CVE-2024-11614

...

The vulnerability of the rte_raw_cksum_mbuf() function in the vhost library, part of the libraries and drivers for fast packet processing by DPDK, allows a attacker to cause a service failure.

The vulnerability of the rterawcksummbuf function in the vhost library, which is part of the DPDK toolkit for fast packet processing, stems from a failure to properly manage the output beyond the buffer in memory when calculating the checksum. Exploiting this vulnerability could allow an attacker...

SUSE CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

USN-7178-1 dpdk vulnerability

It was discovered that DPDK incorrectly handled the Vhost library checksum offload feature. An malicious guest could possibly use this issue to cause the hypervisor's vSwitch to crash, resulting in a denial of service...

CVE-2024-53269 Happy Eyeballs: Validate that additional_address are IP addresses instead of crashing when sorting in envoy

Envoy is a cloud-native high-performance edge/middle/service proxy. When additional address are not ip addresses, then the Happy Eyeballs sorting algorithm will crash in data plane. This issue has been addressed in releases 1.32.2, 1.31.4, and 1.30.8. Users are advised to upgrade. Users unable to...

AZL-54455 CVE-2024-11614 affecting package dpdk for versions less than 23.11.3-1

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

Envoy Proxy 安全漏洞

Envoy Proxy is a cloud-native, high-performance edge/intermediate/service proxy open-sourced by Envoy Proxy. A security vulnerability exists in Envoy Proxy that stems from a sorting algorithm that crashes in the data plane when other addresses are not IP addresses...

UBUNTU-CVE-2024-11614

An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using...

DPDK Vhost Library 缓冲区错误漏洞

The DPDK Vhost Library is a library of user-space implementations of the vhost protocol from the DPDK organization. A buffer error vulnerability exists in the DPDK Vhost Library, which stems from the presence of a buffer overflow vulnerability that could result in a denial of service or arbitrary...

CVE-2024-2551

A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service DoS condition. Repeated attempts to trigger this...

CVE-2024-2551

A null pointer dereference vulnerability in Palo Alto Networks PAN-OS software enables an unauthenticated attacker to stop a core system service on the firewall by sending a crafted packet through the data plane that causes a denial of service DoS condition. Repeated attempts to trigger this...

Palo Alto Networks PAN-OS 代码问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A code issue vulnerability exists in Palo Alto Networks PAN-OS that stems from the presence of a null pointer dereference, which allows an unauthenticated attacker to crash the PAN-...

Palo Alto Networks PAN-OS 代码问题漏洞

Palo Alto Networks PAN-OS is an operating system developed by Palo Alto Networks, Inc. for its firewall appliances. A code issue vulnerability exists in Palo Alto Networks PAN-OS, which stems from a null pointer dereference vulnerability that could allow an attacker to send specially crafted...

Making Sense of Kubernetes Initial Access Vectors Part 2 - Data Plane

Learn about Kubernetes data plane access, including applications running on the cluster, container images, and execution-as-a-service workload types...

PT-2024-8343 · Palo Alto Networks · Pan-Os

Name of the Vulnerable Software and Affected Versions: PAN-OS affected versions not specified Description: The issue is related to a null pointer dereference vulnerability in the PAN-OS software, which enables an unauthenticated attacker to stop a core system service on the firewall by sending a...

CVE-2024-9468

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service DoS condition. Repeated attempts to trigger this condition will result in PAN-OS entering...

CVE-2024-9468

CVE-2024-9468 is a memory corruption vulnerability in Palo Alto Networks PAN-OS that allows an unauthenticated attacker to crash PAN-OS via a crafted data-plane packet, causing a denial-of-service and maintenance-mode state. Affected: PAN-OS software (data plane handling). Root cause: memory corr...

PAN-OS: Firewall Denial of Service (DoS) via a Maliciously Crafted Packet

A memory corruption vulnerability in Palo Alto Networks PAN-OS software allows an unauthenticated attacker to crash PAN-OS due to a crafted packet through the data plane, resulting in a denial of service DoS condition. Repeated attempts to trigger this condition will result in PAN-OS entering...

The vulnerability of the vhost_user_set_inflight_fd() function in the set of libraries and drivers for DPDK’s fast packet processing allows a attacker to cause a service failure.

The vulnerability of the vhostusersetinflightfd function in the set of libraries and drivers for the DPDK fast packet processing framework is related to reading data from buffers beyond their acceptable limits. Exploiting this vulnerability allows a remote attacker to cause service interruptions...

The vulnerability of the set of libraries and drivers for DPDK’s fast processing, related to uncontrolled resource consumption, allows a hacker to cause a service failure.

The vulnerability of the toolkit for fast packet processing DPDK involves an uncontrolled consumption of resources. Exploiting this vulnerability allows a attacker to cause service failures...