| Reporter | Title | Published | Views | Family All 99 |
|---|---|---|---|---|
| CVE-2021-3839 | 23 Aug 202216:15 | – | attackerkb | |
| CVE-2022-0669 | 29 Aug 202215:15 | – | attackerkb | |
| AlmaLinux 9 : dpdk (ALSA-2022:8263) | 19 Nov 202200:00 | – | nessus | |
| CentOS 9 : dpdk-21.11.1-1.el9 | 29 Feb 202400:00 | – | nessus | |
| Debian DSA-5130-1 : dpdk - security update | 5 May 202200:00 | – | nessus | |
| EulerOS 2.0 SP10 : dpdk (EulerOS-SA-2022-2241) | 17 Aug 202200:00 | – | nessus | |
| EulerOS 2.0 SP10 : dpdk (EulerOS-SA-2022-2254) | 17 Aug 202200:00 | – | nessus | |
| EulerOS 2.0 SP9 : dpdk (EulerOS-SA-2022-2284) | 14 Sep 202200:00 | – | nessus | |
| MiracleLinux 9 : dpdk-21.11.2-1.el9 (AXSA:2023-5000:03) | 20 Jan 202600:00 | – | nessus | |
| Oracle Linux 9 : dpdk (ELSA-2022-8263) | 22 Nov 202200:00 | – | nessus |
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
##
include('compat.inc');
if (description)
{
script_id(165054);
script_version("1.3");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/12/05");
script_cve_id("CVE-2021-3839", "CVE-2022-0669");
script_name(english:"EulerOS 2.0 SP9 : dpdk (EulerOS-SA-2022-2313)");
script_set_attribute(attribute:"synopsis", value:
"The remote EulerOS host is missing multiple security updates.");
script_set_attribute(attribute:"description", value:
"According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the
following vulnerabilities :
- A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate
`msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using
DPDK vhost library may crash as a result of this vulnerability. (CVE-2021-3839)
- A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of
fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not
closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts
available fd in the vhost-user slave process, leading to a denial of service. (CVE-2022-0669)
Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security
advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional
issues.");
# https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2022-2313
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?0d9ca30c");
script_set_attribute(attribute:"solution", value:
"Update the affected dpdk packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:C");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-3839");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"exploit_available", value:"false");
script_set_attribute(attribute:"vuln_publication_date", value:"2022/05/27");
script_set_attribute(attribute:"patch_publication_date", value:"2022/09/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2022/09/14");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:dpdk");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:huawei:euleros:dpdk-tools");
script_set_attribute(attribute:"cpe", value:"cpe:/o:huawei:euleros:2.0");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Huawei Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/EulerOS/release", "Host/EulerOS/rpm-list", "Host/EulerOS/sp");
script_exclude_keys("Host/EulerOS/uvp_version");
exit(0);
}
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var release = get_kb_item("Host/EulerOS/release");
if (isnull(release) || release !~ "^EulerOS") audit(AUDIT_OS_NOT, "EulerOS");
var uvp = get_kb_item("Host/EulerOS/uvp_version");
if (release !~ "^EulerOS release 2\.0(\D|$)") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");
var sp = get_kb_item("Host/EulerOS/sp");
if (isnull(sp) || sp !~ "^(9)$") audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9");
if (!empty_or_null(uvp)) audit(AUDIT_OS_NOT, "EulerOS 2.0 SP9", "EulerOS UVP " + uvp);
if (!get_kb_item("Host/EulerOS/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "aarch64" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "EulerOS", cpu);
if ("aarch64" >!< cpu) audit(AUDIT_ARCH_NOT, "aarch64", cpu);
var flag = 0;
var pkgs = [
"dpdk-19.11-0.h27.eulerosv2r9",
"dpdk-tools-19.11-0.h27.eulerosv2r9"
];
foreach (var pkg in pkgs)
if (rpm_check(release:"EulerOS-2.0", sp:"9", reference:pkg)) flag++;
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_HOLE,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "dpdk");
}
Data
Build on a solid foundation with Vulners data
We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data
Api
Power your application with Vulners API
The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access
App
Assess and manage vulnerabilities with Vulners tools
Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation