CVE | Short summary | Assessment | Executive Summary | Affected Versions | Ticket | Mitigation | Updates | Links |
|---|---|---|---|---|---|---|---|---|
CVE-2018-10938 | Linux kernel denial of service by a handcrafted network package. | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (4.0 - 4.13). | |||||
CVE-2016-2143 | Linux kernel denial of service on kernel 4.5 on s390 platforms | NOT AFFECTED | No currently supported versions of CGF and SE are affected because those products are not using any affected Linux kernel versions (4.5 on s390) | |||||
CVE-2017-7273 | Linux kernel denial of service | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (4.x < 4.9) | |||||
CVE-2020-8597 | pppd EAP authentication | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not supporting EAP in pppd | |||||
CVE-2009-0065 | Linux kernel: buffer overflow in SCTP | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2008-4395 | Linux kernel: vulnerability in ndiswrapper | NOT AFFECTED | No currently supported versions of CGF or SE are affected because ndiswarpper is not used | |||||
CVE-2009-1389 | Linux kernel: buffer overflow in RTL8169 | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2009-3280 | Linux kernel: buffer overflow in wireless | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2010-0008 | Linux kernel: buffer overflow in SCTP | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.23 and older) | |||||
CVE-2009-3613 | Linux kernel: denial of service in r8169 driver | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.27 and older) | |||||
CVE-2009-3726 | Linux kernel: denial of service in NFS | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.31 and older) | |||||
CVE-2009-2844 | Linux kernel: denial of service in wireless | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.31 and older) | |||||
CVE-2007-4567 | Linux kernel: denial of service in IPv6 | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.22 and older) | |||||
CVE-2009-1385 | Linux kernel: denial of service in e1000 | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2008-4933 | Linux kernel: denial of service in hfsplus | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2009-1439 | Linux kernel: denial of service in CIFS | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.29 and older) | |||||
CVE-2008-4618 | Linux kernel: denial of service in SCTP | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.27 and older) | |||||
CVE-2008-5025 | Linux kernel: denial of service in HFS | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2008-4576 | Linux kernel: denial of service in SCTP | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.25 and older) | |||||
CVE-2011-4330 | Linux kernel: denial of service in HFS | NOT AFFECTED | No currently supported versions of CGF or SE are affected because HFS is not used | |||||
CVE-2009-0024 | Linux kernel: denial of service or local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.24 and older) | |||||
CVE-2009-2692 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2009-4004 | Linux kernel: local privilege escalation with KVM | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.32 and older) | |||||
CVE-2008-5702 | Linux kernel: Buffer underflow in watchdog (triggered from local users) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2009-2767 | Linux kernel: denial of service or local privilege escalation (timer) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.31 and older) | |||||
CVE-2009-1360 | Linux kernel: denial of service in IPv6 (with namespace support) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.29 and older) | |||||
CVE-2009-2903 | Linux kernel: denial of service (memory leak) in appletalk | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.31 and older) | |||||
CVE-2009-2406 | Linux kernel: denial of service or local privilege escalation (eCryptfs) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2008-5182 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2009-1527 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2009-3547 | Linux kernel: denial of service or local privilege escalation (anonymous pipe via a /proc/*/fd/ pathname) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.32 and older) | |||||
CVE-2009-1072 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2008-4302 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.22 and older) | |||||
CVE-2009-3621 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.31 and older) | |||||
CVE-2009-2847 | Linux kernel: unauthorized access of data by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.31 and older) | |||||
CVE-2008-5029 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.27 and older) | |||||
CVE-2009-1192 | Linux kernel: unauthorized access of data by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2009-0269 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2009-0031 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.29 and older) | |||||
CVE-2008-5395 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2008-5079 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.27 and older) | |||||
CVE-2008-3833 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.19 and older) | |||||
CVE-2010-3066 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.23 and older) | |||||
CVE-2009-2910 | Linux kernel: unauthorized access of data by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.31 and older) | |||||
CVE-2009-2287 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2009-1242 | Linux kernel: denial of service by users in a KVM guest | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.29 and older) | |||||
CVE-2009-1336 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.23 and older) | |||||
CVE-2009-1243 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.29 and older) | |||||
CVE-2008-3832 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.26 and older) | |||||
CVE-2008-6107 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.25 and older) | |||||
CVE-2008-5713 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.25 and older) | |||||
CVE-2009-0605 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2008-4445 | Linux kernel: unauthorized access of data by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.26 and older) | |||||
CVE-2009-2848 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2008-4113 | Linux kernel: unauthorized access of data by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.26 and older) | |||||
CVE-2009-0935 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.29 and older) | |||||
CVE-2009-1338 | Linux kernel: missing permission check in crossing namespaces for local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2009-3624 | Linux kernel: denial of service or local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.32 and older) | |||||
CVE-2008-4554 | Linux kernel: wrong handling of O_APPEND allowing local users to bypass append mode on files | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.27 and older) | |||||
CVE-2008-3527 | Linux kernel: denial of service or local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.21 and older) | |||||
CVE-2008-4210 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.22 and older) | |||||
CVE-2009-1337 | Linux kernel: local privilege escalation allowing local users to send arbitrary signals to processes | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.30 and older) | |||||
CVE-2007-3740 | Linux kernel: local privilege escalation in CIFS | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.22 and older) | |||||
CVE-2009-1184 | Linux kernel: local privilege escalation in SELINUX | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2008-4307 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.26 and older) | |||||
CVE-2009-0028 | Linux kernel: local privilege escalation allowing local users to send arbitrary signals to processes | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2011-1162 | Linux kernel: TPM: missing memory cleanup allowing users to read result from a previous TPM command | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.36 and older) | |||||
CVE-2008-3889 | Linux kernel: denial of service by local users (epoll) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6-20080902) | |||||
CVE-2009-0675 | Linux kernel: missing permission check on driver statistics reset (skfp) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2011-4110 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.37 and older) | |||||
CVE-2009-0676 | Linux kernel: unauthorized access of data by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.28 and older) | |||||
CVE-2011-2203 | Linux kernel: denial of service by local users (HFS) | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are already including a fix in the Linux kernel and in addition as HFS in not used. | |||||
CVE-2011-4132 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are already including a fix in the Linux kernel | |||||
CVE-2008-5700 | Linux kernel: denial of service by local users | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (2.6.27 and older) | |||||
CVE-2020-1971 | OpenSSL: possible crash in GENERAL_NAME_cmp | NOT AFFECTED | No currently supported versions of CGF or SE are affected because affected code paths are not used | |||||
CVE-2020-15862 | net-snmp: improper privilege management: | NOT AFFECTED | No currently supported versions of CGF and SE are affected because this requires SNMP write access which is not granted on either CGF or SE | |||||
CVE-2021-3156 | sudo: root privilege escalation | AFFECTED | CGF Versions 8.0.4 or older 8.0 and 8.1.1 and 8.1.0 are affected as those firmware versions are using an affected version of sudo. | <= 8.0.4 <= 8.1.1 | Update firmware to a fixed version | 8.0.5 8.1.2 hotfix-8.0.4-1045 | ||
CVE-2021-26708 | local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected Linux kernel versions (5.x only) | |||||
CVE-2021-3450 | OpenSSL: SSL certificate verification issue | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected OpenSSL versions (1.1.1h - 1.1.1j) | |||||
CVE-2021-3449 | OpenSSL: DoS attack | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected OpenSSL versions (1.1.1k and older) | |||||
CVE-2021-25215 | DNS - ISC bind: | AFFECTED | CGF Versions 8.0.4 or older and 8.2.1 or older are affected as those firmware versions are using an affected version of ISC bind. | <= 8.0.4 <= 8.2.1 | Update firmware to a fixed version | 8.0.5 8.2.0 8.3.0 | ||
CVE-2021-3560 | Linux policy-kit: privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected versions of polkit (0.113 and newer) | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3560 | ||||
CVE-2021-33909 | Linux kernel: buffer overflow in file system handling | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not allow users to mount/unmount directories. | https://nvd.nist.gov/vuln/detail/CVE-2021-33909 https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 | ||||
CVE-2021-33910 | systemd: buffer overflow in file system handling | NOT AFFECTED | No currently supported versions of CGF and SE are affected because those products do not allow users to mount/unmount directories. | https://nvd.nist.gov/vuln/detail/CVE-2021-33910 https://access.redhat.com/security/vulnerabilities/RHSB-2021-006 | ||||
CVE-2021-3711 | OpenSSL: buffer overflow | NOT AFFECTED | No currently supported versions of CGF and SE are affected because affected code paths are not used | |||||
CVE-2021-3712 | OpenSSL: buffer overflow | NOT AFFECTED | No currently supported versions of CGF or SE are affected because affected code paths are not used | |||||
CVE-2021-4034 | polkit (aka PolicyKit) privilege escalation | AFFECTED | CGF Versions 8.0.4 or older and 8.2.1 or older are affected as those firmware versions are using an affected version of polkit. | <= 8.0.5 <= 8.2.2 | Update firmware to a fixed version | 8.0.6 8.2.2 8.3.0 hotfix-8.0.5-1068 hotfix-8.2.1-1069 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4034 | |
CVE-2021-44142 | Samba: Out-of-bounds heap read/write vulnerabilityOut-of-bounds heap read/write vulnerability | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use samba’s vfs_fruit module | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44142 | ||||
CVE-2020-36516 | Linux kernel: inject data into a victim’s TCP session or terminate that session | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products are not using any affected OpenSSL versions (5.14.21 or older) | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-36516 https://csis.gmu.edu/ksun/publications/IPID_side_channel_CCS20.pdf | ||||
CVE-2022-0847 | A vulnerability in the Linux kernel since 5.8 which allows overwriting data in arbitrary read-only files. This leads to privilege escalation because unprivileged processes can inject code into root processes | AFFECTED | CGF version 8.3.0 is affected by this CVE as it’s using an affected linux kernel version (linux 5.8 → 5.17-rc6). | 8.3.0 | Update firmware to a fixed version | 8.3.1 9.0.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0847 | |
CVE-2022-0778 | OpenSSL (ec-)certificate parsing error. Can be used for DoS | AFFECTED | CGF and SE versions 8.0.5 or older, 8.2.1 or older and 8.3.1 or orler are affected as those firmware versions are using an affected version of OpenSSL. Patches will be made available, and the fix will be included in all upcoming versions | <= 8.0.5 <= 8.2.1 <= 8.3.1 | Update firmware to a fixed version | 8.0.6 8.2.2 8.3.1 9.0.0 hotfix-8.2.1-1074 hotfix-8.3.0-1075 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778 | |
CVE-2020-25709 | DoS on slapd | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use OpenLDAP | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25709 | ||||
CVE-2020-25710 | DoS on OpenDLAP | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use OpenLDAP | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-25710 | ||||
CVE-2021-3752 | Linux kernel flaw in bluetooth subsystem | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use bluetooth | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3752 | ||||
CVE-2022-24407 | Cyrus SASL SQL plugin issue | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use Cyrus SASL SQL plugins. | |||||
CVE-2021-25220
| Bind vulnerabilities | AFFECTED | CGF and SE versions 8.0.6 or older, 8.2.1 or older and 8.3.0 are affected as those firmware versions are using an affected version of ISC bind. Patches will be made available, and the fix will be included in all upcoming versions | <= 8.0.6 <= 8.2.1 8.3.0 | Update firmware to a fixed version | 8.0.7 8.2.2 8.3.1 9.0.0 hotfix-8.0.6-1076 hotfix-8.2.1-1079 hotfix-8.3.0-1078 | https://downloads.isc.org/isc/bind9/9.16.27/doc/arm/html/notes.html#security-fixes | |
CVE-2020-0465 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use support multi-touch. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0465 | ||||
CVE-2020-0466 | Linux kernel: local privilege escalation | PARTIALLY AFFECTED | CGF and SE versions 8.2.x and older are affected as those firmware versions are using an affected linux kernel version (<5.9). Newer CGF and SE versions are not affected as those firmware versions are using a fixed linux kernel version. For older CGF and SE version, please upgrade to a recent firmware version >= 8.3.0 | 8.0.x 8.2.x | 8.3.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-0466 | ||
CVE-2021-0920 | Linux kernel: local privilege escalation | AFFECTED | All CGF and SE versions 10.0.0 or older are affected as those firmware versions are using an affected linux kernel version (< 5.14). However, we do consider the risk as low as only named administrators have console access to such devices, and we do consider such users as trusted. Versions as of 10.0.0 are not affected any longer | 8.x 9.x | Disable console access for administrators. | 10.0.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-0920 | |
CVE-2021-3564 | Linux kernel: local user can crash system | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use bluetooth. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3564 | ||||
CVE-2021-3573 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use bluetooth. | |||||
CVE-2021-4155 | Linux kernel: data leakage | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use XFS file systems, and this bug is affecting XFS only. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-4155 | ||||
CVE-2022-0330 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use linux kernel’s GPU i915 driver. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0330 | ||||
CVE-2022-22942 | Linux kernel: local privilege escalation | NOT AFFECTED | No currently supported versions of CGF or SE are affected because those products do not use linux kernel’s vmwgfx driver. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22942 | ||||
CVE-2020-15778 | OpenSSH: scp: arbitrary commands execution | AFFECTED | All 8.3.0 and older versions of CGF and SE are affected by this CVE, as those firmware versions are using an affected version of OpenSSH (openssh-8.3p1 and older) still using the rcp protocol. All newer versions open OpenSSH (included in all CGF and SE versions newer than 8.3.0) are using sftp instead and are not affected any longer. | 8.0.x 8.2.x | Disable scp | 8.3.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15778 | |
CVE-2021-44228 CVE-2021-45046 CVE-2021-45105 | log4j vulnerability | NOT AFFECTED | All currently support versions of CGF and SE are not affected as log4j is not used | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-44228 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45046 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-45105 | ||||
CVE-2022-22965 | Spring Framework RCE via Data Binding on JDK 9+ | NOT AFFECTED | All currently support versions of CGF and SE are not affected as neither Sprint Framework nor JDK is used | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22965 | ||||
CVE-2022-22963 | Remote code execution in Spring Cloud Function by malicious Spring Expression | NOT AFFECTED | All currently support versions of CGF and SE are not affected as Sprint Framework is not used | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-22963 | ||||
CVE-2022-22950 | Spring framework | NOT AFFECTED | All currently support versions of CGF and SE are not affected as Sprint Framework is not used | |||||
CVE-2022-26809 | Remote Procedure Call Runtime Remote Code Execution Vulnerability | NOT AFFECTED | All currently support versions of CGF and SE are not affected | |||||
CVE-2022-29799 | Linux Privilege Escalation Vulnerability | NOT AFFECTED | All currently support versions of CGF and SE are not affected as all affected services are not used | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29799 | ||||
CVE-2022-29800 | Linux Privilege Escalation Vulnerability | NOT AFFECTED | All currently support versions of CGF and SE are not affected as all affected services are not used | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-29800 | ||||
CVE-2022-2274 | OpenSSL code injection | NOT AFFECTED | All currently support versions of CGF and SE are not affected as none of the affected versions of OpenSSL is used anywhere. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-2274 | ||||
CVE-2022-33980 | Apache Commons Configuration | NOT AFFECTED | All currently support versions of CGF and SE are not affected as apache is not used | |||||
CVE-2018-5391 | Linux kernel denial of service | NOT AFFECTED | All currently support versions of CGF and SE are not affected as this bug was fixed in linux kernel version 4.14.71 (and newer 4.14.x, 5.x and 6.x). Other affected liunux kernel versions (3.9 - 4.18) are not used. | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-5391 | ||||
CVE-2022-3786 | OpenSSL denial of service | AFFECTED | CGF and SE versions 8.3.1 and older are affected by this vulnerability. Affected features are: SSL inspection. | 8.3.0 8.3.1 | Disable SSL inspection | 8.3.2 9.0.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3786 | |
CVE-2022-3602 | OpenSSL denial of service | AFFECTED | CGF and SE versions 8.3.1 and older are affected by this vulnerability. Affected features are: SSL inspection. | 8.3.0 8.3.1 | Disable SSL inspection | 8.3.2 9.0.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3602 | |
CVE - CVE-2022-3996 | OpenSSL pot. denial of service | NOT AFFECTED | Using affected version (in extlibs), but not using policy enforcement and affected methods | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-3996 | ||||
CVE-2023-0286 | OpenSSL vulnerabilities | AFFECTED | All currently support versions of CGF and SE are affected by this CVE. | <= 8.0.6 <= 8.2.2 <= 8.3.1 | Update firmware to a fixed version | 8.2.3 8.3.2 9.0.0 hotfix-8.0.6-1090 hotfix-8.2.2-1091 hotfix-8.3.1-1093 | https://www.openssl.org/news/secadv/20230207.txt | |
CVE-2023-0464 | OpenSSL excessive resource usage | NOT AFFECTED | All currently support versions of CGF and SE are not affected as this issue applies to policy constraints which is disabled by default, and not enabled anywhere | |||||
CVE-2023-38408 | OpenSSL: Insufficiently trustworthy search path vulnerability in ssh-agent | NOT AFFECTED | All currently support versions of CGF and SE are not affected as ssh-agent not used (although installed) | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38408 | ||||
CVE-2023-38802 | FRR: denial of service via a crafted BGP update | AFFECTED | CGF and SE versions 8.3.2 and older and 9.0.0 are affected. As we do rate this being of medium severity, fixes will be made available in upcoming versions, but no hotfixes will be released | <= 8.3.2 9.0.0 | Update firmware to a fixed version | 8.3.3 9.0.1 10.0.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38802 | |
CVE-2023-38545 | libcurl: SOCKS5 heap buffer overflow | NOT AFFECTED | All currently support versions of CGF and SE are not affected as SOCKS5 is not used | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38545 | ||||
CVE-2023-38546 | libcurl: cookie injection with none file | NOT AFFECTED | All currently support versions of CGF and SE are not affected as the required conditions for the bug are not met in the usage of libcurl in the firmware | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-38546 | ||||
CVE-2023-48795 | OpenSSH: Terrapin attack | AFFECTED | CGF and SE versions 8.3.2 and older and 9.0.1 and older are affected. As we do rate this being of medium severity, fixes will be made available in upcoming versions, but no hotfixes will be released | <= 8.3.2 <= 9.0.1 | Update firmware to a fixed version | 8.3.3 9.0.2 10.0.0 | https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-48795 | |
CVE-2024-3094 | XZ Malicious code vulnerability | NOT AFFECTED | All currently support versions of CGF and SE are not affected as the firmware is not using an affected version of XZ | |||||
CVE-2024-6387 | OpenSSH: "RegreSSHion": signal race condition | AFFECTED | CGF and SE versions 8.3.3 and older and 9.0.3 and older are affected. Hotfixes are going to be released and the fix will be included in all upcoming versions | <= 8.3.3 <= 9.0.2 | Update firmware to a fixed version | 8.3.4 9.0.3 10.0.0 hotfix-8.3.3-1122 hotfix-9.0.2-1123 | ||
CVE-2024-3596 | RADIUS Protocol vulnerability | NOT AFFECTED | All currently support versions of CGF and SE are not affected .
n the short term, sending RADIUS/UDP traffic over the Internet is believed to be secure from this attack when the Access-Request packets include the Message-Authenticator attribute, and the RADIUS server drops all Access-Request packets which are missing a Message-Authenticator attribute." | https://nvd.nist.gov/vuln/detail/CVE-2024-3596 https://www.kb.cert.org/vuls/id/456537 https://www.inkbridgenetworks.com/web/content/2557?unique=47be02c8aed46c53b0765db185320249ad873d95 | ||||
CVE-2023-46445 | Rogue Extension Negotiation Attack in AsyncSSH | NOT AFFECTED | All currently support versions of CGF and SE are not affected as AsyncSSH is not used | |||||
CVE-2023-46446 | Rogue Session Attack in AsyncSSH | NOT AFFECTED | All currently support versions of CGF and SE are not affected as AsyncSSH is not used | |||||
CVE-2024-55553 | FRR: Possible denial of service with lots of learned routes | AFFECTED | CGF and SE 9.0.4 and older are affected. As we do rate this being of low severity, fixes will be made available in upcoming versions, but no hotfixes will be released Risk considered low due to:
| <= 9.0.4 | Update firmware to a fixed version | 9.0.5 10.0.0 | ||
CVE-2024-44070 | FRR: bgp_attr_encap in bgpd/bgp_attr.c does not check the actual remaining stream length before taking the TLV value. | PARTIALLY AFFECTED | CGF and SE 9.0.4 and older are affected. As we do rate this being of low severity, fixes will be made available in upcoming versions, but no hotfixes will be released Risk considered low due to:
| <= 9.0.4 | Update firmware to a fixed version | 9.0.5 10.0.0 | ||
CVE-2024-12797 | OpenSSL: RFC7250 handshakes with unauthenticated servers don't abort as expected | NOT AFFECTED | All currently support versions of CGF and SE are not affected as no affected OpenSSL version is used | https://nvd.nist.gov/vuln/detail/CVE-2024-12797 | ||||
CVE-2025-26465 | OpenSSH: allows an active machine-in-the-middle attack on the OpenSSH client when the VerifyHostKeyDNS option is enabled | NOT AFFECTED | All currently support versions of CGF and SE are not affected as VerifyHostKeyDNS Is not enabled | |||||
CVE-2025-26466 | OpenSSH: A pre-authentication denial-of-service attack–an asymmetric resource consumption of both memory and CPU | PARTIALLY AFFECTED | All currently support versions of CGF and SE are basically affected, but mitigations (in configuration) in place. Fixes will be made available in upcoming versions, but no hotfixes will be released | <= 8.3.4 <= 9.0.4 10.0.0 | Protect access to SSH by setting a management ACL | |||
CVE-2025-4575 | OpenSSL: The x509 application adds trusted use instead of rejected use | NOT AFFECTED | All currently support versions of CGF and SE are not affected as affected code-paths are not used in the firmware | |||||
CVE-2024-25111 | Squid: Denial of Service in HTTP Chunked Decoding | AFFECTED | CGF and SE versions 8.3.3 and older and 9.0.2 and older are affected. As we do rate this being of medium severity, fixes will be made available in upcoming versions, but no hotfixes will be released | <= 8.3.4 <= 9.0.2 | Update firmware to a fixed version | 8.3.4 9.0.2 10.0.0 | https://nvd.nist.gov/vuln/detail/CVE-2024-25111 https://github.com/squid-cache/squid/security/advisories/GHSA-72c2-c3wm-8qxc |
Barracuda CloudGen Firewall