410 matches found
RHEL 9 : dpdk (RHSA-2025:0208)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0208 advisory. The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space...
Security update for dpdk
This update for dpdk fixes the following issues: CVE-2024-11614: Fixed Denial Of Service from malicious guest on hypervisors using DPDK Vhost library bsc1234718 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...
OESA-2025-1003 dpdk security update
The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...
OESA-2025-1002 dpdk security update
The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...
OESA-2025-1001 dpdk security update
The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...
OESA-2024-2599 dpdk security update
The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...
Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library
...
The vulnerability of the rte_raw_cksum_mbuf() function in the vhost library, part of the libraries and drivers for fast packet processing by DPDK, allows a attacker to cause a service failure.
The vulnerability of the rterawcksummbuf function in the vhost library, which is part of the DPDK toolkit for fast packet processing, stems from a failure to properly manage the output beyond the buffer in memory when calculating the checksum. Exploiting this vulnerability could allow an attacker...
SUSE CVE-2024-11614
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
USN-7178-1 dpdk vulnerability
It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's vSwitch to crash, resulting in a denial of service...
CVE-2024-53269 Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy
Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy Eyeballs sorting algorithm will crash in data plane. This issue has been addressed in releases 1.32.2, 1.31.4, and 1.30.8. Users are advised to upgrade. Users unable to...
AZL-54455 CVE-2024-11614 affecting package dpdk for versions less than 23.11.3-1
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
Envoy Proxy 安全漏洞
Envoy Proxy is a cloud-native, high-performance edge/intermediate/service proxy open-sourced by Envoy Proxy. A security vulnerability exists in Envoy Proxy that stems from a sorting algorithm that crashes in the data plane when other addresses are not IP addresses...
UBUNTU-CVE-2024-11614
An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...
DPDK Vhost Library 缓冲区错误漏洞
The DPDK Vhost Library is a library of user-space implementations of the vhost protocol from the DPDK organization. A buffer error vulnerability exists in the DPDK Vhost Library, which stems from the presence of a buffer overflow vulnerability that could result in a denial of service or arbitrary...
CVE-2024-2551
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service DoS condition. Repeated attempts to trigger this...
CVE-2024-2551
A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service DoS condition. Repeated attempts to trigger this...
Palo Alto Networks PAN-OS 代码问题漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A code issue vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of a null pointer dereference, which allows an unauthenticated attacker to crash the PAN-...
Palo Alto Networks PAN-OS 代码问题漏洞
Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A code issue vulnerability exists in Palo Alto Networks PAN-OS, which stems from a null pointer dereference vulnerability that could allow an attacker to send specially crafted...
Making Sense of Kubernetes Initial Access Vectors Part 2 - Data Plane
Learn about Kubernetes data plane access, including applications running on the cluster, container images, and execution-as-a-service workload types...