ID CVE-2020-10723Type cveReporter cve@mitre.orgModified 2021-01-20T15:15:00
Description
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.
{"id": "CVE-2020-10723", "bulletinFamily": "NVD", "title": "CVE-2020-10723", "description": "A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.", "published": "2020-05-19T19:15:00", "modified": "2021-01-20T15:15:00", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}, "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-10723", "reporter": "cve@mitre.org", "references": ["http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html", "https://www.oracle.com/security-alerts/cpujan2021.html", "https://bugs.dpdk.org/show_bug.cgi?id=268", "https://www.oracle.com/security-alerts/cpuoct2020.html", "https://www.openwall.com/lists/oss-security/2020/05/18/2", "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/", "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723", "https://usn.ubuntu.com/4362-1/"], "cvelist": ["CVE-2020-10723"], "type": "cve", "lastseen": "2021-02-02T07:36:55", "edition": 10, "viewCount": 4, "enchantments": {"dependencies": {"references": [{"type": "nessus", "idList": ["REDHAT-RHSA-2020-2298.NASL", "REDHAT-RHSA-2020-2683.NASL", "REDHAT-RHSA-2020-2296.NASL", "EULEROS_SA-2020-1936.NASL", "REDHAT-RHSA-2020-4114.NASL", "DEBIAN_DSA-4688.NASL", "REDHAT-RHSA-2020-2297.NASL", "SUSE_SU-2020-1552-1.NASL", "EULEROS_SA-2020-1800.NASL", "SUSE_SU-2020-1430-1.NASL"]}, {"type": "redhat", "idList": ["RHSA-2020:4114", "RHSA-2020:4806", "RHSA-2020:2297", "RHSA-2020:2295", "RHSA-2020:2298", "RHSA-2020:2296", "RHSA-2020:2683"]}, {"type": "debian", "idList": ["DEBIAN:DSA-4688-1:5AF9B"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562310853171", "OPENVAS:1361412562310877863", "OPENVAS:1361412562310704688", "OPENVAS:1361412562310844436"]}, {"type": "oraclelinux", "idList": ["ELSA-2020-4806"]}, {"type": "fedora", "idList": ["FEDORA:D7EAD6076188"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2020:0693-1"]}, {"type": "ubuntu", "idList": ["USN-4362-1"]}, {"type": "oracle", "idList": ["ORACLE:CPUOCT2020"]}], "modified": "2021-02-02T07:36:55", "rev": 2}, "score": {"value": 7.0, "vector": "NONE", "modified": "2021-02-02T07:36:55", "rev": 2}, "vulnersScore": 7.0}, "cpe": ["cpe:/o:canonical:ubuntu_linux:18.04", "cpe:/o:canonical:ubuntu_linux:20.04", "cpe:/a:dpdk:data_plane_development_kit:17.05", "cpe:/o:canonical:ubuntu_linux:19.10"], "affectedSoftware": [{"cpeName": "canonical:ubuntu_linux", "name": "canonical ubuntu linux", "operator": "eq", "version": "18.04"}, {"cpeName": "canonical:ubuntu_linux", "name": "canonical ubuntu linux", "operator": "eq", "version": "20.04"}, {"cpeName": "dpdk:data_plane_development_kit", "name": "dpdk data plane development kit", "operator": "le", "version": "17.05"}, {"cpeName": "canonical:ubuntu_linux", "name": "canonical ubuntu linux", "operator": "eq", "version": "19.10"}], "cvss2": {"acInsufInfo": false, "cvssV2": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "MEDIUM", "userInteractionRequired": false}, "cvss3": {"cvssV3": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9}, "cpe23": ["cpe:2.3:a:dpdk:data_plane_development_kit:17.05:*:*:*:*:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*"], "cwe": ["CWE-190"], "scheme": null, "cpeConfiguration": {"CVE_data_version": "4.0", "nodes": [{"cpe_match": [{"cpe23Uri": "cpe:2.3:a:dpdk:data_plane_development_kit:17.05:*:*:*:*:*:*:*", "versionEndIncluding": "17.05", "vulnerable": true}], "operator": "OR"}, {"cpe_match": [{"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "vulnerable": true}], "operator": "OR"}]}, "extraReferences": [{"name": "https://bugs.dpdk.org/show_bug.cgi?id=268", "refsource": "MISC", "tags": ["Patch", "Vendor Advisory", "Issue Tracking"], "url": "https://bugs.dpdk.org/show_bug.cgi?id=268"}, {"name": "FEDORA-2020-04e3d34451", "refsource": "FEDORA", "tags": [], "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/"}, {"name": "openSUSE-SU-2020:0693", "refsource": "SUSE", "tags": [], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html"}, {"name": "USN-4362-1", "refsource": "UBUNTU", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4362-1/"}, {"name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "tags": [], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"name": "https://www.openwall.com/lists/oss-security/2020/05/18/2", "refsource": "MISC", "tags": ["Third Party Advisory", "Mailing List"], "url": "https://www.openwall.com/lists/oss-security/2020/05/18/2"}, {"name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "tags": [], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723", "refsource": "CONFIRM", "tags": ["Third Party Advisory", "Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723"}]}
{"nessus": [{"lastseen": "2020-10-07T09:25:01", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4114 advisory.\n\n - dpdk: librte_vhost Integer overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 2, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-10-02T00:00:00", "title": "RHEL 7 : Red Hat Virtualization (RHSA-2020:4114)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722"], "modified": "2020-10-02T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:7::hypervisor", "p-cpe:/a:redhat:enterprise_linux:python-openvswitch2.11", "p-cpe:/a:redhat:enterprise_linux:ovn2.11", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:python-ovirt-engine-sdk4", "p-cpe:/a:redhat:enterprise_linux:ovirt-ansible-repositories", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-devel", "cpe:/a:redhat:rhev_manager:4.3", "p-cpe:/a:redhat:enterprise_linux:ovn2.11-host", "p-cpe:/a:redhat:enterprise_linux:ovn2.11-central", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11", "p-cpe:/a:redhat:enterprise_linux:ovn2.11-vtep"], "id": "REDHAT-RHSA-2020-4114.NASL", "href": "https://www.tenable.com/plugins/nessus/141123", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:4114. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141123);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/10/05\");\n\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\");\n script_xref(name:\"RHSA\", value:\"2020:4114\");\n\n script_name(english:\"RHEL 7 : Red Hat Virtualization (RHSA-2020:4114)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:4114 advisory.\n\n - dpdk: librte_vhost Integer overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:4114\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828874\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10723\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(190);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhev_manager:4.3\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::hypervisor\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovirt-ansible-repositories\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovn2.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovn2.11-central\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovn2.11-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:ovn2.11-vtep\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-openvswitch2.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-ovirt-engine-sdk4\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\ninclude('lists.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'enterprise_linux_7_hypervisor': [\n 'rhel-7-server-rhev-mgmt-agent-debug-rpms',\n 'rhel-7-server-rhev-mgmt-agent-els-debug-rpms',\n 'rhel-7-server-rhev-mgmt-agent-els-rpms',\n 'rhel-7-server-rhev-mgmt-agent-els-source-rpms',\n 'rhel-7-server-rhev-mgmt-agent-for-power-le-debug-rpms',\n 'rhel-7-server-rhev-mgmt-agent-for-power-le-rpms',\n 'rhel-7-server-rhev-mgmt-agent-for-power-le-source-rpms',\n 'rhel-7-server-rhev-mgmt-agent-rpms',\n 'rhel-7-server-rhev-mgmt-agent-source-rpms',\n 'rhel-7-server-rhev-tools-for-power-le-debug-rpms',\n 'rhel-7-server-rhev-tools-for-power-le-rpms',\n 'rhel-7-server-rhev-tools-for-power-le-source-rpms',\n 'rhel-7-server-rhev-tools-for-power-rpms',\n 'rhel-7-server-rhev-tools-for-power-source-rpms',\n 'rhel-7-server-rhevh-els-rpms',\n 'rhel-7-server-rhevh-els-source-rpms',\n 'rhel-7-server-rhevh-rpms',\n 'rhel-7-server-rhevh-source-rpms',\n 'rhel-7-server-rhv-4-manager-tools-debug-rpms',\n 'rhel-7-server-rhv-4-manager-tools-rpms',\n 'rhel-7-server-rhv-4-manager-tools-source-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-debug-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-for-power-9-debug-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-for-power-9-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-for-power-9-source-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-for-power-le-debug-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-for-power-le-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-for-power-le-source-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-rpms',\n 'rhel-7-server-rhv-4-mgmt-agent-source-rpms',\n 'rhel-7-server-rhv-4-tools-debug-rpms',\n 'rhel-7-server-rhv-4-tools-for-power-le-debug-rpms',\n 'rhel-7-server-rhv-4-tools-for-power-le-rpms',\n 'rhel-7-server-rhv-4-tools-for-power-le-source-rpms',\n 'rhel-7-server-rhv-4-tools-rpms',\n 'rhel-7-server-rhv-4-tools-source-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-eus-debug-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-eus-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-eus-source-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-for-power-le-eus-debug-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-for-power-le-eus-rpms',\n 'rhel-7-server-rhv-4.2-mgmt-agent-for-power-le-eus-source-rpms',\n 'rhel-7-server-rhvh-4-build-debug-rpms',\n 'rhel-7-server-rhvh-4-build-rpms',\n 'rhel-7-server-rhvh-4-build-source-rpms',\n 'rhel-7-server-rhvh-4-debug-rpms',\n 'rhel-7-server-rhvh-4-rpms',\n 'rhel-7-server-rhvh-4-source-rpms',\n 'rhel-7-server-rhvh-4.2-build-eus-rpms',\n 'rhel-7-server-rhvh-4.2-build-eus-source-rpms',\n 'rhel-7-server-rhvh-4.2-eus-debug-rpms',\n 'rhel-7-server-rhvh-4.2-eus-rpms',\n 'rhel-7-server-rhvh-4.2-eus-source-rpms'\n ],\n 'rhev_manager_4_3': [\n 'rhel-7-server-rhv-4.3-manager-debug-rpms',\n 'rhel-7-server-rhv-4.3-manager-rpms',\n 'rhel-7-server-rhv-4.3-manager-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n found_repos = make_list(found_repos, repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:4114');\n}\n\npkgs = [\n {'reference':'openvswitch2.11-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'openvswitch2.11-devel-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'ovirt-ansible-repositories-1.1.6-1.el7ev', 'release':'7', 'el_string':'el7ev', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'ovn2.11-2.11.1-44.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'ovn2.11-central-2.11.1-44.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'ovn2.11-host-2.11.1-44.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'ovn2.11-vtep-2.11.1-44.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'python-openvswitch2.11-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']},\n {'reference':'python-ovirt-engine-sdk4-4.3.4-1.el7ev', 'cpu':'x86_64', 'release':'7', 'el_string':'el7ev', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['enterprise_linux_7_hypervisor', 'rhev_manager_4_3']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n if (empty_or_null(found_repos) || (!empty_or_null(found_repos) && collib::intersection(found_repos, repo_list))) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openvswitch2.11 / openvswitch2.11-devel / ovirt-ansible-repositories / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-05T14:07:55", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2298 advisory.\n\n - dpdk: librte_vhost Interger overflow in\n vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in\n vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 4, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-27T00:00:00", "title": "RHEL 7 : openvswitch (RHSA-2020:2298)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722"], "modified": "2020-05-27T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:openvswitch-test", "p-cpe:/a:redhat:enterprise_linux:openvswitch-devel", "p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-central", "p-cpe:/a:redhat:enterprise_linux:python-openvswitch", "p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-host", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-common", "p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-vtep", "p-cpe:/a:redhat:enterprise_linux:openvswitch", "cpe:/o:redhat:enterprise_linux:7::fastdatapath"], "id": "REDHAT-RHSA-2020-2298.NASL", "href": "https://www.tenable.com/plugins/nessus/136913", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2298. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136913);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\");\n script_xref(name:\"RHSA\", value:\"2020:2298\");\n\n script_name(english:\"RHEL 7 : openvswitch (RHSA-2020:2298)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2298 advisory.\n\n - dpdk: librte_vhost Interger overflow in\n vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in\n vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2298\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828874\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10723\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(190);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::fastdatapath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-central\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-common\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-host\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-ovn-vtep\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-openvswitch\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\npkgs = [\n {'reference':'openvswitch-2.9.0-130.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-2.9.0-130.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-devel-2.9.0-130.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-devel-2.9.0-130.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-central-2.9.0-130.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-central-2.9.0-130.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-common-2.9.0-130.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-common-2.9.0-130.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-host-2.9.0-130.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-host-2.9.0-130.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-vtep-2.9.0-130.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-ovn-vtep-2.9.0-130.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch-test-2.9.0-130.el7fdp', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-openvswitch-2.9.0-130.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-openvswitch-2.9.0-130.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openvswitch / openvswitch-devel / openvswitch-ovn-central / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-21T06:01:51", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2683 advisory.\n\n - dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.", "edition": 4, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-06-30T00:00:00", "title": "RHEL 7 : dpdk (RHSA-2020:2683)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722"], "modified": "2020-06-30T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:dpdk-tools", "p-cpe:/a:redhat:enterprise_linux:dpdk-doc", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:dpdk", "cpe:/a:redhat:rhel_extras_other:7", "p-cpe:/a:redhat:enterprise_linux:dpdk-devel"], "id": "REDHAT-RHSA-2020-2683.NASL", "href": "https://www.tenable.com/plugins/nessus/137894", "sourceData": "##\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2683. The text\n# itself is copyright (C) Red Hat, Inc.\n##\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(137894);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/19\");\n\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\");\n script_xref(name:\"RHSA\", value:\"2020:2683\");\n\n script_name(english:\"RHEL 7 : dpdk (RHSA-2020:2683)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2683 advisory.\n\n - dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2683\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828874\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10723\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(190);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:redhat:rhel_extras_other:7\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dpdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dpdk-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:dpdk-tools\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\nrepositories = {\n 'rhel_extras_other_7': [\n 'rhel-7-desktop-extras-debug-rpms',\n 'rhel-7-desktop-extras-rpms',\n 'rhel-7-desktop-extras-source-rpms',\n 'rhel-7-server-extras-debug-rpms',\n 'rhel-7-server-extras-rpms',\n 'rhel-7-server-extras-source-rpms',\n 'rhel-7-workstation-extras-debug-rpms',\n 'rhel-7-workstation-extras-rpms',\n 'rhel-7-workstation-extras-source-rpms'\n ]\n};\n\nfound_repos = NULL;\nhost_repo_list = get_kb_list('Host/RedHat/repo-list/*');\nif (!(empty_or_null(host_repo_list))) {\n found_repos = make_list();\n foreach repo_key (keys(repositories)) {\n foreach repo ( repositories[repo_key] ) {\n if (get_kb_item('Host/RedHat/repo-list/' + repo)) {\n append_element(var:found_repos, value:repo_key);\n break;\n }\n }\n }\n if(empty_or_null(found_repos)) audit(AUDIT_RHSA_NOT_AFFECTED, 'RHSA-2020:2683');\n}\n\npkgs = [\n {'reference':'dpdk-18.11.8-1.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},\n {'reference':'dpdk-devel-18.11.8-1.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},\n {'reference':'dpdk-doc-18.11.8-1.el7_8', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']},\n {'reference':'dpdk-tools-18.11.8-1.el7_8', 'cpu':'x86_64', 'release':'7', 'rpm_spec_vers_cmp':TRUE, 'repo_list':['rhel_extras_other_7']}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n allowmaj = NULL;\n repo_list = NULL;\n if (!empty_or_null(package_array['repo_list'])) repo_list = package_array['repo_list'];\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];\n if (reference && release) {\n repocheck = FALSE;\n if (empty_or_null(found_repos))\n {\n repocheck = TRUE;\n }\n else\n {\n foreach repo (repo_list) {\n if (contains_element(var:found_repos, value:repo))\n {\n repocheck = TRUE;\n break;\n }\n }\n }\n if (repocheck && rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;\n }\n}\n\nif (flag)\n{\n if (empty_or_null(host_repo_list)) extra = rpm_report_get() + redhat_report_repo_caveat();\n else extra = rpm_report_get() + redhat_report_package_caveat();\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : extra\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'dpdk / dpdk-devel / dpdk-doc / dpdk-tools');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T09:05:59", "description": "According to the versions of the dpdk packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A vulnerability was found in DPDK versions 18.05 and\n above. A missing check for an integer overflow in\n vhost_user_set_log_base() could result in a smaller\n memory map than requested, possibly allowing memory\n corruption.(CVE-2020-10722)\n\n - A memory corruption issue was found in DPDK versions\n 17.05 and above. This flaw is caused by an integer\n truncation on the index of a payload. Under certain\n circumstances, the index (a UInt) is copied and\n truncated into a uint16, which can lead to out of bound\n indexing and possible memory\n corruption.(CVE-2020-10723)\n\n - A vulnerability was found in DPDK versions 18.11 and\n above. The vhost-crypto library code is missing\n validations for user-supplied values, potentially\n allowing an information leak through an out-of-bounds\n memory read.(CVE-2020-10724)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-09-02T00:00:00", "title": "EulerOS 2.0 SP5 : dpdk (EulerOS-SA-2020-1936)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "modified": "2020-09-02T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dpdk", "p-cpe:/a:huawei:euleros:dpdk-devel", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1936.NASL", "href": "https://www.tenable.com/plugins/nessus/140157", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(140157);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-10722\",\n \"CVE-2020-10723\",\n \"CVE-2020-10724\"\n );\n\n script_name(english:\"EulerOS 2.0 SP5 : dpdk (EulerOS-SA-2020-1936)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dpdk packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A vulnerability was found in DPDK versions 18.05 and\n above. A missing check for an integer overflow in\n vhost_user_set_log_base() could result in a smaller\n memory map than requested, possibly allowing memory\n corruption.(CVE-2020-10722)\n\n - A memory corruption issue was found in DPDK versions\n 17.05 and above. This flaw is caused by an integer\n truncation on the index of a payload. Under certain\n circumstances, the index (a UInt) is copied and\n truncated into a uint16, which can lead to out of bound\n indexing and possible memory\n corruption.(CVE-2020-10723)\n\n - A vulnerability was found in DPDK versions 18.11 and\n above. The vhost-crypto library code is missing\n validations for user-supplied values, potentially\n allowing an information leak through an out-of-bounds\n memory read.(CVE-2020-10724)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1936\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?ada17b41\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dpdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/09/02\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/09/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dpdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(5)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP5\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_ARCH_NOT, \"i686 / x86_64\", cpu);\n\nflag = 0;\n\npkgs = [\"dpdk-18.11-0.h18.eulerosv2r7\",\n \"dpdk-devel-18.11-0.h18.eulerosv2r7\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"5\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dpdk\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:27:32", "description": "This update for dpdk to 17.11.7 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base()\n(bsc#1171477 bsc#1171930).\n\nCVE-2020-10723: Fixed an integer truncation in\nvhost_user_check_and_alloc_queue_pair() (bsc#1171477).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 3, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-06-17T00:00:00", "title": "SUSE SLES12 Security Update : dpdk (SUSE-SU-2020:1430-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2019-14818"], "modified": "2020-06-17T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:dpdk-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:libdpdk", "p-cpe:/a:novell:suse_linux:dpdk-tools", "p-cpe:/a:novell:suse_linux:dpdk-tools-debuginfo", "p-cpe:/a:novell:suse_linux:dpdk", "p-cpe:/a:novell:suse_linux:dpdk-debuginfo", "p-cpe:/a:novell:suse_linux:dpdk-kmp-default", "p-cpe:/a:novell:suse_linux:libdpdk-17_11-debuginfo", "p-cpe:/a:novell:suse_linux:dpdk-debugsource"], "id": "SUSE_SU-2020-1430-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137544", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1430-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137544);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-14818\", \"CVE-2020-10722\", \"CVE-2020-10723\");\n\n script_name(english:\"SUSE SLES12 Security Update : dpdk (SUSE-SU-2020:1430-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for dpdk to 17.11.7 fixes the following issues :\n\nSecurity issues fixed :\n\nCVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base()\n(bsc#1171477 bsc#1171930).\n\nCVE-2020-10723: Fixed an integer truncation in\nvhost_user_check_and_alloc_queue_pair() (bsc#1171477).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171477\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-14818/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10722/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10723/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201430-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?0d4851fb\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP4-2020-1430=1\n\nSUSE Linux Enterprise Server 12-SP4 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP4-2020-1430=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10723\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdpdk-17_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/11/14\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/17\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"dpdk-17.11.7-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"dpdk-debuginfo-17.11.7-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"dpdk-debugsource-17.11.7-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"dpdk-kmp-default-17.11.7_k4.12.14_95.51-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"dpdk-kmp-default-debuginfo-17.11.7_k4.12.14_95.51-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"dpdk-tools-17.11.7-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"dpdk-tools-debuginfo-17.11.7-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libdpdk-17_11-17.11.7-5.6.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", cpu:\"x86_64\", reference:\"libdpdk-17_11-debuginfo-17.11.7-5.6.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dpdk\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-31T17:30:15", "description": "Multiple vulnerabilities were discovered in the vhost code of DPDK, a\nset of libraries for fast packet processing, which could result in\ndenial of service or the execution of arbitrary code by malicious\nguests/containers.", "edition": 3, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-19T00:00:00", "title": "Debian DSA-4688-1 : dpdk - security update", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "modified": "2020-05-19T00:00:00", "cpe": ["cpe:/o:debian:debian_linux:10.0", "p-cpe:/a:debian:debian_linux:dpdk", "cpe:/o:debian:debian_linux:9.0"], "id": "DEBIAN_DSA-4688.NASL", "href": "https://www.tenable.com/plugins/nessus/136703", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-4688. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(136703);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/05/26\");\n\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\", \"CVE-2020-10724\");\n script_xref(name:\"DSA\", value:\"4688\");\n\n script_name(english:\"Debian DSA-4688-1 : dpdk - security update\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"Multiple vulnerabilities were discovered in the vhost code of DPDK, a\nset of libraries for fast packet processing, which could result in\ndenial of service or the execution of arbitrary code by malicious\nguests/containers.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://security-tracker.debian.org/tracker/source-package/dpdk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/stretch/dpdk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://packages.debian.org/source/buster/dpdk\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.debian.org/security/2020/dsa-4688\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"Upgrade the dpdk packages.\n\nFor the oldstable distribution (stretch), these problems have been\nfixed in version 16.11.11-1+deb9u2.\n\nFor the stable distribution (buster), these problems have been fixed\nin version 18.11.6-1~deb10u2.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:dpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:10.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:9.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/18\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"10.0\", prefix:\"dpdk\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"dpdk-dev\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"dpdk-doc\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"dpdk-igb-uio-dkms\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"dpdk-rte-kni-dkms\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"libdpdk-dev\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-acl18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bbdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bitratestats18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bpf18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bus-dpaa18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bus-fslmc18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bus-ifpga18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bus-pci18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bus-vdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-bus-vmbus18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-cfgfile18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-cmdline18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-common-cpt18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-common-dpaax18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-common-octeontx18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-compressdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-cryptodev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-distributor18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-eal18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-efd18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-ethdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-eventdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-flow-classify18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-gro18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-gso18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-hash18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-ip-frag18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-jobstats18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-kni18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-kvargs18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-latencystats18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-lpm18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mbuf18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-member18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mempool-bucket18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mempool-dpaa18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mempool-dpaa2-18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mempool-octeontx18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mempool-ring18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mempool-stack18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-mempool18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-meter18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-metrics18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-net18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pci18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pdump18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pipeline18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-aesni-gcm18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-aesni-mb18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-af-packet18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-ark18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-atlantic18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-avf18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-avp18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-axgbe18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-bbdev-null18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-bnx2x18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-bnxt18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-bond18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-caam-jr18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-ccp18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-crypto-scheduler18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-cxgbe18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa-event18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa-sec18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa2-18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa2-cmdif18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa2-event18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa2-qdma18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dpaa2-sec18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-dsw-event18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-e1000-18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-ena18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-enetc18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-enic18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-failsafe18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-fm10k18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-i40e18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-ifc18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-ifpga-rawdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-ixgbe18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-kni18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-liquidio18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-mlx4-18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-mlx5-18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-netvsc18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-nfp18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-null-crypto18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-null18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-octeontx-compress18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-octeontx-crypto18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-octeontx-event18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-octeontx18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-opdl-event18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-openssl18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-pcap18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-qat18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-qede18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-ring18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-sfc18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-skeleton-event18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-skeleton-rawdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-softnic18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-sw-event18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-tap18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-thunderx18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-vdev-netvsc18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-vhost18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-virtio-crypto18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-virtio18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-vmxnet3-18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-pmd-zlib18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-port18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-power18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-rawdev18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-reorder18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-ring18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-sched18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-security18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-table18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-telemetry18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-timer18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"10.0\", prefix:\"librte-vhost18.11\", reference:\"18.11.6-1~deb10u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"dpdk\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"dpdk-dev\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"dpdk-doc\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"dpdk-igb-uio-dkms\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"dpdk-rte-kni-dkms\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libdpdk-dev\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"libethdev4\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-acl2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-cfgfile2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-cmdline2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-cryptodev1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-cryptodev2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-distributor1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-eal2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-eal3\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-ethdev5\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-hash2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-ip-frag1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-jobstats1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-kni2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-kvargs1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-lpm2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-mbuf2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-mempool2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-meter1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-net1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pdump1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pipeline3\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-af-packet1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-bnxt1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-bond1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-cxgbe1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-e1000-1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-ena1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-enic1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-fm10k1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-i40e1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-ixgbe1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-null-crypto1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-null1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-pcap1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-qede1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-ring2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-vhost1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-virtio1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-vmxnet3-uio1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-pmd-xenvirt1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-port3\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-power1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-reorder1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-ring1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-sched1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-table2\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-timer1\", reference:\"16.11.11-1+deb9u2\")) flag++;\nif (deb_check(release:\"9.0\", prefix:\"librte-vhost3\", reference:\"16.11.11-1+deb9u2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:deb_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-05T14:07:55", "description": "The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2297 advisory.\n\n - dpdk: librte_vhost Interger overflow in\n vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in\n vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n - dpdk: librte_vhost Missing inputs validation in Vhost-\n crypto (CVE-2020-10724)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 4, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-27T00:00:00", "title": "RHEL 8 : openvswitch2.11 (RHSA-2020:2297)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "modified": "2020-05-27T00:00:00", "cpe": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath", "p-cpe:/a:redhat:enterprise_linux:python3-openvswitch2.11", "p-cpe:/a:redhat:enterprise_linux:network-scripts-openvswitch2.11", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-debugsource", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-devel", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-test", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11", "cpe:/o:redhat:enterprise_linux:8"], "id": "REDHAT-RHSA-2020-2297.NASL", "href": "https://www.tenable.com/plugins/nessus/136912", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2297. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136912);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\", \"CVE-2020-10724\");\n script_xref(name:\"RHSA\", value:\"2020:2297\");\n\n script_name(english:\"RHEL 8 : openvswitch2.11 (RHSA-2020:2297)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2297 advisory.\n\n - dpdk: librte_vhost Interger overflow in\n vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in\n vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n - dpdk: librte_vhost Missing inputs validation in Vhost-\n crypto (CVE-2020-10724)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/125.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2297\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10724\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828874\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828884\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10723\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(125, 190);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:8::fastdatapath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:network-scripts-openvswitch2.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python3-openvswitch2.11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^8([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 8.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\npkgs = [\n {'reference':'network-scripts-openvswitch2.11-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'s390x', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'network-scripts-openvswitch2.11-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'x86_64', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'s390x', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'x86_64', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-debugsource-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'s390x', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-debugsource-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'x86_64', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-devel-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'s390x', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-devel-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'x86_64', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-test-2.11.0-54.20200327gita4efc59.el8fdp', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-openvswitch2.11-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'s390x', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python3-openvswitch2.11-2.11.0-54.20200327gita4efc59.el8fdp', 'cpu':'x86_64', 'release':'8', 'el_string':'el8fdp', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'network-scripts-openvswitch2.11 / openvswitch2.11 / openvswitch2.11-debugsource / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-05T14:07:54", "description": "The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2296 advisory.\n\n - dpdk: librte_vhost Interger overflow in\n vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in\n vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n - dpdk: librte_vhost Missing inputs validation in Vhost-\n crypto (CVE-2020-10724)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "edition": 4, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-05-27T00:00:00", "title": "RHEL 7 : openvswitch2.11 (RHSA-2020:2296)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "modified": "2020-05-27T00:00:00", "cpe": ["p-cpe:/a:redhat:enterprise_linux:python-openvswitch2.11", "cpe:/o:redhat:enterprise_linux:7", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-devel", "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-test", "p-cpe:/a:redhat:enterprise_linux:openvswitch2.11"], "id": "REDHAT-RHSA-2020-2296.NASL", "href": "https://www.tenable.com/plugins/nessus/136898", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Red Hat Security Advisory RHSA-2020:2296. The text\n# itself is copyright (C) Red Hat, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(136898);\n script_version(\"1.3\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\", \"CVE-2020-10724\");\n script_xref(name:\"RHSA\", value:\"2020:2296\");\n\n script_name(english:\"RHEL 7 : openvswitch2.11 (RHSA-2020:2296)\");\n script_summary(english:\"Checks the rpm output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Red Hat host is missing one or more security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as\nreferenced in the RHSA-2020:2296 advisory.\n\n - dpdk: librte_vhost Interger overflow in\n vhost_user_set_log_base() (CVE-2020-10722)\n\n - dpdk: librte_vhost Integer truncation in\n vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n - dpdk: librte_vhost Missing inputs validation in Vhost-\n crypto (CVE-2020-10724)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/190.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://cwe.mitre.org/data/definitions/125.html\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/errata/RHSA-2020:2296\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10722\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10723\");\n script_set_attribute(attribute:\"see_also\", value:\"https://access.redhat.com/security/cve/CVE-2020-10724\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828867\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828874\");\n script_set_attribute(attribute:\"see_also\", value:\"https://bugzilla.redhat.com/1828884\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10723\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_cwe_id(125, 190);\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/05/26\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/05/27\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:redhat:enterprise_linux:7::fastdatapath\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:openvswitch2.11-test\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:redhat:enterprise_linux:python-openvswitch2.11\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Red Hat Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude('audit.inc');\ninclude('global_settings.inc');\ninclude('misc_func.inc');\ninclude('rpm.inc');\n\nif (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/RedHat/release');\nif (isnull(release) || 'Red Hat' >!< release) audit(AUDIT_OS_NOT, 'Red Hat');\nos_ver = pregmatch(pattern: \"Red Hat Enterprise Linux.*release ([0-9]+(\\.[0-9]+)?)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Red Hat');\nos_ver = os_ver[1];\nif (! preg(pattern:\"^7([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, 'Red Hat 7.x', 'Red Hat ' + os_ver);\n\nif (!get_kb_item('Host/RedHat/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Red Hat', cpu);\n\npkgs = [\n {'reference':'openvswitch2.11-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-devel-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-devel-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'openvswitch2.11-test-2.11.0-54.20200327gita4efc59.el7fdp', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-openvswitch2.11-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'s390x', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE},\n {'reference':'python-openvswitch2.11-2.11.0-54.20200327gita4efc59.el7fdp', 'cpu':'x86_64', 'release':'7', 'el_string':'el7fdp', 'rpm_spec_vers_cmp':TRUE}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n reference = NULL;\n release = NULL;\n sp = NULL;\n cpu = NULL;\n el_string = NULL;\n rpm_spec_vers_cmp = NULL;\n epoch = NULL;\n if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];\n if (!empty_or_null(package_array['release'])) release = 'RHEL' + package_array['release'];\n if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];\n if (!empty_or_null(package_array['cpu'])) cpu = package_array['cpu'];\n if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];\n if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];\n if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];\n if (reference && release) {\n if (rpm_check(release:release, sp:sp, cpu:cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get() + redhat_report_package_caveat()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'openvswitch2.11 / openvswitch2.11-devel / openvswitch2.11-test / etc');\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-07T09:05:32", "description": "According to the versions of the dpdk packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A vulnerability was found in DPDK versions 18.11 and\n above. The vhost-crypto library code is missing\n validations for user-supplied values, potentially\n allowing an information leak through an out-of-bounds\n memory read.(CVE-2020-10724)\n\n - A vulnerability was found in DPDK versions 18.05 and\n above. A missing check for an integer overflow in\n vhost_user_set_log_base() could result in a smaller\n memory map than requested, possibly allowing memory\n corruption.(CVE-2020-10722)\n\n - A memory corruption issue was found in DPDK versions\n 17.05 and above. This flaw is caused by an integer\n truncation on the index of a payload. Under certain\n circumstances, the index (a UInt) is copied and\n truncated into a uint16, which can lead to out of bound\n indexing and possible memory\n corruption.(CVE-2020-10723)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-07-30T00:00:00", "title": "EulerOS 2.0 SP8 : dpdk (EulerOS-SA-2020-1800)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "modified": "2020-07-30T00:00:00", "cpe": ["p-cpe:/a:huawei:euleros:dpdk", "p-cpe:/a:huawei:euleros:dpdk-devel", "p-cpe:/a:huawei:euleros:dpdk-tools", "cpe:/o:huawei:euleros:2.0"], "id": "EULEROS_SA-2020-1800.NASL", "href": "https://www.tenable.com/plugins/nessus/139130", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(139130);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2020-10722\",\n \"CVE-2020-10723\",\n \"CVE-2020-10724\"\n );\n\n script_name(english:\"EulerOS 2.0 SP8 : dpdk (EulerOS-SA-2020-1800)\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the versions of the dpdk packages installed, the EulerOS\ninstallation on the remote host is affected by the following\nvulnerabilities :\n\n - A vulnerability was found in DPDK versions 18.11 and\n above. The vhost-crypto library code is missing\n validations for user-supplied values, potentially\n allowing an information leak through an out-of-bounds\n memory read.(CVE-2020-10724)\n\n - A vulnerability was found in DPDK versions 18.05 and\n above. A missing check for an integer overflow in\n vhost_user_set_log_base() could result in a smaller\n memory map than requested, possibly allowing memory\n corruption.(CVE-2020-10722)\n\n - A memory corruption issue was found in DPDK versions\n 17.05 and above. This flaw is caused by an integer\n truncation on the index of a payload. Under certain\n circumstances, the index (a UInt) is copied and\n truncated into a uint16, which can lead to out of bound\n indexing and possible memory\n corruption.(CVE-2020-10723)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1800\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1fbdacc7\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected dpdk packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/07/30\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/07/30\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dpdk-devel\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:dpdk-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/sp\");\n script_exclude_keys(\"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nif (release !~ \"^EulerOS release 2\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"EulerOS 2.0\");\n\nsp = get_kb_item(\"Host/EulerOS/sp\");\nif (isnull(sp) || sp !~ \"^(8)$\") audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\");\n\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, \"EulerOS 2.0 SP8\", \"EulerOS UVP \" + uvp);\n\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"dpdk-18.11-0.h41.eulerosv2r8\",\n \"dpdk-devel-18.11-0.h41.eulerosv2r8\",\n \"dpdk-tools-18.11-0.h41.eulerosv2r8\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", sp:\"8\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dpdk\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-01-14T06:27:44", "description": "This update for dpdk fixes the following issues :\n\nCVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base()\n(bsc#1171930).\n\nCVE-2020-10723: Fixed an integer truncation in\nvhost_user_check_and_alloc_queue_pair() (bsc#1171925).\n\nCVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto\n(bsc#1171926).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 4, "cvss3": {"score": 6.7, "vector": "AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H"}, "published": "2020-06-18T00:00:00", "title": "SUSE SLES12 Security Update : dpdk (SUSE-SU-2020:1552-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "modified": "2020-06-18T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:dpdk-kmp-default-debuginfo", "p-cpe:/a:novell:suse_linux:libdpdk", "p-cpe:/a:novell:suse_linux:libdpdk-18_11-debuginfo", "p-cpe:/a:novell:suse_linux:dpdk-tools", "p-cpe:/a:novell:suse_linux:dpdk-tools-debuginfo", "p-cpe:/a:novell:suse_linux:dpdk", "p-cpe:/a:novell:suse_linux:dpdk-debuginfo", "p-cpe:/a:novell:suse_linux:dpdk-kmp-default", "p-cpe:/a:novell:suse_linux:dpdk-debugsource"], "id": "SUSE_SU-2020-1552-1.NASL", "href": "https://www.tenable.com/plugins/nessus/137591", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2020:1552-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(137591);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\", \"CVE-2020-10724\");\n\n script_name(english:\"SUSE SLES12 Security Update : dpdk (SUSE-SU-2020:1552-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for dpdk fixes the following issues :\n\nCVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base()\n(bsc#1171930).\n\nCVE-2020-10723: Fixed an integer truncation in\nvhost_user_check_and_alloc_queue_pair() (bsc#1171925).\n\nCVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto\n(bsc#1171926).\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171477\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171925\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171926\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1171930\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10722/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10723/\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2020-10724/\"\n );\n # https://www.suse.com/support/update/announcement/2020/suse-su-20201552-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?f4563686\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Software Development Kit 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SDK-12-SP5-2020-1552=1\n\nSUSE Linux Enterprise Server 12-SP5 :\n\nzypper in -t patch SUSE-SLE-SERVER-12-SP5-2020-1552=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2020-10723\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-kmp-default\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-kmp-default-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-tools\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:dpdk-tools-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdpdk\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:libdpdk-18_11-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2020/05/19\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/06/08\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/06/18\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2020-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\nif (cpu >!< \"x86_64\") audit(AUDIT_ARCH_NOT, \"x86_64\", cpu);\n\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(5)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP5\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"dpdk-18.11.3-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"dpdk-debuginfo-18.11.3-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"dpdk-debugsource-18.11.3-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"dpdk-kmp-default-18.11.3_k4.12.14_122.20-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"dpdk-kmp-default-debuginfo-18.11.3_k4.12.14_122.20-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"dpdk-tools-18.11.3-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"dpdk-tools-debuginfo-18.11.3-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"libdpdk-18_11-18.11.3-3.9.2\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"5\", cpu:\"x86_64\", reference:\"libdpdk-18_11-debuginfo-18.11.3-3.9.2\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"dpdk\");\n}\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "redhat": [{"lastseen": "2020-06-23T15:55:08", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723"], "description": "The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space.\n\nThe following packages have been upgraded to a later upstream version: dpdk (18.11.8). (BZ#1825276)\n\nSecurity Fix(es):\n\n* dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n* dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.", "modified": "2020-06-23T18:18:46", "published": "2020-06-23T18:00:52", "id": "RHSA-2020:2683", "href": "https://access.redhat.com/errata/RHSA-2020:2683", "type": "redhat", "title": "(RHSA-2020:2683) Moderate: dpdk security, bug fix, and enhancement update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-26T11:50:34", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723"], "description": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n* dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* OVS causing high pings and latency inside guest VM when an active DPDK port fails (BZ#1822198)\n\n* SEGV after recirculation in batch processing in vswitchd 2.9.0 (BZ#1826886)", "modified": "2020-05-26T15:11:19", "published": "2020-05-26T14:44:21", "id": "RHSA-2020:2298", "href": "https://access.redhat.com/errata/RHSA-2020:2298", "type": "redhat", "title": "(RHSA-2020:2298) Moderate: openvswitch security, bug fix and enhancement update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-09-30T11:44:11", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723"], "description": "ovirt-ansible-repositories is an Ansible role used to set up the repositories required for oVirt engine or host installation.\n\nThe openvswitch package contains components for enabling Open vSwitch; a software-based Ethernet virtual switch. It also includes OVN (Open Virtual Network) components for supporting virtual network abstraction.\t\n\nThe Red Hat Virtualization Python SDK is a program that simplifies access to the Red Hat Virtualization API by providing an object-oriented view to developers.\n\nSecurity Fix(es):\n\n* dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n* dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Previously, during RHHI-V deployment of 3 hosts using ovirt-ansible-hosted-engine-setup, the Self-Hosted Engine was added to the default cluster, but the additional 2 hosts were not added.\nIn this release, deployment with ovirt-ansible-hosted-engine-setup successfully adds all hosts to the cluster. (BZ#1855283)\n\n* Previously, when creating large numbers of virtual machines (~2300 VMs), the associated Data Centers became unresponsive, and the hosts did not have Storage Pool Managers (SPM).\nWith this release, large scale deployment of virtual machines succeeds without errors. (BZ#1849558)", "modified": "2020-09-30T13:40:44", "published": "2020-09-30T13:06:56", "id": "RHSA-2020:4114", "href": "https://access.redhat.com/errata/RHSA-2020:4114", "type": "redhat", "title": "(RHSA-2020:4114) Moderate: Red Hat Virtualization security and bug fix update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-26T11:51:58", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724"], "description": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n* dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n* dpdk: librte_vhost Missing inputs validation in Vhost-crypto (CVE-2020-10724)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [RHEL7] Update OVS 2.11 to last branch-2.11 commit and DPDK 18.11.7 (BZ#1822653)\n\n* [RHEL7] ingress qdisc gets removed (BZ#1826826)", "modified": "2020-05-26T15:04:26", "published": "2020-05-26T14:44:13", "id": "RHSA-2020:2296", "href": "https://access.redhat.com/errata/RHSA-2020:2296", "type": "redhat", "title": "(RHSA-2020:2296) Moderate: openvswitch2.11 security, bug fix and enhancement update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-26T11:52:17", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724"], "description": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n* dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n* dpdk: librte_vhost Missing inputs validation in Vhost-crypto (CVE-2020-10724)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* [RHEL8] Update OVS 2.11 to last branch-2.11 commit and DPDK 18.11.7 (BZ#1822654)\n\n* [RHEL8] ingress qdisc gets removed (BZ#1826827)", "modified": "2020-05-26T15:02:55", "published": "2020-05-26T14:44:17", "id": "RHSA-2020:2297", "href": "https://access.redhat.com/errata/RHSA-2020:2297", "type": "redhat", "title": "(RHSA-2020:2297) Moderate: openvswitch2.11 security, bug fix and enhancement update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-11-04T02:32:35", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10725", "CVE-2020-10726"], "description": "The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space.\n\nThe following packages have been upgraded to a later upstream version: dpdk (19.11.3). (BZ#1824905)\n\nSecurity Fix(es):\n\n* dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor (CVE-2020-10725)\n\n* dpdk: librte_vhost Integer overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n* dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n* dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS (CVE-2020-10726)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Red Hat Enterprise Linux 8.3 Release Notes linked from the References section.", "modified": "2020-11-04T05:04:44", "published": "2020-11-03T17:37:44", "id": "RHSA-2020:4806", "href": "https://access.redhat.com/errata/RHSA-2020:4806", "type": "redhat", "title": "(RHSA-2020:4806) Important: dpdk security, bug fix, and enhancement update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-26T11:51:11", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10725", "CVE-2020-10726"], "description": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor (CVE-2020-10725)\n\n* dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)\n\n* dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)\n\n* dpdk: librte_vhost Missing inputs validation in Vhost-crypto (CVE-2020-10724)\n\n* dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS (CVE-2020-10726)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* DPDK virtio_user lack of notifications make vhost_net+napi stops tx buffers (BZ#1803082)\n\n* Update internal DPDK to 19.11.1 (BZ#1824825)", "modified": "2020-05-26T15:09:46", "published": "2020-05-26T14:44:10", "id": "RHSA-2020:2295", "href": "https://access.redhat.com/errata/RHSA-2020:2295", "type": "redhat", "title": "(RHSA-2020:2295) Important: openvswitch2.13 security, bug fix and enhancement update", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2021-02-25T04:28:34", "bulletinFamily": "unix", "cvelist": ["CVE-2018-20843", "CVE-2019-13050", "CVE-2019-13627", "CVE-2019-14889", "CVE-2019-15165", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16935", "CVE-2019-17450", "CVE-2019-19221", "CVE-2019-19906", "CVE-2019-19956", "CVE-2019-20218", "CVE-2019-20387", "CVE-2019-20388", "CVE-2019-20454", "CVE-2019-20907", "CVE-2019-20916", "CVE-2019-5018", "CVE-2020-10029", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10725", "CVE-2020-10726", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-14382", "CVE-2020-14422", "CVE-2020-1730", "CVE-2020-1751", "CVE-2020-1752", "CVE-2020-1971", "CVE-2020-24659", "CVE-2020-25211", "CVE-2020-27813", "CVE-2020-6405", "CVE-2020-7595", "CVE-2020-8492", "CVE-2020-9327"], "description": "Red Hat OpenShift Container Platform is Red Hat's cloud computing\nKubernetes application platform solution designed for on-premise or private\ncloud deployments.\n\nThis advisory contains the extra low-latency container images for Red Hat\nOpenShift Container Platform 4.7. See the following advisory for the\ncontainer images for this release:\n\nhttps://access.redhat.com/errata/RHSA-2020:5633\n\nSecurity Fix(es):\n\n* golang-github-gorilla-websocket: integer overflow leads to denial of service (CVE-2020-27813)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nBug Fix(es):\n\n* Configuring the system with non-RT kernel will hang the system (BZ#1923220)", "modified": "2021-02-24T23:10:31", "published": "2021-02-24T23:09:49", "id": "RHSA-2020:5364", "href": "https://access.redhat.com/errata/RHSA-2020:5364", "type": "redhat", "title": "(RHSA-2020:5364) Moderate: OpenShift Container Platform 4.7 low-latency extras security and bug fix update", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}], "openvas": [{"lastseen": "2020-05-26T15:50:39", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "description": "The remote host is missing an update for the ", "modified": "2020-05-25T00:00:00", "published": "2020-05-19T00:00:00", "id": "OPENVAS:1361412562310704688", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310704688", "type": "openvas", "title": "Debian: Security Advisory for dpdk (DSA-4688-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.704688\");\n script_version(\"2020-05-25T07:05:32+0000\");\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\", \"CVE-2020-10724\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-25 07:05:32 +0000 (Mon, 25 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-19 03:00:07 +0000 (Tue, 19 May 2020)\");\n script_name(\"Debian: Security Advisory for dpdk (DSA-4688-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\", re:\"ssh/login/release=DEB(10|9)\");\n\n script_xref(name:\"URL\", value:\"https://www.debian.org/security/2020/dsa-4688.html\");\n script_xref(name:\"URL\", value:\"https://security-tracker.debian.org/tracker/DSA-4688-1\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dpdk'\n package(s) announced via the DSA-4688-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"Multiple vulnerabilities were discovered in the vhost code of DPDK,\na set of libraries for fast packet processing, which could result\nin denial of service or the execution of arbitrary code by malicious\nguests/containers.\");\n\n script_tag(name:\"affected\", value:\"'dpdk' package(s) on Debian Linux.\");\n\n script_tag(name:\"solution\", value:\"For the oldstable distribution (stretch), these problems have been fixed\nin version 16.11.11-1+deb9u2.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 18.11.6-1~deb10u2.\n\nWe recommend that you upgrade your dpdk packages.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-dev\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-doc\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-igb-uio-dkms\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-rte-kni-dkms\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libdpdk-dev\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-acl18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bbdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bitratestats18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bpf18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bus-dpaa18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bus-fslmc18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bus-ifpga18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bus-pci18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bus-vdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-bus-vmbus18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-cfgfile18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-cmdline18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-common-cpt18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-common-dpaax18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-common-octeontx18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-compressdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-cryptodev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-distributor18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-eal18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-efd18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-ethdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-eventdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-flow-classify18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-gro18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-gso18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-hash18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-ip-frag18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-jobstats18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-kni18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-kvargs18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-latencystats18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-lpm18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mbuf18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-member18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool-bucket18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool-dpaa18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool-dpaa2-18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool-octeontx18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool-ring18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool-stack18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-meter18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-metrics18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-net18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pci18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pdump18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pipeline18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-aesni-gcm18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-aesni-mb18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-af-packet18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ark18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-atlantic18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-avf18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-avp18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-axgbe18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-bbdev-null18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-bnx2x18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-bnxt18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-bond18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-caam-jr18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ccp18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-crypto-scheduler18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-cxgbe18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa-event18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa-sec18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa2-18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa2-cmdif18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa2-event18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa2-qdma18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dpaa2-sec18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-dsw-event18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-e1000-18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ena18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-enetc18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-enic18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-failsafe18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-fm10k18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-i40e18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ifc18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ifpga-rawdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ixgbe18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-kni18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-liquidio18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-mlx4-18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-mlx5-18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-netvsc18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-nfp18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-null-crypto18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-null18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-octeontx-compress18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-octeontx-crypto18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-octeontx-event18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-octeontx18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-opdl-event18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-openssl18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-pcap18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-qat18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-qede18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ring18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-sfc18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-skeleton-event18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-skeleton-rawdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-softnic18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-sw-event18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-tap18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-thunderx18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-vdev-netvsc18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-vhost18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-virtio-crypto18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-virtio18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-vmxnet3-18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-zlib18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-port18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-power18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-rawdev18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-reorder18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-ring18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-sched18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-security18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-table18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-telemetry18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-timer18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-vhost18.11\", ver:\"18.11.6-1~deb10u2\", rls:\"DEB10\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-dev\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-doc\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-igb-uio-dkms\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"dpdk-rte-kni-dkms\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libdpdk-dev\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"libethdev4\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-acl2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-cfgfile2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-cmdline2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-cryptodev1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-cryptodev2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-distributor1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-eal2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-eal3\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-ethdev5\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-hash2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-ip-frag1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-jobstats1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-kni2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-kvargs1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-lpm2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mbuf2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-mempool2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-meter1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-net1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pdump1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pipeline3\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-af-packet1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-bnxt1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-bond1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-cxgbe1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-e1000-1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ena1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-enic1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-fm10k1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-i40e1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ixgbe1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-null-crypto1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-null1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-pcap1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-qede1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-ring2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-vhost1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-virtio1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-vmxnet3-uio1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-pmd-xenvirt1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-port3\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-power1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-reorder1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-ring1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-sched1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-table2\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-timer1\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\nif(!isnull(res = isdpkgvuln(pkg:\"librte-vhost3\", ver:\"16.11.11-1+deb9u2\", rls:\"DEB9\"))) {\n report += res;\n}\n\nif(report != \"\") {\n security_message(data:report);\n} else if(__pkg_match) {\n exit(99);\n}\n\nexit(0);\n", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-28T13:27:11", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10726", "CVE-2020-10725", "CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "description": "The remote host is missing an update for the ", "modified": "2020-05-27T00:00:00", "published": "2020-05-23T00:00:00", "id": "OPENVAS:1361412562310853171", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310853171", "type": "openvas", "title": "openSUSE: Security Advisory for dpdk (openSUSE-SU-2020:0693-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.853171\");\n script_version(\"2020-05-27T04:05:03+0000\");\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\", \"CVE-2020-10724\", \"CVE-2020-10725\", \"CVE-2020-10726\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 04:05:03 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-23 03:00:53 +0000 (Sat, 23 May 2020)\");\n script_name(\"openSUSE: Security Advisory for dpdk (openSUSE-SU-2020:0693-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.1\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2020:0693-1\");\n script_xref(name:\"URL\", value:\"http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dpdk'\n package(s) announced via the openSUSE-SU-2020:0693-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for dpdk fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base()\n (bsc#1171477).\n\n - CVE-2020-10723: Fixed an integer truncation in\n vhost_user_check_and_alloc_queue_pair() (bsc#1171477).\n\n - CVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto\n (bsc#1171477).\n\n - CVE-2020-10725: Fixed a segfault caused by invalid virtio descriptors\n sent from a malicious guest (bsc#1171477).\n\n - CVE-2020-10726: Fixed a denial-of-service caused by\n VHOST_USER_GET_INFLIGHT_FD message flooding (bsc#1171477).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.1:\n\n zypper in -t patch openSUSE-2020-693=1\");\n\n script_tag(name:\"affected\", value:\"'dpdk' package(s) on openSUSE Leap 15.1.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.1\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk\", rpm:\"dpdk~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-debuginfo\", rpm:\"dpdk-debuginfo~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-debugsource\", rpm:\"dpdk-debugsource~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-devel\", rpm:\"dpdk-devel~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-devel-debuginfo\", rpm:\"dpdk-devel-debuginfo~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-examples\", rpm:\"dpdk-examples~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-examples-debuginfo\", rpm:\"dpdk-examples-debuginfo~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-kmp-default\", rpm:\"dpdk-kmp-default~18.11.3_k4.12.14_lp151.28.48~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-kmp-default-debuginfo\", rpm:\"dpdk-kmp-default-debuginfo~18.11.3_k4.12.14_lp151.28.48~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-tools\", rpm:\"dpdk-tools~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-tools-debuginfo\", rpm:\"dpdk-tools-debuginfo~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdpdk-18_11\", rpm:\"libdpdk-18_11~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"libdpdk-18_11-debuginfo\", rpm:\"libdpdk-18_11-debuginfo~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk-doc\", rpm:\"dpdk-doc~18.11.3~lp151.3.4.1\", rls:\"openSUSELeap15.1\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-05-28T13:49:55", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10726", "CVE-2020-10725", "CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "description": "The remote host is missing an update for the ", "modified": "2020-05-27T00:00:00", "published": "2020-05-19T00:00:00", "id": "OPENVAS:1361412562310844436", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310844436", "type": "openvas", "title": "Ubuntu: Security Advisory for dpdk (USN-4362-1)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.844436\");\n script_version(\"2020-05-27T07:30:45+0000\");\n script_cve_id(\"CVE-2020-10722\", \"CVE-2020-10723\", \"CVE-2020-10724\", \"CVE-2020-10725\", \"CVE-2020-10726\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-27 07:30:45 +0000 (Wed, 27 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-19 03:00:43 +0000 (Tue, 19 May 2020)\");\n script_name(\"Ubuntu: Security Advisory for dpdk (USN-4362-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Ubuntu Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/ubuntu_linux\", \"ssh/login/packages\", re:\"ssh/login/release=(UBUNTU19\\.10|UBUNTU18\\.04 LTS|UBUNTU20\\.04 LTS)\");\n\n script_xref(name:\"USN\", value:\"4362-1\");\n script_xref(name:\"URL\", value:\"https://lists.ubuntu.com/archives/ubuntu-security-announce/2020-May/005436.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dpdk'\n package(s) announced via the USN-4362-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"It was discovered that DPDK incorrectly handled certain inputs.\nAn attacker could possibly use this issue to cause a crash or\nexecute arbitrary code. (CVE-2020-10722, CVE-2020-10723,\nCVE-2020-10724, CVE-2020-10725, CVE-2020-10726)\");\n\n script_tag(name:\"affected\", value:\"'dpdk' package(s) on Ubuntu 20.04 LTS, Ubuntu 19.10, Ubuntu 18.04 LTS.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-deb.inc\");\n\nrelease = dpkg_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"UBUNTU19.10\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"dpdk\", ver:\"18.11.5-0ubuntu0.19.10.2\", rls:\"UBUNTU19.10\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU18.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"dpdk\", ver:\"17.11.9-0ubuntu18.04.2\", rls:\"UBUNTU18.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nif(release == \"UBUNTU20.04 LTS\") {\n\n if(!isnull(res = isdpkgvuln(pkg:\"dpdk\", ver:\"19.11.1-0ubuntu1.1\", rls:\"UBUNTU20.04 LTS\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-06-03T15:37:16", "bulletinFamily": "scanner", "cvelist": ["CVE-2020-10726", "CVE-2020-10725", "CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "description": "The remote host is missing an update for the ", "modified": "2020-05-29T00:00:00", "published": "2020-05-29T00:00:00", "id": "OPENVAS:1361412562310877863", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310877863", "type": "openvas", "title": "Fedora: Security Advisory for dpdk (FEDORA-2020-04e3d34451)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from (a) referenced\n# source(s), and are Copyright (C) by the respective right holder(s).\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.877863\");\n script_version(\"2020-05-29T08:53:11+0000\");\n script_cve_id(\"CVE-2020-10726\", \"CVE-2020-10724\", \"CVE-2020-10723\", \"CVE-2020-10722\", \"CVE-2020-10725\");\n script_tag(name:\"cvss_base\", value:\"4.6\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:L/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-05-29 08:53:11 +0000 (Fri, 29 May 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-05-29 03:28:41 +0000 (Fri, 29 May 2020)\");\n script_name(\"Fedora: Security Advisory for dpdk (FEDORA-2020-04e3d34451)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC32\");\n\n script_xref(name:\"FEDORA\", value:\"2020-04e3d34451\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'dpdk'\n package(s) announced via the FEDORA-2020-04e3d34451 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Data Plane Development Kit is a set of libraries and drivers for\nfast packet processing in the user space.\");\n\n script_tag(name:\"affected\", value:\"'dpdk' package(s) on Fedora 32.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC32\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"dpdk\", rpm:\"dpdk~19.11.1~2.fc32\", rls:\"FC32\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "debian": [{"lastseen": "2020-08-12T01:01:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "description": "- -------------------------------------------------------------------------\nDebian Security Advisory DSA-4688-1 security@debian.org\nhttps://www.debian.org/security/ Moritz Muehlenhoff\nMay 18, 2020 https://www.debian.org/security/faq\n- -------------------------------------------------------------------------\n\nPackage : dpdk\nCVE ID : CVE-2020-10722 CVE-2020-10723 CVE-2020-10724\n\nMultiple vulnerabilities were discovered in the vhost code of DPDK,\na set of libraries for fast packet processing, which could result\nin denial of service or the execution of arbitrary code by malicious\nguests/containers.\n\nFor the oldstable distribution (stretch), these problems have been fixed\nin version 16.11.11-1+deb9u2.\n\nFor the stable distribution (buster), these problems have been fixed in\nversion 18.11.6-1~deb10u2.\n\nWe recommend that you upgrade your dpdk packages.\n\nFor the detailed security status of dpdk please refer to\nits security tracker page at:\nhttps://security-tracker.debian.org/tracker/dpdk\n\nFurther information about Debian Security Advisories, how to apply\nthese updates to your system and frequently asked questions can be\nfound at: https://www.debian.org/security/\n\nMailing list: debian-security-announce@lists.debian.org\n", "edition": 10, "modified": "2020-05-18T18:02:29", "published": "2020-05-18T18:02:29", "id": "DEBIAN:DSA-4688-1:5AF9B", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2020/msg00092.html", "title": "[SECURITY] [DSA 4688-1] dpdk security update", "type": "debian", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "oraclelinux": [{"lastseen": "2020-11-12T03:24:21", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10726", "CVE-2020-10725", "CVE-2020-10723", "CVE-2020-10722"], "description": "[19.11.3-1]\n- Rebase DPDK to 19.11.3 (#1868708)\n[19.11.2-1]\n- Rebase DPDK to 19.11.2 (#1836830, #1837024, #1837030, #1837022)\n[19.11.1-1]\n- Rebase DPDK to 19.11.1 (#1824905)\n- Remove dpdk-pmdinfo.py (#1801361)\n- Add Requires: rdma-core-devel libmnl-devel on x86_64 for dpdk-devel (#1813252)", "edition": 1, "modified": "2020-11-10T00:00:00", "published": "2020-11-10T00:00:00", "id": "ELSA-2020-4806", "href": "http://linux.oracle.com/errata/ELSA-2020-4806.html", "title": "dpdk security, bug fix, and enhancement update", "type": "oraclelinux", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "suse": [{"lastseen": "2020-05-23T03:10:36", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10726", "CVE-2020-10725", "CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "description": "This update for dpdk fixes the following issues:\n\n Security issues fixed:\n\n - CVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base()\n (bsc#1171477).\n - CVE-2020-10723: Fixed an integer truncation in\n vhost_user_check_and_alloc_queue_pair() (bsc#1171477).\n - CVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto\n (bsc#1171477).\n - CVE-2020-10725: Fixed a segfault caused by invalid virtio descriptors\n sent from a malicious guest (bsc#1171477).\n - CVE-2020-10726: Fixed a denial-of-service caused by\n VHOST_USER_GET_INFLIGHT_FD message flooding (bsc#1171477).\n\n This update was imported from the SUSE:SLE-15-SP1:Update update project.\n\n", "edition": 1, "modified": "2020-05-23T00:24:38", "published": "2020-05-23T00:24:38", "id": "OPENSUSE-SU-2020:0693-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html", "title": "Security update for dpdk (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "ubuntu": [{"lastseen": "2020-07-02T11:35:14", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10726", "CVE-2020-10725", "CVE-2020-10723", "CVE-2020-10722", "CVE-2020-10724"], "description": "It was discovered that DPDK incorrectly handled certain inputs. \nAn attacker could possibly use this issue to cause a crash or \nexecute arbitrary code. (CVE-2020-10722, CVE-2020-10723, \nCVE-2020-10724, CVE-2020-10725, CVE-2020-10726)", "edition": 3, "modified": "2020-05-18T00:00:00", "published": "2020-05-18T00:00:00", "id": "USN-4362-1", "href": "https://ubuntu.com/security/notices/USN-4362-1", "title": "DPDK vulnerabilities", "type": "ubuntu", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:56", "bulletinFamily": "unix", "cvelist": ["CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10725", "CVE-2020-10726"], "description": "The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. ", "modified": "2020-05-28T04:15:46", "published": "2020-05-28T04:15:46", "id": "FEDORA:D7EAD6076188", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 32 Update: dpdk-19.11.1-2.fc32", "cvss": {"score": 4.6, "vector": "AV:L/AC:L/Au:N/C:P/I:P/A:P"}}], "oracle": [{"lastseen": "2021-02-27T21:41:27", "bulletinFamily": "software", "cvelist": ["CVE-2012-2098", "CVE-2015-4000", "CVE-2015-8965", "CVE-2016-1000031", "CVE-2016-5725", "CVE-2017-12626", "CVE-2017-5611", "CVE-2017-5645", "CVE-2017-8028", "CVE-2018-0732", "CVE-2018-10237", "CVE-2018-11775", "CVE-2018-1258", "CVE-2018-1285", "CVE-2018-15756", "CVE-2018-20781", "CVE-2018-2587", "CVE-2018-7318", "CVE-2018-8032", "CVE-2018-9019", "CVE-2019-0188", "CVE-2019-0227", "CVE-2019-0230", "CVE-2019-0233", "CVE-2019-10086", "CVE-2019-10173", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11135", "CVE-2019-11269", "CVE-2019-11358", "CVE-2019-12399", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-13990", "CVE-2019-14862", "CVE-2019-1551", "CVE-2019-1559", "CVE-2019-17091", "CVE-2019-17195", "CVE-2019-17359", "CVE-2019-17563", "CVE-2019-17566", "CVE-2019-17569", "CVE-2019-20892", "CVE-2019-20907", "CVE-2019-2697", "CVE-2019-3773", "CVE-2019-3778", "CVE-2019-5427", "CVE-2019-7164", "CVE-2019-7548", "CVE-2019-9511", "CVE-2019-9513", "CVE-2020-10531", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10725", "CVE-2020-10726", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11612", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11979", "CVE-2020-11984", "CVE-2020-11985", "CVE-2020-11993", "CVE-2020-11994", "CVE-2020-11996", "CVE-2020-11998", "CVE-2020-12723", "CVE-2020-13254", "CVE-2020-13596", "CVE-2020-13871", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-13954", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14147", "CVE-2020-14195", "CVE-2020-14422", "CVE-2020-14750", "CVE-2020-14756", "CVE-2020-14803", "CVE-2020-15025", "CVE-2020-15358", "CVE-2020-17498", "CVE-2020-17521", "CVE-2020-17530", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1945", "CVE-2020-1967", "CVE-2020-1968", "CVE-2020-1971", "CVE-2020-24583", "CVE-2020-24584", "CVE-2020-24616", "CVE-2020-24750", "CVE-2020-25020", "CVE-2020-2555", "CVE-2020-25862", "CVE-2020-25863", "CVE-2020-25866", "CVE-2020-26575", "CVE-2020-27216", "CVE-2020-35460", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-5421", "CVE-2020-7064", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8265", "CVE-2020-8277", "CVE-2020-8287", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548", "CVE-2021-1993", "CVE-2021-1994", "CVE-2021-1995", "CVE-2021-1996", "CVE-2021-1997", "CVE-2021-1998", "CVE-2021-1999", "CVE-2021-2000", "CVE-2021-2001", "CVE-2021-2002", "CVE-2021-2003", "CVE-2021-2004", "CVE-2021-2005", "CVE-2021-2006", "CVE-2021-2007", "CVE-2021-2009", "CVE-2021-2010", "CVE-2021-2011", "CVE-2021-2012", "CVE-2021-2013", "CVE-2021-2014", "CVE-2021-2015", "CVE-2021-2016", "CVE-2021-2017", "CVE-2021-2018", "CVE-2021-2019", "CVE-2021-2020", "CVE-2021-2021", "CVE-2021-2022", "CVE-2021-2023", "CVE-2021-2024", "CVE-2021-2025", "CVE-2021-2026", "CVE-2021-2027", "CVE-2021-2028", "CVE-2021-2029", "CVE-2021-2030", "CVE-2021-2031", "CVE-2021-2032", "CVE-2021-2033", "CVE-2021-2034", "CVE-2021-2035", "CVE-2021-2036", "CVE-2021-2038", "CVE-2021-2039", "CVE-2021-2040", "CVE-2021-2041", "CVE-2021-2042", "CVE-2021-2043", "CVE-2021-2044", "CVE-2021-2045", "CVE-2021-2046", "CVE-2021-2047", "CVE-2021-2048", "CVE-2021-2049", "CVE-2021-2050", "CVE-2021-2051", "CVE-2021-2052", "CVE-2021-2054", "CVE-2021-2055", "CVE-2021-2056", "CVE-2021-2057", "CVE-2021-2058", "CVE-2021-2059", "CVE-2021-2060", "CVE-2021-2061", "CVE-2021-2062", "CVE-2021-2063", "CVE-2021-2064", "CVE-2021-2065", "CVE-2021-2066", "CVE-2021-2067", "CVE-2021-2068", "CVE-2021-2069", "CVE-2021-2070", "CVE-2021-2071", "CVE-2021-2072", "CVE-2021-2073", "CVE-2021-2074", "CVE-2021-2075", "CVE-2021-2076", "CVE-2021-2077", "CVE-2021-2078", "CVE-2021-2079", "CVE-2021-2080", "CVE-2021-2081", "CVE-2021-2082", "CVE-2021-2083", "CVE-2021-2084", "CVE-2021-2085", "CVE-2021-2086", "CVE-2021-2087", "CVE-2021-2088", "CVE-2021-2089", "CVE-2021-2090", "CVE-2021-2091", "CVE-2021-2092", "CVE-2021-2093", "CVE-2021-2094", "CVE-2021-2096", "CVE-2021-2097", "CVE-2021-2098", "CVE-2021-2099", "CVE-2021-2100", "CVE-2021-2101", "CVE-2021-2102", "CVE-2021-2103", "CVE-2021-2104", "CVE-2021-2105", "CVE-2021-2106", "CVE-2021-2107", "CVE-2021-2108", "CVE-2021-2109", "CVE-2021-2110", "CVE-2021-2111", "CVE-2021-2112", "CVE-2021-2113", "CVE-2021-2114", "CVE-2021-2115", "CVE-2021-2116", "CVE-2021-2117", "CVE-2021-2118", "CVE-2021-2119", "CVE-2021-2120", "CVE-2021-2121", "CVE-2021-2122", "CVE-2021-2123", "CVE-2021-2124", "CVE-2021-2125", "CVE-2021-2126", "CVE-2021-2127", "CVE-2021-2128", "CVE-2021-2129", "CVE-2021-2130", "CVE-2021-2131"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 329 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ January 2021 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2739494.1>).\n\n**Please note that since the release of the October 2020 Critical Patch Update, Oracle has released a Security Alert for Oracle WebLogic Server: [CVE-2020-14750 (November 1, 2020)](<https://www.oracle.com/security-alerts/alert-cve-2020-14750.html>). Customers are strongly advised to apply this Critical Patch Update, which includes patches for this Alert as well as additional patches.**\n", "modified": "2021-02-22T00:00:00", "published": "2021-01-19T00:00:00", "id": "ORACLE:CPUJAN2021", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - January 2021", "cvss": {"score": 9.3, "vector": "AV:N/AC:M/Au:N/C:C/I:C/A:C"}}, {"lastseen": "2020-12-24T15:41:14", "bulletinFamily": "software", "cvelist": ["CVE-2013-7285", "CVE-2015-1832", "CVE-2015-9251", "CVE-2016-0701", "CVE-2016-1000031", "CVE-2016-1000338", "CVE-2016-1000339", "CVE-2016-1000340", "CVE-2016-1000341", "CVE-2016-1000342", "CVE-2016-1000343", "CVE-2016-1000344", "CVE-2016-1000345", "CVE-2016-1000346", "CVE-2016-1000352", "CVE-2016-10244", "CVE-2016-10328", "CVE-2016-2167", "CVE-2016-2168", "CVE-2016-2183", "CVE-2016-2510", "CVE-2016-3189", "CVE-2016-4800", "CVE-2016-5000", "CVE-2016-5300", "CVE-2016-5725", "CVE-2016-6153", "CVE-2016-6306", "CVE-2016-8610", "CVE-2016-8734", "CVE-2017-10989", "CVE-2017-12626", "CVE-2017-13098", "CVE-2017-13685", "CVE-2017-13745", "CVE-2017-14232", "CVE-2017-15095", "CVE-2017-15286", "CVE-2017-17485", "CVE-2017-3164", "CVE-2017-5644", "CVE-2017-5645", "CVE-2017-5662", "CVE-2017-7525", "CVE-2017-7656", "CVE-2017-7657", "CVE-2017-7658", "CVE-2017-7857", "CVE-2017-7858", "CVE-2017-7864", "CVE-2017-8105", "CVE-2017-8287", "CVE-2017-9096", "CVE-2017-9735", "CVE-2017-9800", "CVE-2018-1000180", "CVE-2018-1000613", "CVE-2018-1000873", "CVE-2018-11054", "CVE-2018-11055", "CVE-2018-11056", "CVE-2018-11057", "CVE-2018-11058", "CVE-2018-11307", "CVE-2018-12022", "CVE-2018-12023", "CVE-2018-12536", "CVE-2018-12538", "CVE-2018-12545", "CVE-2018-14718", "CVE-2018-15769", "CVE-2018-17196", "CVE-2018-18873", "CVE-2018-19139", "CVE-2018-19539", "CVE-2018-19540", "CVE-2018-19541", "CVE-2018-19542", "CVE-2018-19543", "CVE-2018-20346", "CVE-2018-20505", "CVE-2018-20506", "CVE-2018-20570", "CVE-2018-20584", "CVE-2018-20622", "CVE-2018-20843", "CVE-2018-2765", "CVE-2018-3693", "CVE-2018-5382", "CVE-2018-5968", "CVE-2018-6942", "CVE-2018-7489", "CVE-2018-8013", "CVE-2018-8088", "CVE-2018-8740", "CVE-2018-9055", "CVE-2018-9154", "CVE-2018-9252", "CVE-2019-0192", "CVE-2019-0201", "CVE-2019-10072", "CVE-2019-10097", "CVE-2019-1010239", "CVE-2019-10173", "CVE-2019-10241", "CVE-2019-10246", "CVE-2019-10247", "CVE-2019-10744", "CVE-2019-11048", "CVE-2019-11358", "CVE-2019-11477", "CVE-2019-11478", "CVE-2019-11479", "CVE-2019-11834", "CVE-2019-11835", "CVE-2019-11922", "CVE-2019-12086", "CVE-2019-12260", "CVE-2019-12261", "CVE-2019-12384", "CVE-2019-12402", "CVE-2019-12415", "CVE-2019-12419", "CVE-2019-12423", "CVE-2019-12814", "CVE-2019-12900", "CVE-2019-13990", "CVE-2019-14379", "CVE-2019-14540", "CVE-2019-14893", "CVE-2019-1547", "CVE-2019-1549", "CVE-2019-1552", "CVE-2019-1563", "CVE-2019-15903", "CVE-2019-16168", "CVE-2019-16335", "CVE-2019-16942", "CVE-2019-16943", "CVE-2019-17091", "CVE-2019-17267", "CVE-2019-17359", "CVE-2019-17495", "CVE-2019-17531", "CVE-2019-17543", "CVE-2019-17558", "CVE-2019-17569", "CVE-2019-17632", "CVE-2019-17638", "CVE-2019-18348", "CVE-2019-20330", "CVE-2019-2897", "CVE-2019-2904", "CVE-2019-3738", "CVE-2019-3739", "CVE-2019-3740", "CVE-2019-5018", "CVE-2019-5427", "CVE-2019-5435", "CVE-2019-5436", "CVE-2019-5443", "CVE-2019-5481", "CVE-2019-5482", "CVE-2019-8457", "CVE-2019-9511", "CVE-2019-9513", "CVE-2019-9936", "CVE-2019-9937", "CVE-2020-10108", "CVE-2020-10543", "CVE-2020-10650", "CVE-2020-10672", "CVE-2020-10673", "CVE-2020-10683", "CVE-2020-10722", "CVE-2020-10723", "CVE-2020-10724", "CVE-2020-10878", "CVE-2020-10968", "CVE-2020-10969", "CVE-2020-11022", "CVE-2020-11023", "CVE-2020-11080", "CVE-2020-11111", "CVE-2020-11112", "CVE-2020-11113", "CVE-2020-11619", "CVE-2020-11620", "CVE-2020-11655", "CVE-2020-11656", "CVE-2020-11971", "CVE-2020-11972", "CVE-2020-11973", "CVE-2020-11984", "CVE-2020-11993", "CVE-2020-11996", "CVE-2020-12243", "CVE-2020-12723", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632", "CVE-2020-13920", "CVE-2020-13934", "CVE-2020-13935", "CVE-2020-14060", "CVE-2020-14061", "CVE-2020-14062", "CVE-2020-14195", "CVE-2020-14672", "CVE-2020-14731", "CVE-2020-14732", "CVE-2020-14734", "CVE-2020-14735", "CVE-2020-14736", "CVE-2020-14740", "CVE-2020-14741", "CVE-2020-14742", "CVE-2020-14743", "CVE-2020-14744", "CVE-2020-14745", "CVE-2020-14746", "CVE-2020-14752", "CVE-2020-14753", "CVE-2020-14754", "CVE-2020-14757", "CVE-2020-14758", "CVE-2020-14759", "CVE-2020-14760", "CVE-2020-14761", "CVE-2020-14762", "CVE-2020-14763", "CVE-2020-14764", "CVE-2020-14765", "CVE-2020-14766", "CVE-2020-14767", "CVE-2020-14768", "CVE-2020-14769", "CVE-2020-14770", "CVE-2020-14771", "CVE-2020-14772", "CVE-2020-14773", "CVE-2020-14774", "CVE-2020-14775", "CVE-2020-14776", "CVE-2020-14777", "CVE-2020-14778", "CVE-2020-14779", "CVE-2020-14780", "CVE-2020-14781", "CVE-2020-14782", "CVE-2020-14783", "CVE-2020-14784", "CVE-2020-14785", "CVE-2020-14786", "CVE-2020-14787", "CVE-2020-14788", "CVE-2020-14789", "CVE-2020-14790", "CVE-2020-14791", "CVE-2020-14792", "CVE-2020-14793", "CVE-2020-14794", "CVE-2020-14795", "CVE-2020-14796", "CVE-2020-14797", "CVE-2020-14798", "CVE-2020-14799", "CVE-2020-14800", "CVE-2020-14801", "CVE-2020-14802", "CVE-2020-14803", "CVE-2020-14804", "CVE-2020-14805", "CVE-2020-14806", "CVE-2020-14807", "CVE-2020-14808", "CVE-2020-14809", "CVE-2020-14810", "CVE-2020-14811", "CVE-2020-14812", "CVE-2020-14813", "CVE-2020-14814", "CVE-2020-14815", "CVE-2020-14816", "CVE-2020-14817", "CVE-2020-14818", "CVE-2020-14819", "CVE-2020-14820", "CVE-2020-14821", "CVE-2020-14822", "CVE-2020-14823", "CVE-2020-14824", "CVE-2020-14825", "CVE-2020-14826", "CVE-2020-14827", "CVE-2020-14828", "CVE-2020-14829", "CVE-2020-14830", "CVE-2020-14831", "CVE-2020-14832", "CVE-2020-14833", "CVE-2020-14834", "CVE-2020-14835", "CVE-2020-14836", "CVE-2020-14837", "CVE-2020-14838", "CVE-2020-14839", "CVE-2020-14840", "CVE-2020-14841", "CVE-2020-14842", "CVE-2020-14843", "CVE-2020-14844", "CVE-2020-14845", "CVE-2020-14846", "CVE-2020-14847", "CVE-2020-14848", "CVE-2020-14849", "CVE-2020-14850", "CVE-2020-14851", "CVE-2020-14852", "CVE-2020-14853", "CVE-2020-14854", "CVE-2020-14855", "CVE-2020-14856", "CVE-2020-14857", "CVE-2020-14858", "CVE-2020-14859", "CVE-2020-14860", "CVE-2020-14861", "CVE-2020-14862", "CVE-2020-14863", "CVE-2020-14864", "CVE-2020-14865", "CVE-2020-14866", "CVE-2020-14867", "CVE-2020-14868", "CVE-2020-14869", "CVE-2020-14870", "CVE-2020-14871", "CVE-2020-14872", "CVE-2020-14873", "CVE-2020-14875", "CVE-2020-14876", "CVE-2020-14877", "CVE-2020-14878", "CVE-2020-14879", "CVE-2020-14880", "CVE-2020-14881", "CVE-2020-14882", "CVE-2020-14883", "CVE-2020-14884", "CVE-2020-14885", "CVE-2020-14886", "CVE-2020-14887", "CVE-2020-14888", "CVE-2020-14889", "CVE-2020-14890", "CVE-2020-14891", "CVE-2020-14892", "CVE-2020-14893", "CVE-2020-14894", "CVE-2020-14895", "CVE-2020-14896", "CVE-2020-14897", "CVE-2020-14898", "CVE-2020-14899", "CVE-2020-14900", "CVE-2020-14901", "CVE-2020-15358", "CVE-2020-15389", "CVE-2020-1730", "CVE-2020-1935", "CVE-2020-1938", "CVE-2020-1941", "CVE-2020-1945", "CVE-2020-1950", "CVE-2020-1951", "CVE-2020-1953", "CVE-2020-1954", "CVE-2020-1967", "CVE-2020-2555", "CVE-2020-3235", "CVE-2020-3909", "CVE-2020-4051", "CVE-2020-5397", "CVE-2020-5398", "CVE-2020-5407", "CVE-2020-5408", "CVE-2020-7067", "CVE-2020-8172", "CVE-2020-8174", "CVE-2020-8840", "CVE-2020-9281", "CVE-2020-9327", "CVE-2020-9409", "CVE-2020-9410", "CVE-2020-9484", "CVE-2020-9488", "CVE-2020-9489", "CVE-2020-9490", "CVE-2020-9546", "CVE-2020-9547", "CVE-2020-9548"], "description": "A Critical Patch Update is a collection of patches for multiple security vulnerabilities. These patches address vulnerabilities in Oracle code and in third-party components included in Oracle products. These patches are usually cumulative, but each advisory describes only the security patches added since the previous Critical Patch Update Advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security patches. Refer to [\u201cCritical Patch Updates, Security Alerts and Bulletins\u201d](<https://www.oracle.com/security-alerts/>) for information about Oracle Security advisories. \n \nStarting with the October 2020 Critical Patch Update, Oracle lists updates that address vulnerabilities in third-party components which are not exploitable in the context of their inclusion in their respective Oracle product beneath the product's risk matrix. Oracle has published two versions of the October 2020 Critical Patch Update Advisory: this version of the advisory implemented the change in how non-exploitable vulnerabilities in third-party components are reported, and the \u201ctraditional\u201d advisory follows the same format as the previous advisories. The \u201ctraditional\u201d advisory is published at <https://www.oracle.com/security-alerts/cpuoct2020traditional.html>. \n\n**Oracle continues to periodically receive reports of attempts to maliciously exploit vulnerabilities for which Oracle has already released security patches. In some instances, it has been reported that attackers have been successful because targeted customers had failed to apply available Oracle patches. Oracle therefore strongly recommends that customers remain on actively-supported versions and apply Critical Patch Update security patches without delay.**\n\nThis Critical Patch Update contains 403 new security patches across the product families listed below. Please note that an MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at [ October 2020 Critical Patch Update: Executive Summary and Analysis](<https://support.oracle.com/rs?type=doc&id=2712240.1>).\n", "modified": "2020-12-08T00:00:00", "published": "2020-10-20T00:00:00", "id": "ORACLE:CPUOCT2020", "href": "", "type": "oracle", "title": "Oracle Critical Patch Update Advisory - October 2020", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}
