DEBIAN-CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

DPDK 安全漏洞

DPDK is a data plane development kit for Linux-based platforms. The product supports execution of packet processing on multiple CPU architectures. A security vulnerability exists in DPDK. An attacker exploits the vulnerability to trigger a denial-of-service attack...

PT-2022-4522 · Mellanox +7 · Mlnx Dpdk +7

Name of the Vulnerable Software and Affected Versions: MLNX DPDK affected versions not specified Description: The issue is related to improper error recovery handling in the network stack, which can allow a remote attacker to cause denial of service and potentially impact data integrity and...

CVE-2022-34844

In BIG-IP Versions 16.1.x before 16.1.3.1 and 15.1.x before 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit DPDK/Elastic Network Adapter ENA driver is used with BIG-IP or BIG-IQ on Amazon Web Services AWS systems, undisclosed traffic can cause the Traffic Management...

Fedora: Security Advisory for golang-github-haproxytech-dataplaneapi (FEDORA-2022-ea8f4e232d)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] Fedora 36 Update: golang-github-haproxytech-dataplaneapi-2.4.4-5.fc36

HAProxy Data Plane API...

Fedora: Security Advisory for golang-github-haproxytech-dataplaneapi (FEDORA-2022-fae3ecee19)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 36 Update: golang-github-haproxytech-dataplaneapi-2.4.4-4.fc36

HAProxy Data Plane API...

DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash

A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability...

DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash

A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability...

dpdk: sending vhost-user-inflight type messages could lead to DoS

A flaw was found in dpdk, which allows a malicious primary vhost-user to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the secondary vhost-user. By sending such messages continuously, the primary vhost-user...

DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash

A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability...

[SECURITY] Fedora 36 Update: golang-github-haproxytech-dataplaneapi-2.4.4-3.fc36

HAProxy Data Plane API...

USN-5401-1 dpdk vulnerabilities

Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. CVE-2021-3839 It was discovered that DPDK incorrectly handled inflight type messages. An attacker...

UBUNTU-CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

DPDK 缓冲区错误漏洞

DPDK is a data plane development kit for Linux-based platforms. The product supports execution of packet processing on multiple CPU architectures. A security vulnerability exists in DPDK, which stems from the function vhostusersetinflightfd that does not validate msg-payload.inflight.numqueues,...

DPDK 资源管理错误漏洞

DPDK is a data plane development kit for Linux-based platforms. The product supports execution of packet processing on multiple CPU architectures. DPDK suffers from a Resource Management Error vulnerability that stems from DPDK incorrectly checking for certain payloads. An attacker exploiting thi...

Fedora: Security Advisory for golang-github-haproxytech-dataplaneapi (FEDORA-2022-3a63897745)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Cisco IOS XR Software for ASR 9000 Series Routers Lightspeed Plus Line Cards DoS (cisco-sa-lsplus-Z6AQEOjk)

According to its self-reported version, Cisco IOS XR is affected by denial of service vulnerability due to a vulnerability in the data plane microcode of Lightspeed-Plus line cards that cause the line card to reset. An unauthenticated, remote attacker can exploit these by sending a specific IPv4 ...

CVE-2022-20714

CVE-2022-20714 affects Cisco IOS XR on ASR 9000 Series Lightspeed-Plus line cards (e.g., ASR 9902/9903). The issue is in the data plane microcode where malformed IPv4/IPv6 packets can trigger a line card reset, causing DoS for traffic traversing the card. Exploitation requires no authentication. ...