CVE-2022-2132

Published: Aug 31, 2022Modified: Nov 21, 2024

8.6

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Exploitability: 3.9 / Impact: 4.0

Source: NVD

Description

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

Affected (14)

Products: Dpdk: Data Plane Development Kit · Fedoraproject: Fedora · Debian: Debian Linux · +1 more

Show all products

Dpdk: Data Plane Development Kit · Fedoraproject: Fedora · Debian: Debian Linux · Redhat: Enterprise Linux, Enterprise Linux Fast Datapath, Openshift Container Platform, Openstack Platform, Virtualization

Dpdk

1 product

Data Plane Development Kit

1 product

1 product

5 products

Enterprise Linux Fast Datapath

Openshift Container Platform

Openstack Platform

Virtualization

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Dpdk Data Plane Development Kit	Before 19.11
Dpdk Data Plane Development Kit	From 20.0 to 20.11
Dpdk Data Plane Development Kit	From 21.0 to 21.11

Configuration B

1 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 36

Configuration C

1 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 10.0

Configuration D

9 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux	Version 7.0
Redhat Enterprise Linux	Version 8.0
Redhat Enterprise Linux	Version 9.0
Redhat Enterprise Linux Fast Datapath	Version 7.0
Redhat Enterprise Linux Fast Datapath	Version 8.0
Redhat Enterprise Linux Fast Datapath	Version 9.0
Redhat Openshift Container Platform	Version 4.0
Redhat Openstack Platform	Version 13.0
Redhat Virtualization	Version 4.0