Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Data_plane_development_kit
(Dpdk)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 15 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2020-09-30 | CVE-2020-14377 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability can be used by an attacker in a virtual machine to read significant amounts of host memory. The highest threat from this vulnerability is to data confidentiality and system availability. | Ubuntu_linux, Data_plane_development_kit, Leap | 7.1 | ||
| 2020-09-30 | CVE-2020-14376 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability. | Ubuntu_linux, Data_plane_development_kit, Leap | 7.8 |