Dpdk Data_plane_development_kit
15 CVEs affecting Dpdk Data_plane_development_kit. Latest disclosed: 2022-08-31. Critical: 0, High: 8.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2020-14374 | High | 8.8 | 2020-09-30 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing… |
CVE-2022-2132 | High | 8.6 | 2022-08-31 | A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vho… |
CVE-2020-14376 | High | 7.8 | 2020-09-30 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memo… |
CVE-2020-14375 | High | 7.8 | 2020-09-30 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessib… |
CVE-2020-10725 | High | 7.7 | 2020-05-20 | A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on t… |
CVE-2021-3839 | High | 7.5 | 2022-08-23 | A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out… |
CVE-2019-14818 | High | 7.5 | 2019-11-14 | A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, o… |
CVE-2020-14377 | High | 7.1 | 2020-09-30 | A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer o… |
CVE-2022-0669 | Medium | 6.5 | 2022-08-29 | A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD… |
CVE-2018-1059 | Medium | 6.1 | 2018-04-24 | The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addr… |
CVE-2020-10726 | Medium | 6.0 | 2020-05-20 | A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_G… |
CVE-2020-10724 | Medium | 5.1 | 2020-05-19 | A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing… |
CVE-2020-10723 | Medium | 5.1 | 2020-05-19 | A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain cir… |
CVE-2020-10722 | Medium | 5.1 | 2020-05-19 | A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memo… |
CVE-2020-14378 | Low | 3.3 | 2020-09-30 | An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in… |