A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate msg->payload.inflight.num_queues
, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.
[
{
"product": "dpdk",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "Fixed in dpdk v22.03"
}
]
}
]