Astra Linux - уязвимость в dpdk

A flaw in the permissive list of allowed inputs was discovered in DPDK. This issue allows a remote attacker to trigger a denial of service by sending a crafted Vhost header to DPDK...

The vulnerability of the rte_raw_cksum_mbuf() function in the vhost library, part of the libraries and drivers for fast packet processing by DPDK, allows a attacker to cause a service failure.

The vulnerability of the rterawcksummbuf function in the vhost library, which is part of the DPDK toolkit for fast packet processing, stems from a failure to properly manage the output beyond the buffer in memory when calculating the checksum. Exploiting this vulnerability could allow an attacker...

SUSE CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

USN-4550-1 dpdk vulnerabilities

Ryan Hall discovered that DPDK incorrectly handled vhost crypto. An attacker inside a guest could use these issues to perform multiple attacks, including denial of service attacks, obtaining sensitive information from the host, and possibly executing arbitrary code on the host...