2.9 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
51.7%
The DPDK vhost-user interface does not check to verify that all the
requested guest physical range is mapped and contiguous when performing
Guest Physical Addresses to Host Virtual Addresses translations. This may
lead to a malicious guest exposing vhost-user backend process memory. All
versions before 18.02.1 are vulnerable.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 17.10 | noarch | dpdk | < 17.05.2-0ubuntu1.1 | UNKNOWN |
ubuntu | 18.04 | noarch | dpdk | < 17.11.2-1ubuntu0.1 | UNKNOWN |
ubuntu | 18.10 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
ubuntu | 19.04 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
ubuntu | 19.10 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
ubuntu | 20.04 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
ubuntu | 20.10 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
ubuntu | 21.04 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
ubuntu | 21.10 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
ubuntu | 22.04 | noarch | dpdk | < 17.11.2-1 | UNKNOWN |
2.9 Low
CVSS2
Attack Vector
ADJACENT_NETWORK
Attack Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:A/AC:M/Au:N/C:P/I:N/A:N
6.1 Medium
CVSS3
Attack Vector
ADJACENT
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.0/AV:A/AC:H/PR:N/UI:N/S:C/C:H/I:N/A:N
0.002 Low
EPSS
Percentile
51.7%