",
               ID: "CVE-2020-8835",
               STATE: "PUBLIC",
               TITLE: "Linux kernel bpf verifier vulnerability",
            },
            affects: {
               vendor: {
                  vendor_data: [
                     {
                        product: {
                           product_data: [
                              {
                                 product_name: "Linux kernel",
                                 version: {
                                    version_data: [
                                       {
                                          version_affected: "<",
                                          version_name: "5.6-stable",
                                          version_value: "5.6.1",
                                       },
                                       {
                                          version_affected: "<",
                                          version_name: "5.5-stable",
                                          version_value: "5.5.14",
                                       },
                                       {
                                          version_affected: ">=",
                                          version_name: "5.4-stable",
                                          version_value: "5.4.7",
                                       },
                                       {
                                          version_affected: "<",
                                          version_name: "5.4-stable",
                                          version_value: "5.4.29",
                                       },
                                    ],
                                 },
                              },
                           ],
                        },
                        vendor_name: "Linux kernel",
                     },
                  ],
               },
            },
            credit: [
               {
                  lang: "eng",
                  value: "Manfred Paul",
               },
               {
                  lang: "eng",
                  value: "Anatoly Trosinenko",
               },
            ],
            data_format: "MITRE",
            data_type: "CVE",
            data_version: "4.0",
            description: {
               description_data: [
                  {
                     lang: "eng",
                     value: "In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)",
                  },
               ],
            },
            generator: {
               engine: "Vulnogram 0.0.9",
            },
            impact: {
               cvss: {
                  attackComplexity: "HIGH",
                  attackVector: "LOCAL",
                  availabilityImpact: "HIGH",
                  baseScore: 7.8,
                  baseSeverity: "HIGH",
                  confidentialityImpact: "HIGH",
                  integrityImpact: "HIGH",
                  privilegesRequired: "LOW",
                  scope: "CHANGED",
                  userInteraction: "NONE",
                  vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
                  version: "3.1",
               },
            },
            problemtype: {
               problemtype_data: [
                  {
                     description: [
                        {
                           lang: "eng",
                           value: "n/a",
                        },
                     ],
                  },
               ],
            },
            references: {
               reference_data: [
                  {
                     name: "USN-4313-1",
                     refsource: "UBUNTU",
                     url: "https://usn.ubuntu.com/4313-1/",
                  },
                  {
                     name: "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results",
                     refsource: "MISC",
                     url: "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results",
                  },
                  {
                     name: "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel@iogearbox.net/T/",
                     refsource: "MISC",
                     url: "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel@iogearbox.net/T/",
                  },
                  {
                     name: "https://www.openwall.com/lists/oss-security/2020/03/30/3",
                     refsource: "MISC",
                     url: "https://www.openwall.com/lists/oss-security/2020/03/30/3",
                  },
                  {
                     name: "https://usn.ubuntu.com/usn/usn-4313-1",
                     refsource: "MISC",
                     url: "https://usn.ubuntu.com/usn/usn-4313-1",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
                  },
                  {
                     name: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
                     refsource: "MISC",
                     url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
                  },
                  {
                     name: "FEDORA-2020-4ef0bcc89c",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/F7OONYGMSYBEFHLHZJK3GOI5Z553G4LD/",
                  },
                  {
                     name: "FEDORA-2020-666f3b1ac3",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/YXBWSHZ6DJIZVXKXGZPK6QPFCY7VKZEG/",
                  },
                  {
                     name: "FEDORA-2020-73c00eda1c",
                     refsource: "FEDORA",
                     url: "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD/",
                  },
                  {
                     name: "https://security.netapp.com/advisory/ntap-20200430-0004/",
                     refsource: "CONFIRM",
                     url: "https://security.netapp.com/advisory/ntap-20200430-0004/",
                  },
                  {
                     name: "[oss-security] 20210720 CVE-2021-33909: size_t-to-int vulnerability in Linux's filesystem layer",
                     refsource: "MLIST",
                     url: "http://www.openwall.com/lists/oss-security/2021/07/20/1",
                  },
               ],
            },
            solution: [
               {
                  lang: "en",
                  value: "Revert commit 581738a681b6 (\"bpf: Provide better register bounds after jmp32 instructions\").",
               },
            ],
            source: {
               discovery: "EXTERNAL",
            },
            work_around: [
               {
                  lang: "en",
                  value: "Mitigation for this vulnerability is available by setting the kernel.unprivileged_bpf_disabled sysctl to 1:\n\n   $ sudo sysctl kernel.unprivileged_bpf_disabled=1\n   $ echo kernel.unprivileged_bpf_disabled=1 |  sudo tee /etc/sysctl.d/90-CVE-2020-8835.conf\n\nThis issue is also mitigated on systems that use secure boot with the kernel lockdown feature which blocks BPF program loading.",
               },
            ],
         },
      },
   },
   cveMetadata: {
      assignerOrgId: "cc1ad9ee-3454-478d-9317-d3e869d708bc",
      assignerShortName: "canonical",
      cveId: "CVE-2020-8835",
      datePublished: "2020-04-02T18:00:23.885957Z",
      dateReserved: "2020-02-10T00:00:00",
      dateUpdated: "2024-09-17T02:15:48.820Z",
      state: "PUBLISHED",
   },
   dataType: "CVE_RECORD",
   dataVersion: "5.1",
}

Vulnerability from fkie_nvd
Published
2020-04-02 18:15
Modified
2024-11-21 05:39
Summary
In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)
References
security@ubuntu.comhttp://www.openwall.com/lists/oss-security/2021/07/20/1Exploit, Mailing List, Third Party Advisory
security@ubuntu.comhttps://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fefPatch, Vendor Advisory
security@ubuntu.comhttps://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fefPatch, Vendor Advisory
security@ubuntu.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7OONYGMSYBEFHLHZJK3GOI5Z553G4LD/
security@ubuntu.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD/
security@ubuntu.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBWSHZ6DJIZVXKXGZPK6QPFCY7VKZEG/
security@ubuntu.comhttps://lore.kernel.org/bpf/20200330160324.15259-1-daniel%40iogearbox.net/T/
security@ubuntu.comhttps://security.netapp.com/advisory/ntap-20200430-0004/Third Party Advisory
security@ubuntu.comhttps://usn.ubuntu.com/4313-1/Third Party Advisory
security@ubuntu.comhttps://usn.ubuntu.com/usn/usn-4313-1Third Party Advisory
security@ubuntu.comhttps://www.openwall.com/lists/oss-security/2020/03/30/3Mailing List, Patch, Third Party Advisory
security@ubuntu.comhttps://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-resultsThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2021/07/20/1Exploit, Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fefPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fefPatch, Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7OONYGMSYBEFHLHZJK3GOI5Z553G4LD/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBWSHZ6DJIZVXKXGZPK6QPFCY7VKZEG/
af854a3a-2127-422b-91ae-364da2661108https://lore.kernel.org/bpf/20200330160324.15259-1-daniel%40iogearbox.net/T/
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20200430-0004/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4313-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/usn/usn-4313-1Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2020/03/30/3Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-resultsThird Party Advisory



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F715B99-43A7-4487-95F0-61A0C0D395D9",
                     versionEndExcluding: "5.4.29",
                     versionStartIncluding: "5.4.7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C1952E71-2355-44B6-99A9-8A7754C73458",
                     versionEndExcluding: "5.5.14",
                     versionStartIncluding: "5.5.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "67F018B4-5EAD-485E-AE88-63C5BF663268",
                     versionEndExcluding: "5.6.1",
                     versionStartIncluding: "5.6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                     matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*",
                     matchCriteriaId: "36D96259-24BD-44E2-96D9-78CE1D41F956",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "A31C8344-3E02-4EB8-8BD8-4C84B7959624",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDD92BFA-9117-4E6E-A13F-ED064B4B7284",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B7DA42F-5D64-4967-A2D4-6210FE507841",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:8300_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E73901F-666D-4D8B-BDFD-93DD2F70C74B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:8300:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0FD5AED-42CF-4918-B32C-D675738EF15C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:8700_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "34B25BEF-8708-4E2C-8BA6-EBCD5267EB04",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:8700:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE0F11D2-B5D9-46B4-BFC5-C86BC87D516A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a400_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "04E3BD77-8915-4FFC-8483-5DB5D610F829",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a400:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "97E94ECB-BB51-4364-BEDD-8648C193196F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a320_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6ADE5E80-06D3-4A1B-A655-FBB6CCA03939",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a320:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8FD5E05-3C58-465F-9D4F-ECC2CD78DCFF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "75A43965-CB2E-4C28-AFC3-1ADE7A6B845C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D421A96-E6E9-4B27-ADE0-D8E87A82EEDE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F2D2745-242C-4603-899E-70C9025BDDD2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFB4541D-5EF7-4266-BFF3-2DDEC95E8012",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7FD1DA9-7980-4643-B378-7095892DA176",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "347E9E3E-941C-4109-B59F-B9BB05486B34",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD661062-0D5B-4671-9D92-FEF8D7395C1E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B36CECA5-4545-49C2-92EB-B739407B207F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E7549A-DE35-4274-B3F6-22D51C7A6613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h610c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "89612649-BACF-4FAC-9BA4-324724FD93A6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h610c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F3D9B255-C1AF-42D1-BF9B-13642FBDC080",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h615c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5921A877-18BF-43FE-915C-D226E140ACFC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h615c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7296A1F2-D315-4FD5-8A73-65C480C855BE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "In the Linux kernel 5.5.0 and newer, the bpf verifier (kernel/bpf/verifier.c) did not properly restrict the register bounds for 32-bit operations, leading to out-of-bounds reads and writes in kernel memory. The vulnerability also affects the Linux 5.4 stable series, starting with v5.4.7, as the introducing commit was backported to that branch. This vulnerability was fixed in 5.6.1, 5.5.14, and 5.4.29. (issue is aka ZDI-CAN-10780)",
      },
      {
         lang: "es",
         value: "En el kernel de Linux versiones 5.5.0 y más recientes, el verificador bpf (kernel/bpf/verifier.c) no restringió apropiadamente los límites de registro para operaciones de 32 bits, conllevando a lecturas y escrituras fuera de límites en la memoria del kernel. La vulnerabilidad también afecta a la serie estable de Linux versión 5.4, comenzando con la versión v5.4.7, ya que el commit de introducción fue respaldado en esa derivación. Esta vulnerabilidad fue corregida en las versiones 5.6.1, 5.5.14 y 5.4.29. (el problema también se conoce como ZDI-CAN-10780)",
      },
   ],
   id: "CVE-2020-8835",
   lastModified: "2024-11-21T05:39:32.163",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "CHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.1,
            impactScore: 6,
            source: "security@ubuntu.com",
            type: "Secondary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2020-04-02T18:15:18.943",
   references: [
      {
         source: "security@ubuntu.com",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/07/20/1",
      },
      {
         source: "security@ubuntu.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
      },
      {
         source: "security@ubuntu.com",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
      },
      {
         source: "security@ubuntu.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7OONYGMSYBEFHLHZJK3GOI5Z553G4LD/",
      },
      {
         source: "security@ubuntu.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD/",
      },
      {
         source: "security@ubuntu.com",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBWSHZ6DJIZVXKXGZPK6QPFCY7VKZEG/",
      },
      {
         source: "security@ubuntu.com",
         url: "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel%40iogearbox.net/T/",
      },
      {
         source: "security@ubuntu.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200430-0004/",
      },
      {
         source: "security@ubuntu.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4313-1/",
      },
      {
         source: "security@ubuntu.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/usn/usn-4313-1",
      },
      {
         source: "security@ubuntu.com",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2020/03/30/3",
      },
      {
         source: "security@ubuntu.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2021/07/20/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/netdev/net-next.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Vendor Advisory",
         ],
         url: "https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=f2d67fec0b43edce8c416101cdc52e71145b5fef",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/F7OONYGMSYBEFHLHZJK3GOI5Z553G4LD/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/TF4PQZBEPNXDSK5DOBMW54OCLP25FTCD/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/YXBWSHZ6DJIZVXKXGZPK6QPFCY7VKZEG/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lore.kernel.org/bpf/20200330160324.15259-1-daniel%40iogearbox.net/T/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20200430-0004/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4313-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/usn/usn-4313-1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2020/03/30/3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.thezdi.com/blog/2020/3/19/pwn2own-2020-day-one-results",
      },
   ],
   sourceIdentifier: "security@ubuntu.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-125",
            },
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-09-20 19:15
Modified
2024-11-21 04:27
Summary
There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlThird Party Advisory, VDB Entry
secalert@redhat.comhttp://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0174Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0204Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0328Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0339Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0374Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0375Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0653Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0661Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0664Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/security/cve/cve-2019-14816Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816Exploit, Issue Tracking, Patch, Third Party Advisory
secalert@redhat.comhttps://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3Patch, Third Party Advisory
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlMailing List, Third Party Advisory
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
secalert@redhat.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/Issue Tracking, Third Party Advisory
secalert@redhat.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/Issue Tracking, Third Party Advisory
secalert@redhat.comhttps://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
secalert@redhat.comhttps://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4157-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4157-2/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4162-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4162-2/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4163-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4163-2/Third Party Advisory
secalert@redhat.comhttps://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0174Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0204Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0328Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0339Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0374Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0375Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0653Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0661Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0664Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/security/cve/cve-2019-14816Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4157-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4157-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4162-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4162-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4163-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4163-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
redhat virtualization 4.0
redhat enterprise_linux 5.0
redhat enterprise_linux 6.0
redhat enterprise_linux 6.4
redhat enterprise_linux 7.0
redhat enterprise_linux 7.6
redhat enterprise_linux 8.0
redhat enterprise_linux_compute_node_eus 7.6
redhat enterprise_linux_eus 7.6
redhat enterprise_linux_eus 7.7
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_for_power_big_endian_eus 7.6_ppc64
redhat enterprise_linux_for_real_time 7
redhat enterprise_linux_for_real_time 8
redhat enterprise_linux_for_real_time_for_nfv 7
redhat enterprise_linux_for_real_time_for_nfv 8
redhat enterprise_linux_for_real_time_for_nfv_tus 8.2
redhat enterprise_linux_for_real_time_for_nfv_tus 8.4
redhat enterprise_linux_for_real_time_tus 8.2
redhat enterprise_linux_for_real_time_tus 8.4
redhat enterprise_linux_server 7.6
redhat enterprise_linux_server 8.0
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_server_aus 7.3
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_server_tus 8.4
redhat enterprise_linux_tus 7.7
redhat messaging_realtime_grid 2.0
redhat virtualization 4.2
debian debian_linux 8.0
fedoraproject fedora 29
fedoraproject fedora 30
netapp data_availability_services -
netapp hci_management_node -
netapp service_processor -
netapp solidfire -
netapp steelstore_cloud_integrated_storage -
netapp a700s_firmware -
netapp a700s -
netapp a320_firmware -
netapp a320 -
netapp c190_firmware -
netapp c190 -
netapp a220_firmware -
netapp a220 -
netapp fas2720_firmware -
netapp fas2720 -
netapp fas2750_firmware -
netapp fas2750 -
netapp a800_firmware -
netapp a800 -
netapp h300s_firmware -
netapp h300s -
netapp h500s_firmware -
netapp h500s -
netapp h700s_firmware -
netapp h700s -
netapp h300e_firmware -
netapp h300e -
netapp h500e_firmware -
netapp h500e -
netapp h700e_firmware -
netapp h700e -
netapp h410s_firmware -
netapp h410s -
netapp h410s_firmware -
netapp h410s -
netapp h610s_firmware -
netapp h610s -
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.04
opensuse leap 15.0
opensuse leap 15.1



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7BA67015-27B2-47EB-8FA5-9FFA653E9507",
                     versionEndExcluding: "3.16.74",
                     versionStartIncluding: "3.6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B648ED92-5D5C-467D-A1C6-32BF93F95212",
                     versionEndExcluding: "4.4.194",
                     versionStartIncluding: "3.17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD000AE1-F20D-4412-AC5D-992F709C1CFA",
                     versionEndExcluding: "4.9.194",
                     versionStartIncluding: "4.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C65CE90-5501-47F6-8BFC-3830DB93E589",
                     versionEndExcluding: "4.14.146",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AA60C22-26FE-4EF4-A601-BA1D3D34BF19",
                     versionEndExcluding: "4.19.75",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD5B11F2-8CE8-4114-BF86-ECA38F11FD5D",
                     versionEndExcluding: "5.2.17",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:6.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "905EC4D0-7604-476A-8176-9FFCEB1DC6B1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F6FA12B-504C-4DBF-A32E-0548557AA2ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_compute_node_eus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "35A9FD70-E9CA-43AF-A453-E41EAB430E7F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BF3C7A5-9117-42C7-BEA1-4AA378A582EF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "83737173-E12E-4641-BC49-0BD84A6B29D0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian_eus:7.6_ppc64:*:*:*:*:*:*:*",
                     matchCriteriaId: "39C1ABF5-4070-4AA7-BAB8-4F63E1BD91FF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:7:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2B15608-BABC-4663-A58F-B74BD2D1A734",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBF9BCF3-187F-410A-96CA-9C47D3ED6924",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:7:*:*:*:*:*:*:*",
                     matchCriteriaId: "36E85B24-30F2-42AB-9F68-8668C0FCC5E3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5CB3640-F55B-4127-875A-2F52D873D179",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "77C61DDC-81F3-4E2D-9CAA-17A256C85443",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6B0DA79-DF12-4418-B075-F048C9E2979A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B92409A9-0D6B-4B7E-8847-1B63837D201F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5C5860E-9FEB-4259-92FD-A85911E2F99E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "5E92F9B3-3841-4C05-88F0-CEB0735EA4BB",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B0FEFCDD-A212-4525-B449-2C4A00A0D2E9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "98381E61-F082-4302-B51F-5648884F998B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B353CE99-D57C-465B-AAB0-73EF581127D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                     matchCriteriaId: "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_tus:7.7:*:*:*:*:*:*:*",
                     matchCriteriaId: "FC88059E-CCFD-4AFD-9982-41DF225FB840",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:messaging_realtime_grid:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F0ED77E-6D8E-48DF-9D2E-4E821399F893",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:virtualization:4.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D53E13F7-469E-486C-8E86-69AA21091D23",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
                     matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                     matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "146A767F-DC04-454B-9913-17D3A2B5AAA4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDD92BFA-9117-4E6E-A13F-ED064B4B7284",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B7DA42F-5D64-4967-A2D4-6210FE507841",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a320_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6ADE5E80-06D3-4A1B-A655-FBB6CCA03939",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a320:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8FD5E05-3C58-465F-9D4F-ECC2CD78DCFF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "75A43965-CB2E-4C28-AFC3-1ADE7A6B845C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D421A96-E6E9-4B27-ADE0-D8E87A82EEDE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F2D2745-242C-4603-899E-70C9025BDDD2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFB4541D-5EF7-4266-BFF3-2DDEC95E8012",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7FD1DA9-7980-4643-B378-7095892DA176",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "347E9E3E-941C-4109-B59F-B9BB05486B34",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD661062-0D5B-4671-9D92-FEF8D7395C1E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B36CECA5-4545-49C2-92EB-B739407B207F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E7549A-DE35-4274-B3F6-22D51C7A6613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "There is heap-based buffer overflow in kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.",
      },
      {
         lang: "es",
         value: "Se presenta un desbordamiento del búfer en la región heap de la memoria en el kernel, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) o posiblemente ejecutar código arbitrario.",
      },
   ],
   id: "CVE-2019-14816",
   lastModified: "2024-11-21T04:27:25.253",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "secalert@redhat.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-09-20T19:15:11.767",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0174",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0204",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0328",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0339",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0374",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0375",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0653",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0661",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0664",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/security/cve/cve-2019-14816",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2019/Nov/11",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-1/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-2/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-1/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-2/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-1/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-2/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0174",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0204",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0328",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0339",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0374",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0375",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0653",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0661",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0664",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/security/cve/cve-2019-14816",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14816",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Issue Tracking",
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2019/Nov/11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-122",
            },
         ],
         source: "secalert@redhat.com",
         type: "Primary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Secondary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-09-20 19:15
Modified
2024-11-21 04:27
Summary
There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.
References
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlMailing List, Third Party Advisory
secalert@redhat.comhttp://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlThird Party Advisory, VDB Entry
secalert@redhat.comhttp://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
secalert@redhat.comhttp://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0174Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0328Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2020:0339Third Party Advisory
secalert@redhat.comhttps://access.redhat.com/security/cve/cve-2019-14814Third Party Advisory
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814Exploit, Issue Tracking, Patch, Third Party Advisory
secalert@redhat.comhttps://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3aPatch, Third Party Advisory
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlMailing List, Third Party Advisory
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
secalert@redhat.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/Third Party Advisory
secalert@redhat.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/Third Party Advisory
secalert@redhat.comhttps://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
secalert@redhat.comhttps://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4157-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4157-2/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4162-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4162-2/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4163-1/Third Party Advisory
secalert@redhat.comhttps://usn.ubuntu.com/4163-2/Third Party Advisory
secalert@redhat.comhttps://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlThird Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0174Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0328Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2020:0339Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/security/cve/cve-2019-14814Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814Exploit, Issue Tracking, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3aPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/09/msg00025.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4157-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4157-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4162-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4162-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4163-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4163-2/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2019/08/28/1Exploit, Mailing List, Patch, Third Party Advisory
Impacted products
Vendor Product Version
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
linux linux_kernel *
redhat enterprise_linux 5.0
redhat enterprise_linux 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux 8.0
redhat enterprise_linux_eus 8.1
redhat enterprise_linux_eus 8.2
redhat enterprise_linux_eus 8.4
redhat enterprise_linux_for_real_time 8
redhat enterprise_linux_for_real_time_for_nfv 8
redhat enterprise_linux_for_real_time_for_nfv_tus 8.2
redhat enterprise_linux_for_real_time_for_nfv_tus 8.4
redhat enterprise_linux_for_real_time_tus 8.2
redhat enterprise_linux_for_real_time_tus 8.4
redhat enterprise_linux_server_aus 8.2
redhat enterprise_linux_server_aus 8.4
redhat enterprise_linux_server_tus 8.2
redhat enterprise_linux_server_tus 8.4
redhat messaging_realtime_grid 2.0
debian debian_linux 8.0
canonical ubuntu_linux 14.04
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 19.04
opensuse leap 15.0
opensuse leap 15.1
netapp data_availability_services -
netapp hci_management_node -
netapp service_processor -
netapp solidfire -
netapp steelstore_cloud_integrated_storage -
netapp a700s_firmware -
netapp a700s -
netapp a320_firmware -
netapp a320 -
netapp c190_firmware -
netapp c190 -
netapp a220_firmware -
netapp a220 -
netapp fas2720_firmware -
netapp fas2720 -
netapp fas2750_firmware -
netapp fas2750 -
netapp a800_firmware -
netapp a800 -
netapp h300s_firmware -
netapp h300s -
netapp h500s_firmware -
netapp h500s -
netapp h700s_firmware -
netapp h700s -
netapp h300e_firmware -
netapp h300e -
netapp h500e_firmware -
netapp h500e -
netapp h700e_firmware -
netapp h700e -
netapp h410s_firmware -
netapp h410s -
netapp h410c_firmware -
netapp h410c -
netapp h610s_firmware -
netapp h610s -



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F137841E-F14A-48DF-A680-7E792C68C78B",
                     versionEndExcluding: "3.16.74",
                     versionStartIncluding: "3.7",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B648ED92-5D5C-467D-A1C6-32BF93F95212",
                     versionEndExcluding: "4.4.194",
                     versionStartIncluding: "3.17",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD000AE1-F20D-4412-AC5D-992F709C1CFA",
                     versionEndExcluding: "4.9.194",
                     versionStartIncluding: "4.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C65CE90-5501-47F6-8BFC-3830DB93E589",
                     versionEndExcluding: "4.14.146",
                     versionStartIncluding: "4.10",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9AA60C22-26FE-4EF4-A601-BA1D3D34BF19",
                     versionEndExcluding: "4.19.75",
                     versionStartIncluding: "4.15",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:linux:linux_kernel:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD5B11F2-8CE8-4114-BF86-ECA38F11FD5D",
                     versionEndExcluding: "5.2.17",
                     versionStartIncluding: "4.20",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D8B549B-E57B-4DFE-8A13-CAB06B5356B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "92BC9265-6959-4D37-BE5E-8C45E98992F8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "831F0F47-3565-4763-B16F-C87B1FF2035E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_eus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E3F09B5-569F-4C58-9FCA-3C0953D107B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time:8:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBF9BCF3-187F-410A-96CA-9C47D3ED6924",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv:8:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5CB3640-F55B-4127-875A-2F52D873D179",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "77C61DDC-81F3-4E2D-9CAA-17A256C85443",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_for_nfv_tus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "B6B0DA79-DF12-4418-B075-F048C9E2979A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B92409A9-0D6B-4B7E-8847-1B63837D201F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_for_real_time_tus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "C5C5860E-9FEB-4259-92FD-A85911E2F99E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "6897676D-53F9-45B3-B27F-7FF9A4C58D33",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "E28F226A-CBC7-4A32-BE58-398FA5B42481",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "B09ACF2D-D83F-4A86-8185-9569605D8EE1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "AC10D919-57FD-4725-B8D2-39ECB476902F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:messaging_realtime_grid:2.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "7F0ED77E-6D8E-48DF-9D2E-4E821399F893",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "815D70A8-47D3-459C-A32C-9FEACA0659D1",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:19.04:*:*:*:*:*:*:*",
                     matchCriteriaId: "CD783B0C-9246-47D9-A937-6144FE8BFF0F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "146A767F-DC04-454B-9913-17D3A2B5AAA4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FDD92BFA-9117-4E6E-A13F-ED064B4B7284",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B7DA42F-5D64-4967-A2D4-6210FE507841",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a320_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6ADE5E80-06D3-4A1B-A655-FBB6CCA03939",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a320:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8FD5E05-3C58-465F-9D4F-ECC2CD78DCFF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "75A43965-CB2E-4C28-AFC3-1ADE7A6B845C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D421A96-E6E9-4B27-ADE0-D8E87A82EEDE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F2D2745-242C-4603-899E-70C9025BDDD2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFB4541D-5EF7-4266-BFF3-2DDEC95E8012",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7FD1DA9-7980-4643-B378-7095892DA176",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "347E9E3E-941C-4109-B59F-B9BB05486B34",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD661062-0D5B-4671-9D92-FEF8D7395C1E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B36CECA5-4545-49C2-92EB-B739407B207F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E7549A-DE35-4274-B3F6-22D51C7A6613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "108A2215-50FB-4074-94CF-C130FA14566D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7AFC73CE-ABB9-42D3-9A71-3F5BC5381E0E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "32F0B6C0-F930-480D-962B-3F4EFDCC13C7",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "803BC414-B250-4E3A-A478-A3881340D6B8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700e_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FEB3337-BFDE-462A-908B-176F92053CEC",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "736AEAE9-782B-4F71-9893-DED53367E102",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "There is heap-based buffer overflow in Linux kernel, all versions up to, excluding 5.3, in the marvell wifi chip driver in Linux kernel, that allows local users to cause a denial of service(system crash) or possibly execute arbitrary code.",
      },
      {
         lang: "es",
         value: "Se presenta un desbordamiento de búfer en la región heap de la memoria en el kernel de Linux, todas las versiones hasta 5.3 (excluyéndola), en el controlador de chip wifi marvell en el kernel de Linux, que permite a usuarios locales causar una denegación de servicio (bloqueo del sistema) o posiblemente ejecutar código arbitrario.",
      },
   ],
   id: "CVE-2019-14814",
   lastModified: "2024-11-21T04:27:24.883",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "HIGH",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "COMPLETE",
               baseScore: 7.2,
               confidentialityImpact: "COMPLETE",
               integrityImpact: "COMPLETE",
               vectorString: "AV:L/AC:L/Au:N/C:C/I:C/A:C",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 10,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV30: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 5.5,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "NONE",
               integrityImpact: "NONE",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
               version: "3.0",
            },
            exploitabilityScore: 1.8,
            impactScore: 3.6,
            source: "secalert@redhat.com",
            type: "Secondary",
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-09-20T19:15:11.690",
   references: [
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0174",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0328",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0339",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/security/cve/cve-2019-14814",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2019/Nov/11",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-1/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-2/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-1/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-2/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-1/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-2/",
      },
      {
         source: "secalert@redhat.com",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00064.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00066.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/154951/Kernel-Live-Patch-Security-Notice-LSN-0058-1.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "http://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0174",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0328",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2020:0339",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/security/cve/cve-2019-14814",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Issue Tracking",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14814",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://github.com/torvalds/linux/commit/7caac62ed598a196d6ddf8d9c121e12e082cac3a",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/09/msg00025.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O3RUDQJXRJQVGHCGR4YZWTQ3ECBI7TXH/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/T4JZ6AEUKFWBHQAROGMQARJ274PQP2QP/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2019/Nov/11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4157-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4162-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4163-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.openwall.com/lists/oss-security/2019/08/28/1",
      },
   ],
   sourceIdentifier: "secalert@redhat.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-122",
            },
         ],
         source: "secalert@redhat.com",
         type: "Primary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-787",
            },
         ],
         source: "nvd@nist.gov",
         type: "Secondary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-10-11 19:15
Modified
2025-02-07 13:15
Summary
A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095
References
security@android.comhttp://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
security@android.comhttp://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlPatch, Third Party Advisory, VDB Entry
security@android.comhttp://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
security@android.comhttp://seclists.org/fulldisclosure/2019/Oct/38Mailing List, Third Party Advisory
security@android.comhttp://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-enThird Party Advisory
security@android.comhttps://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
security@android.comhttps://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
security@android.comhttps://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
security@android.comhttps://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
security@android.comhttps://source.android.com/security/bulletin/2019-10-01Vendor Advisory
security@android.comhttps://usn.ubuntu.com/4186-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.htmlPatch, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.htmlExploit, Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://seclists.org/fulldisclosure/2019/Oct/38Mailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-enThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/01/msg00013.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2020/03/msg00001.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://seclists.org/bugtraq/2019/Nov/11Mailing List, Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20191031-0005/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://source.android.com/security/bulletin/2019-10-01Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4186-1/Third Party Advisory
Impacted products
Vendor Product Version
google android -
debian debian_linux 8.0
canonical ubuntu_linux 16.04
netapp cloud_backup -
netapp data_availability_services -
netapp hci_management_node -
netapp service_processor -
netapp solidfire -
netapp steelstore_cloud_integrated_storage -
netapp solidfire_baseboard_management_controller_firmware -
netapp solidfire_baseboard_management_controller -
netapp aff_baseboard_management_controller_firmware -
netapp aff_baseboard_management_controller a700s
netapp a320_firmware -
netapp a320 -
netapp c190_firmware -
netapp c190 -
netapp a220_firmware -
netapp a220 -
netapp fas2720_firmware -
netapp fas2720 -
netapp fas2750_firmware -
netapp fas2750 -
netapp a800_firmware -
netapp a800 -
netapp h300s_firmware -
netapp h300s -
netapp h500s_firmware -
netapp h500s -
netapp h700s_firmware -
netapp h700s -
netapp h410s_firmware -
netapp h410s -
netapp h410c_firmware -
netapp h410c -
netapp h610s_firmware -
netapp h610s -
huawei alp-al00b_firmware *
huawei alp-al00b -
huawei alp-tl00b_firmware *
huawei alp-tl00b -
huawei anne-al00_firmware *
huawei anne-al00 -
huawei ares-al00b_firmware *
huawei ares-al00b -
huawei ares-al10d_firmware *
huawei ares-al10d -
huawei ares-tl00chw_firmware *
huawei ares-tl00chw -
huawei bla-al00b_firmware *
huawei bla-al00b -
huawei bla-l29c_firmware *
huawei bla-l29c -
huawei bla-tl00b_firmware *
huawei bla-tl00b -
huawei barca-al00_firmware *
huawei barca-al00 -
huawei berkeley-l09_firmware *
huawei berkeley-l09 -
huawei berkeley-tl10_firmware *
huawei berkeley-tl10 -
huawei columbia-al00a_firmware *
huawei columbia-al00a -
huawei columbia-l29d_firmware *
huawei columbia-l29d -
huawei cornell-tl10b_firmware *
huawei cornell-tl10b -
huawei duke-l09i_firmware *
huawei duke-l09i -
huawei dura-al00a_firmware *
huawei dura-al00a -
huawei figo-al00a_firmware *
huawei figo-al00a -
huawei florida-al20b_firmware *
huawei florida-al20b -
huawei florida-l03_firmware *
huawei florida-l03 -
huawei florida-l21_firmware *
huawei florida-l21 -
huawei florida-l22_firmware *
huawei florida-l22 -
huawei florida-tl10b_firmware *
huawei florida-tl10b -
huawei mate_rs_firmware 9.1.0.321\(c786e320r1p1t8\)
huawei mate_rs -
huawei p20_firmware *
huawei p20 -
huawei p20_lite_firmware *
huawei p20_lite -
huawei p20_lite_firmware *
huawei p20_lite -
huawei p20_lite_firmware *
huawei p20_lite -
huawei y9_2019_firmware *
huawei y9_2019 -
huawei nova_2s_firmware *
huawei nova_2s -
huawei nova_3_firmware *
huawei nova_3 -
huawei nova_3e_firmware *
huawei nova_3e -
huawei p20_lite_firmware *
huawei p20_lite -
huawei p20_lite_firmware *
huawei p20_lite -
huawei nova_3e_firmware *
huawei nova_3e -
huawei nova_3e_firmware *
huawei nova_3e -
huawei p20_lite_firmware *
huawei p20_lite -
huawei honor_view_20_firmware *
huawei honor_view_20 -
huawei jakarta-al00a_firmware *
huawei jakarta-al00a -
huawei johnson-tl00d_firmware *
huawei johnson-tl00d -
huawei leland-al10b_firmware *
huawei leland-al10b -
huawei leland-l21a_firmware *
huawei leland-l21a -
huawei leland-l32a_firmware *
huawei leland-l32a -
huawei leland-tl10b_firmware *
huawei leland-tl10b -
huawei leland-tl10c_firmware *
huawei leland-tl10c -
huawei lelandp-al00c_firmware *
huawei lelandp-al00c -
huawei lelandp-l22c_firmware *
huawei lelandp-l22c -
huawei neo-al00d_firmware *
huawei neo-al00d -
huawei princeton-al10b_firmware *
huawei princeton-al10b -
huawei rhone-al00_firmware *
huawei rhone-al00 -
huawei stanford-l09_firmware *
huawei stanford-l09 -
huawei stanford-l09s_firmware *
huawei stanford-l09s -
huawei sydney-al00_firmware *
huawei sydney-al00 -
huawei sydney-tl00_firmware *
huawei sydney-tl00 -
huawei sydneym-al00_firmware *
huawei sydneym-al00 -
huawei tony-al00b_firmware *
huawei tony-al00b -
huawei tony-tl00b_firmware *
huawei tony-tl00b -
huawei yale-al00a_firmware *
huawei yale-al00a -
huawei yale-l21a_firmware *
huawei yale-l21a -
huawei yale-tl00b_firmware *
huawei yale-tl00b -
huawei honor_9i_firmware *
huawei honor_9i -



{
   cisaActionDue: "2022-05-03",
   cisaExploitAdd: "2021-11-03",
   cisaRequiredAction: "Apply updates per vendor instructions.",
   cisaVulnerabilityName: "Android Kernel Use-After-Free Vulnerability",
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:google:android:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F8B9FEC8-73B6-43B8-B24E-1F7C20D91D26",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:data_availability_services:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0EF46487-B64A-454E-AECC-D74B83170ACD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "146A767F-DC04-454B-9913-17D3A2B5AAA4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:solidfire_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB9B8171-F6CA-427D-81E0-6536D3BBFA8D",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:solidfire_baseboard_management_controller:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "090AA6F4-4404-4E26-82AB-C3A22636F276",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:aff_baseboard_management_controller_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4D90857-AB13-47AF-B42A-7ADB190DB189",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:aff_baseboard_management_controller:a700s:*:*:*:*:*:*:*",
                     matchCriteriaId: "804B2D7C-D890-4C4C-8A76-1760552E11BC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a320_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6ADE5E80-06D3-4A1B-A655-FBB6CCA03939",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a320:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8FD5E05-3C58-465F-9D4F-ECC2CD78DCFF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "75A43965-CB2E-4C28-AFC3-1ADE7A6B845C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D421A96-E6E9-4B27-ADE0-D8E87A82EEDE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F2D2745-242C-4603-899E-70C9025BDDD2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFB4541D-5EF7-4266-BFF3-2DDEC95E8012",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7FD1DA9-7980-4643-B378-7095892DA176",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "347E9E3E-941C-4109-B59F-B9BB05486B34",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD661062-0D5B-4671-9D92-FEF8D7395C1E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B36CECA5-4545-49C2-92EB-B739407B207F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E7549A-DE35-4274-B3F6-22D51C7A6613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h300s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6770B6C3-732E-4E22-BF1C-2D2FD610061C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h300s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "9F9C8C20-42EB-4AB5-BD97-212DEB070C43",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h500s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7FFF7106-ED78-49BA-9EC5-B889E3685D53",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h500s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E63D8B0F-006E-4801-BF9D-1C001BBFB4F9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h700s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56409CEC-5A1E-4450-AA42-641E459CC2AF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h700s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B06F4839-D16A-4A61-9BB5-55B13F41E47F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0B4AD8A-F172-4558-AEC6-FF424BA2D912",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8497A4C9-8474-4A62-8331-3FE862ED4098",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h410c_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "234DEFE0-5CE5-4B0A-96B8-5D227CB8ED31",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h410c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDDF61B7-EC5C-467C-B710-B89F502CD04F",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:h610s_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD7CFE0E-9D1E-4495-B302-89C3096FC0DF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:h610s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F63A3FA7-AAED-4A9D-9FDE-6195302DA0F6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:alp-al00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E6D335F3-297A-4554-A0DC-E21B32DB2942",
                     versionEndExcluding: "10.0.0.162\\(c00e156r2p4\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:alp-al00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0FA2B2F1-3D58-4DC7-AB7A-28BF8B282333",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:alp-tl00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6BCC614-F819-4848-A575-1EA8165ACA38",
                     versionEndExcluding: "10.0.0.162\\(c01e156r1p4\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:alp-tl00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7918CD6-341B-4FCC-BD31-30B8952192C8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:anne-al00_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2C3D122C-8B73-4D58-A82F-1A4AC75DD0A9",
                     versionEndExcluding: "9.1.0.126\\(c00e126r1p7t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:anne-al00:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "06F78E5C-78A2-464C-B4DC-8CF6A2D1133C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:ares-al00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "3CCF81FB-C379-4D15-9CA7-E59974F53B77",
                     versionEndExcluding: "9.1.0.165\\(c00e165r2p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:ares-al00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "43F6F4AE-1938-4E92-8DBD-A80B703EDCA9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:ares-al10d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3E53657-BC96-4EB4-8AC5-865346E732CC",
                     versionEndExcluding: "9.1.0.165\\(c00e165r2p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:ares-al10d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C56298B1-7923-44E1-B9D5-78C030792209",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:ares-tl00chw_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2934E6C1-FDAE-495B-9D02-8BD40B186F5F",
                     versionEndExcluding: "8.2.0.163\\(c01r2p1\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:ares-tl00chw:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "56A210C7-08C6-4FDA-951B-AA9DA99F97DD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:bla-al00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "118F23B4-3D14-47DA-8382-D2AA89516483",
                     versionEndExcluding: "10.0.0.170\\(c786e170r2p4\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:bla-al00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B11D6D9B-335B-404C-88F3-590DF9E5D878",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:bla-l29c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "72254170-D96B-479B-86DD-9E9A93A7A675",
                     versionEndExcluding: "9.1.0.300\\(c432e4r1p11t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:bla-l29c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "551386D1-3D02-4319-B2A2-1AAE80F7F249",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:bla-tl00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F005F9E1-E61D-4559-AF6B-3ECFEDA687AF",
                     versionEndExcluding: "10.0.0.170\\(c01e170r1p4\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:bla-tl00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BAAF02E9-8732-4E8E-8AA6-A422C200F9B6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:barca-al00_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5BFDE403-5A29-4A02-8E62-041E4A23ADD2",
                     versionEndExcluding: "8.0.0.377\\(c00\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:barca-al00:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3FA823EC-2A56-4C48-8FB5-317B6ED81E40",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:berkeley-l09_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "865F26AC-8EA6-4003-953C-1FF933AC2A25",
                     versionEndExcluding: "9.1.0.351\\(c432e5r1p13t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:berkeley-l09:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB51593F-70AE-47F6-AFE5-02693181E599",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:berkeley-tl10_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F36EF5C3-FF4A-4849-97C3-FD4BC05FBCD5",
                     versionEndExcluding: "9.1.0.333\\(c01e333r1p1t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:berkeley-tl10:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6CE70011-5F76-460B-ABB5-7C738B0AB2CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:columbia-al00a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B00FF2D-9E0B-4C38-9C6B-23052D7B6339",
                     versionEndExcluding: "8.1.0.186\\(c00gt\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:columbia-al00a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D4D3605-6171-437D-9319-068DC8E9E7E0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:columbia-l29d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "617327F7-0DFA-4239-BF02-FA0B22AAF6AF",
                     versionEndExcluding: "9.1.0.325\\(c432e4r1p12t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:columbia-l29d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "07042814-6B3A-4D7C-A776-02DA9AC9B8DC",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:cornell-tl10b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E771D6E9-1177-4579-8065-8DC0BB6A73F8",
                     versionEndExcluding: "9.1.0.321\\(c01e320r1p1t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:cornell-tl10b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "73F60E9A-0ACB-4E44-ADFB-771C695FCF08",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:duke-l09i_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "88B97220-A86A-4F07-8DCA-9E44DBA7137F",
                     versionEndExcluding: "9.0.1.171\\(c675e6r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:duke-l09i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "90C6E2FE-741F-4241-A123-F6934948BB12",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:dura-al00a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E79C71B2-0344-4AFA-8AA5-560DE03AF9A4",
                     versionEndExcluding: "1.0.0.190\\(c00\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:dura-al00a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC591FA6-55E1-4628-AE43-CD1E2A4980E9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:figo-al00a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "181B057A-E12F-44A7-BEF3-3D0F78D5BE7A",
                     versionEndExcluding: "9.1.0.130\\(c00e115r2p8t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:figo-al00a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A1319FFD-91B6-4A56-BF45-256692D75FDD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:florida-al20b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AED8A17-5120-4F1F-819B-C2592FC73411",
                     versionEndExcluding: "9.1.0.128\\(c00e112r1p6t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:florida-al20b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5DF7DFEE-5C99-4C65-B3D8-AEE21E81A6BA",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:florida-l03_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "011099DF-3D08-417C-A4BE-838EC9755F48",
                     versionEndExcluding: "9.1.0.154\\(c605e7r1p2t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:florida-l03:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D7A1E5A-A17C-4495-82A0-0A7C58185971",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:florida-l21_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A5627E2-1D73-40B2-A2E7-864AD016E07C",
                     versionEndExcluding: "9.1.0.154\\(c605e7r1p2t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:florida-l21:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "88CD5EEC-DA40-4B35-A2CD-6F48147F0810",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:florida-l22_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "49F91DCF-B3DF-4087-A608-0E6A06DE6FA4",
                     versionEndExcluding: "9.1.0.150\\(c636e6r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:florida-l22:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D1387541-860F-43AE-809B-AFA9338DC378",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:florida-tl10b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B1E7E0ED-EB2E-4A55-B81D-8ECE3FD3AE58",
                     versionEndExcluding: "9.1.0.128\\(c01e112r1p6t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:florida-tl10b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4776C729-200A-4D86-B635-185B65FC2570",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:mate_rs_firmware:9.1.0.321\\(c786e320r1p1t8\\):*:*:*:*:*:*:*",
                     matchCriteriaId: "887851AE-6FD5-4C7D-AAB5-2791E98DF578",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:mate_rs:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FBDD07EB-20AB-4E6F-B009-60A2C08C3B1C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:p20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E3A590F5-A49B-4752-9EF0-290A03055D67",
                     versionEndExcluding: "9.1.0.312\\(c00e312r1p1t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:p20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7492911B-4242-4947-9DED-9F48FC0875CD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:p20_lite_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "05A03D81-1266-40CF-8FB1-E91B02544D6B",
                     versionEndExcluding: "9.1.0.200\\(c605e4r1p3t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:p20_lite:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D316DCAD-2DE7-49F3-995A-10EBFA693398",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:p20_lite_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C0D11586-3604-4609-8643-25778B8A239D",
                     versionEndExcluding: "9.1.0.200\\(c635e5r1p1t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:p20_lite:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D316DCAD-2DE7-49F3-995A-10EBFA693398",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:p20_lite_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1B7E4CBB-A552-46F6-97C5-EA8C80B7E156",
                     versionEndExcluding: "9.1.0.246\\(c432e6r1p7t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:p20_lite:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D316DCAD-2DE7-49F3-995A-10EBFA693398",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:y9_2019_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D327D03E-A9A5-4DEA-9E99-E21CD6FE352D",
                     versionEndExcluding: "9.1.0.297\\(c605e4r1p1t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:y9_2019:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F48ABE15-BC87-4B02-8B39-94DA1DC96B92",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:nova_2s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9017B3E4-3C5A-42B4-84E6-DF61C4E49DF0",
                     versionEndExcluding: "9.1.0.210\\(c01e110r1p9t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:nova_2s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "564CA70A-8211-4C36-B8C6-CF29369E43D3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:nova_3_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "64C5F693-BB20-4061-8614-11BCD9F95117",
                     versionEndExcluding: "9.1.0.351\\(c00e351r1p1t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:nova_3:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BF68FFB0-01F8-4937-8BF4-36866F02E9A8",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:nova_3e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C2C2381E-886E-4992-873F-BF41B24AD4D7",
                     versionEndExcluding: "9.1.0.200\\(c636e4r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:nova_3e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40066CF9-0528-40BB-8355-BEB7F187600A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:p20_lite_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "8AD38BEC-57FC-468A-8AAF-B56408575E45",
                     versionEndExcluding: "9.1.0.200\\(c636e4r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:p20_lite:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D316DCAD-2DE7-49F3-995A-10EBFA693398",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:p20_lite_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1733163A-DE27-488D-8A56-289A7AB629DC",
                     versionEndExcluding: "9.1.0.201\\(c636e4r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:p20_lite:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D316DCAD-2DE7-49F3-995A-10EBFA693398",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:nova_3e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7DA5C946-EDC4-4219-B745-75388B292BF0",
                     versionEndExcluding: "9.1.0.201\\(c636e4r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:nova_3e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40066CF9-0528-40BB-8355-BEB7F187600A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:nova_3e_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6800926-B3F6-4820-8D05-1153F38A792A",
                     versionEndExcluding: "9.1.0.201\\(zafc185e4r1p8t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:nova_3e:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "40066CF9-0528-40BB-8355-BEB7F187600A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:p20_lite_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9ABB62EE-FCEC-41E1-9640-A4E9D64B9819",
                     versionEndExcluding: "9.1.0.201\\(zafc185e4r1p8t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:p20_lite:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D316DCAD-2DE7-49F3-995A-10EBFA693398",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:honor_view_20_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C3BB4FCB-BDB1-4EFD-BE78-F16D56B63CDD",
                     versionEndExcluding: "10.1.0.214\\(c10e5r4p3\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:honor_view_20:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6A55CF4F-8E86-419C-845B-CE60070620A3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:jakarta-al00a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2187FAFD-772A-4200-AB9E-067DC8422890",
                     versionEndExcluding: "9.1.0.260\\(c00e120r2p2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:jakarta-al00a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "44E124FE-9F3E-4A89-9DFB-2ACEF751BA82",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:johnson-tl00d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B6B7116-2FE3-4188-8E91-83365E15B5AF",
                     versionEndExcluding: "9.1.0.219\\(c01e18r3p2t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:johnson-tl00d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "566629E0-84F2-4DFA-A20E-2D20C472E4B9",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:leland-al10b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "10FD6A92-DCCC-413A-8871-2DB58E6ED2EE",
                     versionEndExcluding: "9.1.0.130\\(c00e112r2p10t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:leland-al10b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4C42CB5B-492C-40B0-9230-B15F540B121B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:leland-l21a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9233AB6A-2075-4615-8EA1-6088238BE099",
                     versionEndExcluding: "9.1.0.156\\(c185e5r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:leland-l21a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A663ACC5-FC2D-4FD7-BA9E-55344E257D4A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:leland-l32a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4626E56-367C-4C0A-B920-C4138FF557DC",
                     versionEndExcluding: "9.1.0.153\\(c675e6r1p4t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:leland-l32a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7704B5F-4164-477C-A528-2998092C81D0",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:leland-tl10b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C54C4BF8-3F83-4E9C-8CD9-9F59B7BCD859",
                     versionEndExcluding: "9.1.0.130\\(c01e112r2p10t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:leland-tl10b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EDB8A667-95DE-4087-8418-49F5ACE194BD",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:leland-tl10c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B2BA2E31-DAC3-4CD3-8578-1FA190B815A9",
                     versionEndExcluding: "9.1.0.130\\(c01e112r2p10t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:leland-tl10c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "11CB58EA-972E-460F-95F4-5413E05DA04C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:lelandp-al00c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A27CC4DE-5A6A-40CD-BAE7-57B070B463EE",
                     versionEndExcluding: "9.1.0.130\\(c00e112r2p10t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:lelandp-al00c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BD659D6-F838-4668-901A-0C17AB18E7C6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:lelandp-l22c_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "06C48B38-0555-4116-B19A-58CC5FF2C80C",
                     versionEndExcluding: "9.1.0.156\\(c636e5r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:lelandp-l22c:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "80D7FA39-2EE4-49F8-9EF4-009304DB6108",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:neo-al00d_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9DD3B902-FFD3-4F1D-8355-9DDC0A2C5275",
                     versionEndExcluding: "9.1.0.321\\(c786e320r1p1t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:neo-al00d:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4B07FEC-514D-4A51-B26B-02254A867DC5",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:princeton-al10b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4B4B9600-877F-458C-8E89-40E0B0D21E8A",
                     versionEndExcluding: "10.1.0.160\\(c00e160r2p11\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:princeton-al10b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D9F930E0-D32C-4D37-8A1D-78D4BFAECF37",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:rhone-al00_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "509E4F2C-2248-4B3B-8ABA-E52850E17B6C",
                     versionEndExcluding: "8.0.0.376\\(c00\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:rhone-al00:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4584E368-FDA6-41FD-923F-74A30E404967",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:stanford-l09_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1C3D3655-4B7C-4211-9F41-F01C34A8EB70",
                     versionEndExcluding: "9.1.0.211\\(c635e2r1p4t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:stanford-l09:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E1BE2AB5-C033-41E2-A1EF-9DCAE8F2120B",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:stanford-l09s_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D939D905-AD5E-4576-B381-921DA6FF7F57",
                     versionEndExcluding: "9.1.0.210\\(c432e2r1p5t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:stanford-l09s:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5091556-29A3-4781-A6CA-FB0BD03DEB01",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:sydney-al00_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CE6D5B81-ED8D-41C1-88DD-9FD23EBD1ABE",
                     versionEndExcluding: "9.1.0.212\\(c00e62r1p7t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:sydney-al00:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "66A35E71-4D6A-494D-882B-987CE16E3467",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:sydney-tl00_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AA5AAC87-00E5-4C00-95F2-6D9A9300954A",
                     versionEndExcluding: "9.1.0.212\\(c01e62r1p7t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:sydney-tl00:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F4A324E-CF87-4C79-B42A-F5B3B7CEFE6E",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:sydneym-al00_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C93EE0CF-AFF9-40B8-B306-3BC86F679B90",
                     versionEndExcluding: "9.1.0.212\\(c00e62r1p7t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:sydneym-al00:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "FF9295B5-8194-4AE9-91B3-5AD3C79FB9A6",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:tony-al00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1ECB2A68-D67D-492F-9803-7524D96B735B",
                     versionEndExcluding: "10.0.0.175\\(c00e59r2p11\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:tony-al00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E14B978-2A3C-4F55-8E3A-BA41AB137C33",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:tony-tl00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E60D3DEC-EAEC-44AF-9CFC-6A2174C2D8D1",
                     versionEndExcluding: "10.0.0.175\\(c01e59r2p11\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:tony-tl00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BF11E947-FCDE-4EFD-A14D-5C2BD7BC5A56",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:yale-al00a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BDC1976-E07B-4464-84DB-EACAE30D97E5",
                     versionEndExcluding: "10.1.0.160\\(c00e160r8p12\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:yale-al00a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "562D05D2-CC9E-4973-9E8D-B40C0ED6C721",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:yale-l21a_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2221682B-7C40-43F0-8BE4-64872D0388E6",
                     versionEndExcluding: "10.1.0.231\\(c10e3r3p2\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:yale-l21a:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C9F4FF5-07B8-456E-87C3-DB7C725E20F3",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:yale-tl00b_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B4C61685-A7A9-4E2E-BA7B-15A3C32B3F4B",
                     versionEndExcluding: "10.1.0.160\\(c01e160r8p12\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:yale-tl00b:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A4177D27-D234-4BBF-A4D9-1C0DCE5B322C",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:huawei:honor_9i_firmware:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "687E4FF2-3AA5-4E10-9911-6634A77EDCF1",
                     versionEndExcluding: "9.1.0.130\\(c00e112r2p10t8\\)",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:huawei:honor_9i:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F931151C-4D0A-44D1-9417-B467F7E148A2",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "A use-after-free in binder.c allows an elevation of privilege from an application to the Linux Kernel. No user interaction is required to exploit this vulnerability, however exploitation does require either the installation of a malicious local application or a separate vulnerability in a network facing application.Product: AndroidAndroid ID: A-141720095",
      },
      {
         lang: "es",
         value: "Un uso de la memoria previamente liberada en el archivo binder.c, permite una elevación de privilegios desde una aplicación en el kernel de Linux. No es requerida una interacción del usuario para explotar esta vulnerabilidad, sin embargo, la explotación necesita de la instalación de una aplicación local maliciosa o una vulnerabilidad separada en una aplicación de red. Producto: Android; ID de Android: A-141720095",
      },
   ],
   id: "CVE-2019-2215",
   lastModified: "2025-02-07T13:15:27.050",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "LOW",
               accessVector: "LOCAL",
               authentication: "NONE",
               availabilityImpact: "PARTIAL",
               baseScore: 4.6,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "PARTIAL",
               vectorString: "AV:L/AC:L/Au:N/C:P/I:P/A:P",
               version: "2.0",
            },
            exploitabilityScore: 3.9,
            impactScore: 6.4,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "nvd@nist.gov",
            type: "Primary",
         },
         {
            cvssData: {
               attackComplexity: "LOW",
               attackVector: "LOCAL",
               availabilityImpact: "HIGH",
               baseScore: 7.8,
               baseSeverity: "HIGH",
               confidentialityImpact: "HIGH",
               integrityImpact: "HIGH",
               privilegesRequired: "LOW",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
               version: "3.1",
            },
            exploitabilityScore: 1.8,
            impactScore: 5.9,
            source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
            type: "Secondary",
         },
      ],
   },
   published: "2019-10-11T19:15:10.947",
   references: [
      {
         source: "security@android.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
      },
      {
         source: "security@android.com",
         tags: [
            "Patch",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "security@android.com",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
      },
      {
         source: "security@android.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2019/Oct/38",
      },
      {
         source: "security@android.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
      },
      {
         source: "security@android.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "security@android.com",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "security@android.com",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2019/Nov/11",
      },
      {
         source: "security@android.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
      },
      {
         source: "security@android.com",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://source.android.com/security/bulletin/2019-10-01",
      },
      {
         source: "security@android.com",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4186-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/154911/Android-Binder-Use-After-Free.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/155212/Slackware-Security-Advisory-Slackware-14.2-kernel-Updates.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Exploit",
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://packetstormsecurity.com/files/156495/Android-Binder-Use-After-Free.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://seclists.org/fulldisclosure/2019/Oct/38",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20191030-01-binder-en",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/01/msg00013.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2020/03/msg00001.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://seclists.org/bugtraq/2019/Nov/11",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20191031-0005/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://source.android.com/security/bulletin/2019-10-01",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/4186-1/",
      },
   ],
   sourceIdentifier: "security@android.com",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
      {
         description: [
            {
               lang: "en",
               value: "CWE-416",
            },
         ],
         source: "134c704f-9b21-4f2e-91b3-4a467353bcc0",
         type: "Secondary",
      },
   ],
}

Vulnerability from fkie_nvd
Published
2019-02-27 23:29
Modified
2024-11-21 04:36
Summary
If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable "non-stitched" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).
References
openssl-security@openssl.orghttp://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttp://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttp://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttp://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttp://www.securityfocus.com/bid/107174Third Party Advisory, VDB Entry
openssl-security@openssl.orghttps://access.redhat.com/errata/RHSA-2019:2304Third Party Advisory
openssl-security@openssl.orghttps://access.redhat.com/errata/RHSA-2019:2437Third Party Advisory
openssl-security@openssl.orghttps://access.redhat.com/errata/RHSA-2019:2439Third Party Advisory
openssl-security@openssl.orghttps://access.redhat.com/errata/RHSA-2019:2471Third Party Advisory
openssl-security@openssl.orghttps://access.redhat.com/errata/RHSA-2019:3929Third Party Advisory
openssl-security@openssl.orghttps://access.redhat.com/errata/RHSA-2019:3931Third Party Advisory
openssl-security@openssl.orghttps://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
openssl-security@openssl.orghttps://kc.mcafee.com/corporate/index?page=content&id=SB10282Third Party Advisory
openssl-security@openssl.orghttps://lists.debian.org/debian-lts-announce/2019/03/msg00003.htmlMailing List, Third Party Advisory
openssl-security@openssl.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
openssl-security@openssl.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
openssl-security@openssl.orghttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
openssl-security@openssl.orghttps://security.gentoo.org/glsa/201903-10Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20190301-0001/Patch, Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20190301-0002/Broken Link, Third Party Advisory
openssl-security@openssl.orghttps://security.netapp.com/advisory/ntap-20190423-0002/Third Party Advisory
openssl-security@openssl.orghttps://support.f5.com/csp/article/K18549143Third Party Advisory
openssl-security@openssl.orghttps://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS
openssl-security@openssl.orghttps://usn.ubuntu.com/3899-1/Third Party Advisory
openssl-security@openssl.orghttps://usn.ubuntu.com/4376-2/Broken Link
openssl-security@openssl.orghttps://www.debian.org/security/2019/dsa-4400Third Party Advisory
openssl-security@openssl.orghttps://www.openssl.org/news/secadv/20190226.txtVendor Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpujan2020.htmlThird Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2019-02Patch, Third Party Advisory
openssl-security@openssl.orghttps://www.tenable.com/security/tns-2019-03Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/107174Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2304Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2437Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2439Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:2471Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:3929Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2019:3931Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e
af854a3a-2127-422b-91ae-364da2661108https://kc.mcafee.com/corporate/index?page=content&id=SB10282Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2019/03/msg00003.htmlMailing List, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201903-10Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20190301-0001/Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20190301-0002/Broken Link, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20190423-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K18549143Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/3899-1/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://usn.ubuntu.com/4376-2/Broken Link
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2019/dsa-4400Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openssl.org/news/secadv/20190226.txtVendor Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2020.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/security-alerts/cpujan2021.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2019-02Patch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.tenable.com/security/tns-2019-03Third Party Advisory
Impacted products
Vendor Product Version
openssl openssl *
canonical ubuntu_linux 16.04
canonical ubuntu_linux 18.04
canonical ubuntu_linux 18.10
debian debian_linux 8.0
debian debian_linux 9.0
netapp active_iq_unified_manager *
netapp active_iq_unified_manager *
netapp active_iq_unified_manager -
netapp altavault -
netapp cloud_backup -
netapp clustered_data_ontap_antivirus_connector -
netapp element_software -
netapp hci_management_node -
netapp hyper_converged_infrastructure -
netapp oncommand_insight -
netapp oncommand_unified_manager -
netapp oncommand_unified_manager -
netapp oncommand_unified_manager_core_package -
netapp oncommand_workflow_automation -
netapp ontap_select_deploy -
netapp ontap_select_deploy_administration_utility -
netapp santricity_smi-s_provider -
netapp service_processor -
netapp smi-s_provider -
netapp snapcenter -
netapp snapdrive -
netapp snapdrive -
netapp snapprotect -
netapp solidfire -
netapp steelstore_cloud_integrated_storage -
netapp storage_automation_store -
netapp storagegrid *
netapp storagegrid -
netapp hci_compute_node -
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_access_policy_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_advanced_firewall_manager *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_analytics *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_acceleration_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_application_security_manager *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_domain_name_system *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_edge_gateway *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_fraud_protection_service *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_global_traffic_manager *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_link_controller *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_local_traffic_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_policy_enforcement_manager *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-ip_webaccelerator *
f5 big-iq_centralized_management *
f5 big-iq_centralized_management *
f5 traffix_signaling_delivery_controller *
f5 traffix_signaling_delivery_controller 4.4.0
tenable nessus *
opensuse leap 15.0
opensuse leap 15.1
opensuse leap 42.3
netapp cn1610_firmware -
netapp cn1610 -
netapp a320_firmware -
netapp a320 -
netapp c190_firmware -
netapp c190 -
netapp a220_firmware -
netapp a220 -
netapp fas2720_firmware -
netapp fas2720 -
netapp fas2750_firmware -
netapp fas2750 -
netapp a800_firmware -
netapp a800 -
fedoraproject fedora 29
fedoraproject fedora 30
fedoraproject fedora 31
mcafee agent *
mcafee data_exchange_layer *
mcafee threat_intelligence_exchange_server *
mcafee web_gateway *
redhat jboss_enterprise_web_server 5.0.0
redhat enterprise_linux 6.0
redhat enterprise_linux 7.0
redhat enterprise_linux 8.0
redhat virtualization 4.0
redhat virtualization_host 4.0
redhat enterprise_linux 7.0
redhat enterprise_linux_desktop 6.0
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_workstation 6.0
redhat enterprise_linux_workstation 7.0
oracle api_gateway 11.1.2.4.0
oracle business_intelligence 11.1.1.9.0
oracle business_intelligence 12.2.1.3.0
oracle business_intelligence 12.2.1.4.0
oracle communications_diameter_signaling_router 8.0.0
oracle communications_diameter_signaling_router 8.1
oracle communications_diameter_signaling_router 8.2
oracle communications_diameter_signaling_router 8.3
oracle communications_diameter_signaling_router 8.4
oracle communications_performance_intelligence_center 10.4.0.2
oracle communications_session_border_controller 7.4
oracle communications_session_border_controller 8.0.0
oracle communications_session_border_controller 8.1.0
oracle communications_session_border_controller 8.2
oracle communications_session_border_controller 8.3
oracle communications_session_router 7.4
oracle communications_session_router 8.0
oracle communications_session_router 8.1
oracle communications_session_router 8.2
oracle communications_session_router 8.3
oracle communications_unified_session_manager 7.3.5
oracle communications_unified_session_manager 8.2.5
oracle endeca_server 7.7.0
oracle enterprise_manager_base_platform 12.1.0.5.0
oracle enterprise_manager_base_platform 13.2.0.0.0
oracle enterprise_manager_base_platform 13.3.0.0.0
oracle enterprise_manager_ops_center 12.3.3
oracle enterprise_manager_ops_center 12.4.0
oracle jd_edwards_enterpriseone_tools 9.2
oracle jd_edwards_world_security a9.3
oracle jd_edwards_world_security a9.3.1
oracle jd_edwards_world_security a9.4
oracle mysql *
oracle mysql *
oracle mysql *
oracle mysql_enterprise_monitor *
oracle mysql_enterprise_monitor *
oracle mysql_workbench *
oracle peoplesoft_enterprise_peopletools 8.55
oracle peoplesoft_enterprise_peopletools 8.56
oracle peoplesoft_enterprise_peopletools 8.57
oracle secure_global_desktop 5.4
oracle services_tools_bundle 19.2
paloaltonetworks pan-os *
paloaltonetworks pan-os *
paloaltonetworks pan-os *
paloaltonetworks pan-os *
nodejs node.js *
nodejs node.js *
nodejs node.js *
nodejs node.js *



{
   configurations: [
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:openssl:openssl:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "1FB0EC34-4625-4B2A-8AB9-0764D9D9E6BC",
                     versionEndExcluding: "1.0.2r",
                     versionStartIncluding: "1.0.2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*",
                     matchCriteriaId: "7A5301BF-1402-4BE0-A0F8-69FBE79BC6D6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*",
                     matchCriteriaId: "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*",
                     matchCriteriaId: "07C312A0-CD2C-4B9C-B064-6409B25C278F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DEECE5FC-CACF-4496-A3E7-164736409252",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*",
                     matchCriteriaId: "BD075607-09B7-493E-8611-66D041FFDA62",
                     versionStartIncluding: "7.3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
                     matchCriteriaId: "0CB28AF5-5AF0-4475-A7B6-12E1795FFDCB",
                     versionStartIncluding: "9.5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*",
                     matchCriteriaId: "B55E8D50-99B4-47EC-86F9-699B67D473CE",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:altavault:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E878102-1EA0-4D83-9F36-955DCF902211",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C2089EE-5D7F-47EC-8EA5-0F69790564C4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:clustered_data_ontap_antivirus_connector:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "62347994-1353-497C-9C4A-D5D8D95F67E8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:element_software:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "85DF4B3F-4BBC-42B7-B729-096934523D63",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hci_management_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A3C19813-E823-456A-B1CE-EC0684CE1953",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:hyper_converged_infrastructure:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "893C0367-DD1A-4754-B9E0-4944344108EC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1BE6C1F-2565-4E97-92AA-16563E5660A5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "C18CA4B5-28FD-4199-B1F0-B1E59E920370",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:vsphere:*:*",
                     matchCriteriaId: "EB2FB857-5F1F-46E5-A90C-AFB990BF1660",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_unified_manager_core_package:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0A4D418D-B526-46B9-B439-E1963BF88C0A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "5735E553-9731-4AAC-BCFF-989377F817B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:ontap_select_deploy:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E968916-8CE0-4165-851F-14E37ECEA948",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:ontap_select_deploy_administration_utility:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E7CF3019-975D-40BB-A8A4-894E62BD3797",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:santricity_smi-s_provider:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "361B791A-D336-4431-8F68-8135BEFFAEA2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:service_processor:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "146A767F-DC04-454B-9913-17D3A2B5AAA4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:smi-s_provider:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4BB0FDCF-3750-44C6-AC5C-0CC2AAD14093",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "BDFB1169-41A0-4A86-8E4F-FDA9730B1E94",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:unix:*:*",
                     matchCriteriaId: "61D7EF01-F618-497F-9375-8003CEA3D380",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snapdrive:-:*:*:*:*:windows:*:*",
                     matchCriteriaId: "BEDE62C6-D571-4AF8-B85E-CBBCE4AF98B5",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:snapprotect:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "F74F467A-0C81-40D9-BA06-40FB8EF02C04",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:solidfire:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "A6E9EF0C-AFA8-4F7B-9FDC-1E0F7C26E737",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E94F7F59-1785-493F-91A7-5F5EA5E87E4D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "7B7A6697-98CC-4E36-93DB-B7160F8399F9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:storagegrid:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D239B58A-9386-443D-B579-B56AE2A500BC",
                     versionEndIncluding: "9.0.4",
                     versionStartIncluding: "9.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:netapp:storagegrid:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8ADFF451-740F-4DBA-BD23-3881945D3E40",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:h:netapp:hci_compute_node:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD7447BC-F315-4298-A822-549942FC118B",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6C3B5688-0235-4D4F-A26C-440FF24A1B43",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "706316DC-8C24-4D9E-B7B4-F62CB52106B8",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FCBAF5C1-3761-47BB-AD8E-A55A64D33AF3",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_access_policy_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFBB9E7C-08D1-4B30-AD3B-CADBF30D756B",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "151ED6D1-AA85-4213-8F3A-8167CBEC4721",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "BFA83D61-1A50-47F5-B9BE-15D672A6DDAD",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "925049D0-082E-4CED-9996-A55620A220CF",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_advanced_firewall_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "830028B5-9BAF-439C-8166-1053C0CB9836",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D5AA99B-08E7-4959-A3B4-41AA527B4B22",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "22C64069-68D1-445F-B20D-FD1FF8DB0F71",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "6D87C038-B96D-4EA8-AB03-0401B2C9BB24",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_analytics:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "01BC2A57-030F-4A13-B584-BE2627EA3FE7",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9DC86A5F-C793-4848-901F-04BFB57A07F6",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9CE03A8F-DAE1-4923-9741-DC89FA8A6FD8",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "037C035C-9CFC-4224-8264-6132252D11FD",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_acceleration_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FD91F1A1-67F5-4547-848B-21664A9CC685",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2E5552A3-91CD-4B97-AD33-4F1FB4C8827A",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A7E616EB-F2F9-43BF-A23D-8FD0650DA85B",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AE66A673-75EF-4AB3-AD4D-A1E70C7EFB08",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_application_security_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "10367A28-787A-4FAB-80AD-ADD67A751732",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "55C2EC23-E78F-4447-BACF-21FC36ABF155",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "180D2770-61F3-4CFB-B5FA-1CF1796D4B3E",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "46712630-407A-4E61-B62F-3AB156353A1D",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_domain_name_system:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "21E18EA5-2210-41B1-87B0-55AB16514FE2",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFFCCCFF-8B66-4C8B-A99A-32964855EF98",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D0BD10F-735D-4442-828B-0B90207ABEAD",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "448BB033-AE0F-46A0-8E98-3A6AE36EADAE",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_edge_gateway:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CC06609D-C362-4214-8487-2278161B5EAD",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "945A19E8-51EB-42FE-9BF1-12DAC78B5286",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "2008DD47-CC1D-430F-8478-E90617F5F998",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DC39F6EE-478A-4638-B97D-3C25FD318F3D",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_fraud_protection_service:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "317C50A2-FE92-4C78-A94A-062274E6A6A8",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB5007D0-BBDB-4D74-9C88-98FBA74757D1",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "389B6330-3041-4892-97D5-B5A6D9CE1487",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "5C556587-6963-49CF-8A2B-00431B386D78",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_global_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D748001D-340C-45C4-A2D0-0575538C5CEC",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7725810-66D2-4460-A174-9F3BFAD966F2",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7854954-A9A4-487B-B6C7-8DC1F83F4BD7",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "572B1078-60C4-4A71-A0F4-2E2F4FBC4102",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_link_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0371EB7C-3D41-4B8C-8FA9-DC6F42442448",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFD760FE-4347-4D36-B5C6-4009398060F2",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB7588DA-75D3-4374-8871-D92E95509C91",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C95403E8-A078-47E8-9B2F-F572D24C79EF",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_local_traffic_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "9C1BC0A8-5868-4FCA-80A5-661C3870EB7D",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "65B76F53-7D8B-477E-8B6E-91AC0A9009FF",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "E824BD72-428F-4A8D-ABE6-2A45EB9A4E3A",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "57A92EE2-FFC9-45C9-9454-7DFAB1F7EE11",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_policy_enforcement_manager:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0585424E-3F74-400E-8199-ED964317F89F",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "69338CB1-B6E2-44E7-BEC1-6B9EAD560C8B",
                     versionEndIncluding: "12.1.5",
                     versionStartIncluding: "12.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "7A6CF6F4-D68A-45C3-A36E-A8B3AF61367F",
                     versionEndIncluding: "13.1.3",
                     versionStartIncluding: "13.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F2ADF37B-FCEB-4735-82D9-4241E3A4DE64",
                     versionEndIncluding: "14.1.2",
                     versionStartIncluding: "14.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-ip_webaccelerator:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "D7722F39-9B7E-4267-B757-B9570B039323",
                     versionEndIncluding: "15.1.0",
                     versionStartIncluding: "15.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F37D18F2-8C6A-4557-85DC-2A751595423C",
                     versionEndIncluding: "6.1.0",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:big-iq_centralized_management:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C88B0206-093A-4A18-8322-A1CD1D4ACF2A",
                     versionEndIncluding: "7.1.0",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E52F91D-3F39-4D89-8069-EC422FB1F700",
                     versionEndIncluding: "5.1.0",
                     versionStartIncluding: "5.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:f5:traffix_signaling_delivery_controller:4.4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "3D71A781-FBD8-4084-8D9C-00D7B6ECB9A1",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:tenable:nessus:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "427DA624-2397-4A61-A2ED-23F5C22C174E",
                     versionEndIncluding: "8.2.3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F1E78106-58E6-4D59-990F-75DA575BFAD9",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "B620311B-34A3-48A6-82DF-6F078D7A4493",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "5F65DAB0-3DAD-49FF-BC73-3581CC3D5BF3",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:cn1610_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EB30733E-68FC-49C4-86C0-7FEE75C366BF",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:cn1610:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6361DAC6-600F-4B15-8797-D67F298F46FB",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a320_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "6ADE5E80-06D3-4A1B-A655-FBB6CCA03939",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a320:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "E8FD5E05-3C58-465F-9D4F-ECC2CD78DCFF",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:c190_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "75A43965-CB2E-4C28-AFC3-1ADE7A6B845C",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:c190:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "0D421A96-E6E9-4B27-ADE0-D8E87A82EEDE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a220_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "4F2D2745-242C-4603-899E-70C9025BDDD2",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a220:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "EFB4541D-5EF7-4266-BFF3-2DDEC95E8012",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2720_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B7FD1DA9-7980-4643-B378-7095892DA176",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2720:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "347E9E3E-941C-4109-B59F-B9BB05486B34",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:fas2750_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD661062-0D5B-4671-9D92-FEF8D7395C1E",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:fas2750:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "8155BF5F-DD1B-4AB4-81F8-9BCE6A8821AE",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:netapp:a800_firmware:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "B36CECA5-4545-49C2-92EB-B739407B207F",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:h:netapp:a800:-:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8E7549A-DE35-4274-B3F6-22D51C7A6613",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*",
                     matchCriteriaId: "D100F7CE-FC64-4CC6-852A-6136D72DA419",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*",
                     matchCriteriaId: "97A4B8DF-58DA-4AB6-A1F9-331B36409BA3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*",
                     matchCriteriaId: "80F0FA5D-8D3B-4C0E-81E2-87998286AF33",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:mcafee:agent:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CBD9362E-F36F-4820-A29E-5BDDF6AC3ACE",
                     versionEndIncluding: "5.6.4",
                     versionStartIncluding: "5.6.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mcafee:data_exchange_layer:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "02630E85-191E-4C58-B81B-4DAF93A26856",
                     versionEndExcluding: "6.0.0",
                     versionStartIncluding: "4.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mcafee:threat_intelligence_exchange_server:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "65D5476E-FBF9-474B-87E1-B6459E52736C",
                     versionEndExcluding: "3.0.0",
                     versionStartIncluding: "2.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:mcafee:web_gateway:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DDD5E877-978C-4A16-B6C5-41A30D020B54",
                     versionEndExcluding: "9.0.0",
                     versionStartIncluding: "7.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:jboss_enterprise_web_server:5.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E0F04157-FB34-4F22-B328-6BE1F2373DEE",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "2F6AB192-9D7D-4A9A-8995-E53A9DE9EAFC",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
                     vulnerable: false,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "F4CFF558-3C47-480D-A2F0-BABF26042943",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:redhat:virtualization_host:4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "BB28F9AF-3D06-4532-B397-96D7E4792503",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
                     vulnerable: false,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
         operator: "AND",
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "EE249E1B-A1FD-4E08-AA71-A0E1F10FFE97",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "33C068A4-3780-4EAB-A937-6082DF847564",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "9BBCD86A-E6C7-4444-9D74-F861084090F0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "51EF4996-72F4-4FA4-814F-F5991E7A8318",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "825ECE2D-E232-46E0-A047-074B34DB1E97",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:oracle:api_gateway:11.1.2.4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "A5553591-073B-45E3-999F-21B8BA2EEE22",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:business_intelligence:11.1.1.9.0:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "523CD57C-43D4-4C79-BA00-A9A65C6588E3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.3.0:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "77C3DD16-1D81-40E1-B312-50FBD275507C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:business_intelligence:12.2.1.4.0:*:*:*:enterprise:*:*:*",
                     matchCriteriaId: "81DAC8C0-D342-44B5-9432-6B88D389584F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "A9317C01-22AA-452B-BBBF-5FAFFFB8BEA4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "C4534CF9-D9FD-4936-9D8C-077387028A05",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D60384BD-284C-4A68-9EEF-0FAFDF0C21F3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDA8DD5B-8A34-4CB3-B0FB-F82C73B25007",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_diameter_signaling_router:8.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "F6E5E8B0-EDE5-4FE4-880C-766FAE1EA42C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_performance_intelligence_center:10.4.0.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "D8EDA23C-7F75-4712-AF3F-B0E3597810B3",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_border_controller:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "5D139E52-0528-4D05-8502-1AB9AB10CA9A",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1F59AE20-7B9D-47A5-9E0D-A73F4A0E7D34",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.1.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "1D4AF039-F3B6-45EB-A87E-8BCCF822AE23",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "2B9F6415-2950-49FE-9CAF-8BCA4DB6DF4B",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "C05190B9-237F-4E2E-91EA-DB1B738864AD",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_router:7.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "D5D0F0C0-75EB-4685-A4CD-E58D1F2C6FDC",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_router:8.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "B59717B5-34D5-4C83-904A-884ED30DFC19",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_router:8.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "19BA6F25-B88A-42A1-A9E3-2DCF4E8F51A4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_router:8.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "4E28B437-64A8-456C-98A1-4ADF5B6A2F60",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_session_router:8.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "2D705705-0D0D-468B-A140-C9A1B7A6CE6F",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_unified_session_manager:7.3.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "07BB35D4-9CCD-43D3-B482-E0BEB3BF2351",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:communications_unified_session_manager:8.2.5:*:*:*:*:*:*:*",
                     matchCriteriaId: "FB468FEE-A0F4-49A0-BBEE-10D0733C87D4",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:endeca_server:7.7.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "DB290045-2140-47EE-9BB4-35BAE8F1599C",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:12.1.0.5.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "98F3E643-4B65-4668-BB11-C61ED54D5A53",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.2.0.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "459B4A5F-A6BD-4A1C-B6B7-C979F005EB70",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_base_platform:13.3.0.0.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "CDCE0E90-495E-4437-8529-3C36441FB69D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.3.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "AB654DFA-FEF9-4D00-ADB0-F3F2B6ACF13E",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:enterprise_manager_ops_center:12.4.0:*:*:*:*:*:*:*",
                     matchCriteriaId: "37209C6F-EF99-4D21-9608-B3A06D283D24",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jd_edwards_enterpriseone_tools:9.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "41684398-18A4-4DC6-B8A2-3EBAA0CBF9A6",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.3:*:*:*:*:*:*:*",
                     matchCriteriaId: "83800E2F-804C-485D-A8FA-F4B32CDB4548",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.3.1:*:*:*:*:*:*:*",
                     matchCriteriaId: "60BEB1C6-C279-4BB0-972C-BE28A6605C09",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:jd_edwards_world_security:a9.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "0B1CAD50-749F-4ADB-A046-BF3585677A58",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "C637AC8A-F5F7-447E-A7F6-D6BA7AB45DF9",
                     versionEndIncluding: "5.6.43",
                     versionStartIncluding: "5.6.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "CA988288-7D0C-4ADE-BE61-484D2D555A8A",
                     versionEndIncluding: "5.7.25",
                     versionStartIncluding: "5.7.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0E106D13-CBF8-4A2C-8E89-A66C6EF5D408",
                     versionEndIncluding: "8.0.15",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "DFBC7A65-3C0B-4B17-B087-250E69EE5B12",
                     versionEndIncluding: "4.0.8",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "A443D73A-63BE-4D1F-B605-0F7D20915518",
                     versionEndIncluding: "8.0.14",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:mysql_workbench:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "71CD99E7-3FE7-42E2-B480-7AA0E543340E",
                     versionEndIncluding: "8.0.16",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.55:*:*:*:*:*:*:*",
                     matchCriteriaId: "45CB30A1-B2C9-4BF5-B510-1F2F18B60C64",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.56:*:*:*:*:*:*:*",
                     matchCriteriaId: "D0A735B4-4F3C-416B-8C08-9CB21BAD2889",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:peoplesoft_enterprise_peopletools:8.57:*:*:*:*:*:*:*",
                     matchCriteriaId: "7E1E416B-920B-49A0-9523-382898C2979D",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:secure_global_desktop:5.4:*:*:*:*:*:*:*",
                     matchCriteriaId: "B5265C91-FF5C-4451-A7C2-D388A65ACFA2",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:oracle:services_tools_bundle:19.2:*:*:*:*:*:*:*",
                     matchCriteriaId: "62DAD71E-A6D5-4CA9-A016-100F2D5114A6",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "F457852F-D998-4BCF-99FE-09C6DFC8851A",
                     versionEndExcluding: "7.1.15",
                     versionStartIncluding: "7.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "ACA311D7-0ADC-497A-8A47-5AB864F201DE",
                     versionEndExcluding: "8.0.20",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "0F57DBD8-DCA7-43FB-AC9E-6BDBB3EBE500",
                     versionEndExcluding: "8.1.8",
                     versionStartIncluding: "8.1.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:o:paloaltonetworks:pan-os:*:*:*:*:*:*:*:*",
                     matchCriteriaId: "AD1987BB-8F42-48F0-8FE2-70ABD689F434",
                     versionEndExcluding: "9.0.2",
                     versionStartIncluding: "9.0.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
      {
         nodes: [
            {
               cpeMatch: [
                  {
                     criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "D107EC29-67E7-40C3-8E5A-324C9105C5E4",
                     versionEndIncluding: "6.8.1",
                     versionStartIncluding: "6.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                     matchCriteriaId: "FD2FB20C-EC88-4CD3-BC6E-1E65FAFADC36",
                     versionEndExcluding: "6.17.0",
                     versionStartIncluding: "6.9.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:-:*:*:*",
                     matchCriteriaId: "74FB695D-2C76-47AB-988E-5629D2E695E5",
                     versionEndIncluding: "8.8.1",
                     versionStartIncluding: "8.0.0",
                     vulnerable: true,
                  },
                  {
                     criteria: "cpe:2.3:a:nodejs:node.js:*:*:*:*:lts:*:*:*",
                     matchCriteriaId: "A94F4836-1873-43F4-916E-9D9B302A053A",
                     versionEndExcluding: "8.15.1",
                     versionStartIncluding: "8.9.0",
                     vulnerable: true,
                  },
               ],
               negate: false,
               operator: "OR",
            },
         ],
      },
   ],
   cveTags: [],
   descriptions: [
      {
         lang: "en",
         value: "If an application encounters a fatal protocol error and then calls SSL_shutdown() twice (once to send a close_notify, and once to receive one) then OpenSSL can respond differently to the calling application if a 0 byte record is received with invalid padding compared to if a 0 byte record is received with an invalid MAC. If the application then behaves differently based on that in a way that is detectable to the remote peer, then this amounts to a padding oracle that could be used to decrypt data. In order for this to be exploitable \"non-stitched\" ciphersuites must be in use. Stitched ciphersuites are optimised implementations of certain commonly used ciphersuites. Also the application must call SSL_shutdown() twice even if a protocol error has occurred (applications should not do this but some do anyway). Fixed in OpenSSL 1.0.2r (Affected 1.0.2-1.0.2q).",
      },
      {
         lang: "es",
         value: "Si una aplicación encuentra un error de protocolo \"fatal\" y llama a SSL_shutdown() dos veces (una vez para enviar un close_notify y otra vez para recibir uno de éstos), posteriormente OpenSLL puede responder de manera diferente a la aplicación llamante si un registro de 0 byte se recibe con un relleno inválido, comparado con si un registro de 0 bytes se recibe con un MAC inválido.",
      },
   ],
   id: "CVE-2019-1559",
   lastModified: "2024-11-21T04:36:48.960",
   metrics: {
      cvssMetricV2: [
         {
            acInsufInfo: false,
            baseSeverity: "MEDIUM",
            cvssData: {
               accessComplexity: "MEDIUM",
               accessVector: "NETWORK",
               authentication: "NONE",
               availabilityImpact: "NONE",
               baseScore: 4.3,
               confidentialityImpact: "PARTIAL",
               integrityImpact: "NONE",
               vectorString: "AV:N/AC:M/Au:N/C:P/I:N/A:N",
               version: "2.0",
            },
            exploitabilityScore: 8.6,
            impactScore: 2.9,
            obtainAllPrivilege: false,
            obtainOtherPrivilege: false,
            obtainUserPrivilege: false,
            source: "nvd@nist.gov",
            type: "Primary",
            userInteractionRequired: false,
         },
      ],
      cvssMetricV31: [
         {
            cvssData: {
               attackComplexity: "HIGH",
               attackVector: "NETWORK",
               availabilityImpact: "NONE",
               baseScore: 5.9,
               baseSeverity: "MEDIUM",
               confidentialityImpact: "HIGH",
               integrityImpact: "NONE",
               privilegesRequired: "NONE",
               scope: "UNCHANGED",
               userInteraction: "NONE",
               vectorString: "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N",
               version: "3.1",
            },
            exploitabilityScore: 2.2,
            impactScore: 3.6,
            source: "nvd@nist.gov",
            type: "Primary",
         },
      ],
   },
   published: "2019-02-27T23:29:00.277",
   references: [
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/107174",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2304",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2437",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2439",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2471",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:3929",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:3931",
      },
      {
         source: "openssl-security@openssl.org",
         url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10282",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html",
      },
      {
         source: "openssl-security@openssl.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/",
      },
      {
         source: "openssl-security@openssl.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
      },
      {
         source: "openssl-security@openssl.org",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201903-10",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190301-0001/",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Broken Link",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190301-0002/",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190423-0002/",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.f5.com/csp/article/K18549143",
      },
      {
         source: "openssl-security@openssl.org",
         url: "https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3899-1/",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Broken Link",
         ],
         url: "https://usn.ubuntu.com/4376-2/",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2019/dsa-4400",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/news/secadv/20190226.txt",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2020.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2019-02",
      },
      {
         source: "openssl-security@openssl.org",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2019-03",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-03/msg00041.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00019.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00046.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00047.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-05/msg00049.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "http://lists.opensuse.org/opensuse-security-announce/2019-06/msg00080.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
            "VDB Entry",
         ],
         url: "http://www.securityfocus.com/bid/107174",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2304",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2437",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2439",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:2471",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:3929",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://access.redhat.com/errata/RHSA-2019:3931",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://git.openssl.org/gitweb/?p=openssl.git%3Ba=commitdiff%3Bh=e9bbefbf0f24c57645e7ad6a5a71ae649d18ac8e",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://kc.mcafee.com/corporate/index?page=content&id=SB10282",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Mailing List",
            "Third Party Advisory",
         ],
         url: "https://lists.debian.org/debian-lts-announce/2019/03/msg00003.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/EWC42UXL5GHTU5G77VKBF6JYUUNGSHOM/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/Y3IVFGSERAZLNJCK35TEM2R4726XIH3Z/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZBEV5QGDRFUZDMNECFXUSN5FMYOZDE4V/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.gentoo.org/glsa/201903-10",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190301-0001/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190301-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://security.netapp.com/advisory/ntap-20190423-0002/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://support.f5.com/csp/article/K18549143",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         url: "https://support.f5.com/csp/article/K18549143?utm_source=f5support&amp%3Butm_medium=RSS",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://usn.ubuntu.com/3899-1/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Broken Link",
         ],
         url: "https://usn.ubuntu.com/4376-2/",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.debian.org/security/2019/dsa-4400",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Vendor Advisory",
         ],
         url: "https://www.openssl.org/news/secadv/20190226.txt",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2020.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/security-alerts/cpujan2021.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Patch",
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2019-02",
      },
      {
         source: "af854a3a-2127-422b-91ae-364da2661108",
         tags: [
            "Third Party Advisory",
         ],
         url: "https://www.tenable.com/security/tns-2019-03",
      },
   ],
   sourceIdentifier: "openssl-security@openssl.org",
   vulnStatus: "Modified",
   weaknesses: [
      {
         description: [
            {
               lang: "en",
               value: "CWE-203",
            },
         ],
         source: "nvd@nist.gov",
         type: "Primary",
      },
   ],
}