CVE-2018-1059

🗓️ 24 Apr 2018 00:00:00Reported by ubuntu.comType

The DPDK vhost-user interface does not verify requested guest physical range, potentially exposing vhost-user backend process memory

Reporter	Title	Published	Views	Family All 60
CNVD	DPDK Memory Disclosure Vulnerability	26 Apr 201800:00	–	cnvd
CVE	CVE-2018-1059	24 Apr 201818:00	–	cve
Cvelist	CVE-2018-1059	24 Apr 201818:00	–	cvelist
Debian CVE	CVE-2018-1059	24 Apr 201818:00	–	debiancve
EUVD	EUVD-2018-11712	7 Oct 202500:30	–	euvd
Fedora	[SECURITY] Fedora 28 Update: dpdk-17.11.2-1.fc28	25 May 201815:06	–	fedora
Tenable Nessus	Fedora 28 : 2:dpdk (2018-2c965abb15)	3 Jan 201900:00	–	nessus
Tenable Nessus	MiracleLinux 7 : dpdk-17.11-11.el7 (AXSA:2018-3220:02)	16 Jan 202600:00	–	nessus
Tenable Nessus	openSUSE Security Update : dpdk (openSUSE-2018-1484)	7 Dec 201800:00	–	nessus
Tenable Nessus	openSUSE Security Update : dpdk-thunderxdpdk (openSUSE-2018-558)	6 Jun 201800:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
Ubuntu	17.10	any	dpdk	17.05.2-0ubuntu1.1	dpdk_17.05.2-0ubuntu1.1_any.deb
Ubuntu	18.04	any	dpdk	17.11.2-1ubuntu0.1	dpdk_17.11.2-1ubuntu0.1_any.deb
Ubuntu	18.10	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb
Ubuntu	19.04	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb
Ubuntu	19.10	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb
Ubuntu	20.04	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb
Ubuntu	20.10	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb
Ubuntu	21.04	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb
Ubuntu	21.10	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb
Ubuntu	22.04	any	dpdk	17.11.2-1	dpdk_17.11.2-1_any.deb

Source	Link
access	www.access.redhat.com/security/cve/cve-2018-1059
ubuntu	www.ubuntu.com/security/notices/USN-3642-1
ubuntu	www.ubuntu.com/security/notices/USN-3642-2
cve	www.cve.org/CVERecord

18 Aug 2025 17:07Current

6.7Medium risk

Vulners AI Score6.7

CVSS 22.9

CVSS 36.1

EPSS0.00878