Lucene search
K

410 matches found

Tenable Nessus
Tenable Nessus
added 2025/01/09 12:0 a.m.8 views

RHEL 9 : dpdk (RHSA-2025:0208)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0208 advisory. The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space...

7.4CVSS7.3AI score0.00551EPSS
Exploits0References4
SUSE Linux
SUSE Linux
added 2025/01/06 10:38 a.m.1 views

Security update for dpdk

This update for dpdk fixes the following issues: CVE-2024-11614: Fixed Denial Of Service from malicious guest on hypervisors using DPDK Vhost library bsc1234718 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch"...

7.4CVSS7.8AI score0.00551EPSS
Exploits0References4
OSV
OSV
added 2025/01/03 12:54 p.m.4 views

OESA-2025-1003 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

7.4CVSS6.7AI score0.00551EPSS
Exploits0References2
OSV
OSV
added 2025/01/03 12:54 p.m.3 views

OESA-2025-1002 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

7.4CVSS6.7AI score0.00551EPSS
Exploits0References2
OSV
OSV
added 2025/01/03 12:54 p.m.4 views

OESA-2025-1001 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

7.4CVSS6.7AI score0.00551EPSS
Exploits0References2
OSV
OSV
added 2024/12/27 12:33 p.m.4 views

OESA-2024-2599 dpdk security update

The Data Plane Development Kit is a set of libraries and drivers for fast packet processing in the user space. Security Fixes: An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the...

7.4CVSS6.7AI score0.00551EPSS
Exploits0References2
Microsoft CVE
Microsoft CVE
added 2024/12/24 8:0 a.m.6 views

Dpdk: denial of service from malicious guest on hypervisors using dpdk vhost library

...

7.4CVSS7.1AI score0.00551EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/12/24 12:0 a.m.6 views

The vulnerability of the rte_raw_cksum_mbuf() function in the vhost library, part of the libraries and drivers for fast packet processing by DPDK, allows a attacker to cause a service failure.

The vulnerability of the rterawcksummbuf function in the vhost library, which is part of the DPDK toolkit for fast packet processing, stems from a failure to properly manage the output beyond the buffer in memory when calculating the checksum. Exploiting this vulnerability could allow an attacker...

7.4CVSS7.3AI score0.00551EPSS
Exploits0References6Affected Software2
SUSE CVE
SUSE CVE
added 2024/12/20 4:18 a.m.4 views

SUSE CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS6.8AI score0.00551EPSS
Exploits0References9
OSV
OSV
added 2024/12/19 2:10 p.m.8 views

USN-7178-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's vSwitch to crash, resulting in a denial of service...

7.4CVSS5.8AI score0.00551EPSS
Exploits0References2
OSV
OSV
added 2024/12/18 7:12 p.m.6 views

CVE-2024-53269 Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy Eyeballs sorting algorithm will crash in data plane. This issue has been addressed in releases 1.32.2, 1.31.4, and 1.30.8. Users are advised to upgrade. Users unable to...

4.5CVSS4.9AI score0.00671EPSS
Exploits1References4
OSV
OSV
added 2024/12/18 9:15 a.m.5 views

AZL-54455 CVE-2024-11614 affecting package dpdk for versions less than 23.11.3-1

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS7.1AI score0.00551EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/12/18 12:0 a.m.5 views

Envoy Proxy 安全漏洞

Envoy Proxy is a cloud-native, high-performance edge/intermediate/service proxy open-sourced by Envoy Proxy. A security vulnerability exists in Envoy Proxy that stems from a sorting algorithm that crashes in the data plane when other addresses are not IP addresses...

7.5CVSS4.9AI score0.00671EPSS
Exploits1References4
OSV
OSV
added 2024/12/18 12:0 a.m.6 views

UBUNTU-CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

7.4CVSS5.8AI score0.00551EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/12/17 12:0 a.m.2 views

DPDK Vhost Library 缓冲区错误漏洞

The DPDK Vhost Library is a library of user-space implementations of the vhost protocol from the DPDK organization. A buffer error vulnerability exists in the DPDK Vhost Library, which stems from the presence of a buffer overflow vulnerability that could result in a denial of service or arbitrary...

7.4CVSS8AI score0.00551EPSS
Exploits0References5
OSV
OSV
added 2024/11/14 10:15 a.m.5 views

CVE-2024-2551

A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service DoS condition. Repeated attempts to trigger this...

7.5CVSS5.8AI score0.00482EPSS
Exploits0References1
NVD
NVD
added 2024/11/14 10:15 a.m.23 views

CVE-2024-2551

A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service DoS condition. Repeated attempts to trigger this...

8.7CVSS0.00482EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.4 views

Palo Alto Networks PAN-OS 代码问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A code issue vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of a null pointer dereference, which allows an unauthenticated attacker to crash the PAN-...

8.7CVSS6.7AI score0.0043EPSS
Exploits0References2
CNNVD
CNNVD
added 2024/11/14 12:0 a.m.5 views

Palo Alto Networks PAN-OS 代码问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A code issue vulnerability exists in Palo Alto Networks PAN-OS, which stems from a null pointer dereference vulnerability that could allow an attacker to send specially crafted...

8.7CVSS7.4AI score0.00482EPSS
Exploits0References2
Wiz blog
Wiz blog
added 2024/11/13 5:4 p.m.7 views

Making Sense of Kubernetes Initial Access Vectors Part 2 - Data Plane

Learn about Kubernetes data plane access, including applications running on the cluster, container images, and execution-as-a-service workload types...

7.2AI score
Exploits0
Rows per page
Query Builder