Astra Linux - уязвимость в dpdk

A flaw was discovered in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as auxiliary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By continuously sending such messages, the malicious...

OPENSUSE-SU-2026:20148-1 Security update for dpdk

This update for dpdk fixes the following issues: Update to version 24.11.4. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other issues fixed...

SUSE-SU-2026:20055-1 Security update for dpdk

This update for dpdk fixes the following issues: Update to version 22.11.10. Security issues fixed: - CVE-2025-23259: issue in the Poll Mode Driver PMD allows an attacker on a VM in the system to leak information and cause a denial of service on the network interface bsc1254161. Other updates and...

SUSE SLES15 / openSUSE 15 Security Update : dpdk (SUSE-SU-2025:4254-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:4254-1 advisory. - Update to version 22.11.10 - CVE-2025-23259: Fixed an out-of-order completions in ordinary Rx burst. bsc1254161 Tenable has...

Security update for dpdk

This update for dpdk fixes the following issues: Update to version 22.11.10 CVE-2025-23259: Fixed an out-of-order completions in ordinary Rx burst. bsc1254161 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

ROS-20251111-03

Vulnerability of mlx5 driver Poll Mode Driver of DPDK package is related to incorrect data processing when working with Mellanox network devices. with Mellanox network devices. Exploitation of the vulnerability could allow an attacker, remotely to cause information disclosure or denial of service...

CLSA-2025-1762538077 dpdk: Fix of CVE-2024-11614

CVE-2024-11614: add bounds check in vhostdequeueoffload to prevent checksum computation overflow...

Ubuntu 22.04 LTS / 24.04 LTS / 25.04 : DPDK vulnerability (USN-7816-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.04 host has packages installed that are affected by a vulnerability as referenced in the USN-7816-1 advisory. It was discovered that DPDK incorrectly handled the mlx5 Ethernet poll mode driver. An attacker could possibly use this issue to obtain...

A memory corruption issue was found in DPDK versions 17.05 and above

...

OESA-2025-1029 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

OESA-2025-1001 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

AZL-54455 CVE-2024-11614 affecting package dpdk for versions less than 23.11.3-1

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

SUSE CVE-2022-28199

NVIDIA's distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

SUSE CVE-2020-14376

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying ivdata from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and integrity as well as syst...

SUSE CVE-2021-3839

A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability...

dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK...

dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK...

dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK...

CVE-2022-2132

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK...

DPDK 输入验证错误漏洞

DPDK is a data plane development kit for Linux-based platforms. The product supports execution of packet processing on multiple CPU architectures. DPDK suffers from a security vulnerability that originates from an attacker being able to cause a denial of service by causing a fatal error via the...