Lucene search
K

168 matches found

SUSE CVE
SUSE CVE
added 2023/02/15 4:0 a.m.4 views

SUSE CVE-2020-10726

A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOSTUSERGETINFLIGHTFD messages, causing a resource leak file descriptors and virtual memory, which may result in a denial of service...

4.4CVSS6.7AI score0.00473EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.2 views

SUSE CVE-2021-3546

An out-of-bounds write vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw occurs while processing the 'VIRTIOGPUCMDGETCAPSET' command from the guest. It could allow a privileged guest user to crash the QEMU process on t...

6.5CVSS7.5AI score0.00463EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.6 views

SUSE CVE-2021-3544

Several memory leaks were found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. They exist in contrib/vhost-user-gpu/vhost-user-gpu.c and contrib/vhost-user-gpu/virgl.c due to improper release of memory i.e., free after effective lifetime...

5CVSS7AI score0.00436EPSS
Exploits0References7
SUSE CVE
SUSE CVE
added 2023/02/15 3:49 a.m.6 views

SUSE CVE-2021-3545

An information disclosure vulnerability was found in the virtio vhost-user GPU device vhost-user-gpu of QEMU in versions up to and including 6.0. The flaw exists in virglcmdgetcapsetinfo in contrib/vhost-user-gpu/virgl.c and could occur due to the read of uninitialized memory. A malicious guest...

5CVSS6.5AI score0.00421EPSS
Exploits0References7
ATTACKERKB
ATTACKERKB
added 2022/08/29 3:15 p.m.5 views

CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.5CVSS6.7AI score0.00283EPSS
Exploits0References6
NVD
NVD
added 2022/08/29 3:15 p.m.17 views

CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.5CVSS0.00283EPSS
Exploits0References5
OSV
OSV
added 2022/08/29 3:15 p.m.1 views

DEBIAN-CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.5CVSS6.5AI score0.00283EPSS
Exploits0References1
Prion
Prion
added 2022/08/29 3:15 p.m.16 views

Denial of service

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

1.7CVSS6.5AI score0.00283EPSS
Exploits0References5Affected Software3
Cvelist
Cvelist
added 2022/08/29 2:3 p.m.23 views

CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.8AI score0.00283EPSS
Exploits0References5
CVE
CVE
added 2022/08/29 2:3 p.m.134 views

CVE-2022-0669

CVE-2022-0669 describes a denial-of-service flaw in DPDK’s vhost-user handling. A malicious vhost-user master can attach an unexpected number of file descriptors as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages not closed by the vhost-user slave, exhausting fd...

6.5CVSS6.4AI score0.00283EPSS
Exploits0References5Affected Software1
Debian CVE
Debian CVE
added 2022/08/29 2:3 p.m.56 views

CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.5CVSS6.4AI score0.00283EPSS
Exploits0
OSV
OSV
added 2022/08/29 2:3 p.m.22 views

CVE-2022-0669

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master...

6.5CVSS6.3AI score0.00283EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.51 views

EulerOS 2.0 SP10 : dpdk (EulerOS-SA-2022-2241)

According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DPDK: out-of-bounds read/write in vhostusersetinflightfd may lead to crash CVE-2021-3839 - dpdk: sending vhost-user-inflight type messages could...

7.5CVSS6.8AI score0.01259EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2022/08/17 12:0 a.m.34 views

EulerOS 2.0 SP10 : dpdk (EulerOS-SA-2022-2254)

According to the versions of the dpdk packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - DPDK: out-of-bounds read/write in vhostusersetinflightfd may lead to crash CVE-2021-3839 - dpdk: sending vhost-user-inflight type messages could...

7.5CVSS6.8AI score0.01259EPSS
Exploits0References3
OSV
OSV
added 2022/06/17 11:3 a.m.2 views

OESA-2022-1713 dpdk security update

DPDK core includes kernel modules, core libraries and tools. testpmd application allows to test fast packet processing environments on arm64 platforms. For instance, it can be used to check that environment can support fast path applications such as 6WINDGate, pktgen, rumptcpip, etc. More librari...

7.5CVSS6.8AI score0.01259EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2022/06/01 12:0 a.m.18 views

openSUSE: Security Advisory for dpdk (SUSE-SU-2022:1892-1)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

7.5CVSS7.2AI score0.01259EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2022/05/27 7:3 p.m.30 views

Moderate: Red Hat Security Advisory: openvswitch2.13 security update

An update for openvswitch2.13 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

7.5CVSS6.9AI score0.01259EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/05/27 7:3 p.m.5 views

dpdk: sending vhost-user-inflight type messages could lead to DoS

A flaw was found in dpdk, which allows a malicious primary vhost-user to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the secondary vhost-user. By sending such messages continuously, the primary vhost-user...

6.5CVSS5.7AI score0.00283EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2022/05/27 7:2 p.m.8 views

dpdk: sending vhost-user-inflight type messages could lead to DoS

A flaw was found in dpdk, which allows a malicious primary vhost-user to attach an unexpected number of fds as ancillary data to VHOSTUSERGETINFLIGHTFD / VHOSTUSERSETINFLIGHTFD messages that are not closed by the secondary vhost-user. By sending such messages continuously, the primary vhost-user...

6.5CVSS5.7AI score0.00283EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2022/05/27 12:0 a.m.38 views

RHEL 8 : openvswitch2.16 (RHSA-2022:4788)

The remote Redhat Enterprise Linux 8 host has a package installed that is affected by multiple vulnerabilities as referenced in the RHSA-2022:4788 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...

7.5CVSS7AI score0.01259EPSS
Exploits0References9
Rows per page
Query Builder