CVEs (5)
CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS |
|---|
4Debian DpdkFedoraproject+1 more8Data Plane Development Kit Debian LinuxEnterprise Linux+5 moreNov 21, 2024 Aug 31, 2022 N/A· v4 8.6 HIGH· v3 N/A· v2 A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK. |
4Canonical FedoraprojectOpenvswitch+1 more4Enterprise Linux Fast Datapath FedoraOpenvswitch+1 moreNov 21, 2024 Aug 23, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. |
3Dpdk FedoraprojectRedhat4Data Plane Development Kit Enterprise LinuxEnterprise Linux Fast Datapath+1 moreNov 21, 2024 Aug 23, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost l...Show more |
3Dpdk FedoraprojectRedhat5Data Plane Development Kit Enterprise Linux Fast DatapathFedora+2 moreNov 21, 2024 Nov 14, 2019 N/A· v4 7.5 HIGH· v3 5.0 MEDIUM· v2 A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send spec...Show more |
3Canonical DpdkRedhat9Ceph Storage Data Plane Development KitEnterprise Linux+6 moreNov 21, 2024 Apr 24, 2018 N/A· v4 6.1 MEDIUM· v3 2.9 LOW· v2 The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead t...Show more |