Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Enterprise_linux_fast_datapath
(Redhat)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 5 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2022-08-23 | CVE-2021-3905 | A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. | Ubuntu_linux, Fedora, Openvswitch, Enterprise_linux_fast_datapath | 7.5 | ||
| 2019-11-14 | CVE-2019-14818 | A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition. | Data_plane_development_kit, Fedora, Enterprise_linux_fast_datapath, Openstack, Virtualization_eus | 7.5 | ||
| 2022-08-23 | CVE-2021-3839 | A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability. | Data_plane_development_kit, Fedora, Enterprise_linux, Enterprise_linux_fast_datapath | 7.5 | ||
| 2022-08-31 | CVE-2022-2132 | A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. | Debian_linux, Data_plane_development_kit, Fedora, Enterprise_linux, Enterprise_linux_fast_datapath, Openshift_container_platform, Openstack_platform, Virtualization | 8.6 |