RHEL 7 : dpdk (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dpdk: Information exposure in unchecked guest physical to host virtual address translations CVE-2018-1059...

CentOS 9 : dpdk-21.11.2-1.el9

The remote CentOS Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the dpdk-21.11.2-1.el9 build changelog. - A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by...

Huawei EulerOS: Security Advisory for dpdk (EulerOS-SA-2022-2818)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

EulerOS 2.0 SP10 : dpdk (EulerOS-SA-2022-2843)

According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending ...

EulerOS 2.0 SP10 : dpdk (EulerOS-SA-2022-2818)

According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending ...

Oracle Linux 9 : dpdk (ELSA-2022-8263)

The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2022-8263 advisory. - Includes fixes for CVE-2022-2132 2107173 and CVE-2022-28199 2123616 Tenable has extracted the preceding description block directly from the Oracle...

AlmaLinux 9 : dpdk (ALSA-2022:8263)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:8263 advisory. - A flaw was found in the vhost library in DPDK. Function vhostusersetinflightfd does not validate msg-payload.inflight.numqueues, possibly causing...

SUSE SLES15 Security Update : dpdk (SUSE-SU-2022:3429-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3429-1 advisory. - A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service...

SUSE SLES15 Security Update : dpdk (SUSE-SU-2022:3341-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2022:3341-1 advisory. - A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service...

Cisco Releases Security Patches for New Vulnerabilities Impacting Multiple Products

Cisco on Wednesday rolled out patches to address three security flaws affecting its products, including a high-severity weakness disclosed in NVIDIA Data Plane Development Kit MLNXDPDK late last month. Tracked as CVE-2022-28199 CVSS score: 8.6, the vulnerability stems from a lack of proper error...

Vulnerability in NVIDIA Data Plane Development Kit Affecting Cisco Products: August 2022

On August 29, 2022, NVIDIA announced the following vulnerability with a medium impact: CVE-2022-28199: Security Bulletin: NVIDIA Data Plane Development Kit MLNXDPDK - August 2022 For a description of this vulnerability, see Security Bulletin: NVIDIA Data Plane Development Kit MLNXDPDK - August 20...

CVE-2022-28199

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

CVE-2022-28199

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

Design/Logic Flaw

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

CVE-2022-28199

NVIDIA’s distribution of the Data Plane Development Kit MLNXDPDK contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality...

CVE-2022-28199

In the provided connected documents, CVE-2022-28199 is tied to NVIDIA’s Data Plane Development Kit (MLNX_DPDK) with the vulnerable component in the mlx5 driver’s error recovery path. The issue is described as improper error recovery in the network stack, which can allow a remote attacker to cause...

Security Bulletin: NVIDIA Data Plane Development Kit (MLNX_DPDK) - August 2022

NVIDIA has released a software update for MLNXDPDK to address a security issue that may lead to denial of service, and some impact to data integrity and confidentiality. To protect your system, contact your NVIDIA representative to obtain the MLNXDPDK version that contains the update and install...