DPDK Data Plane Development Kit 21.08 Release Candidate 4

CPE Details

DPDK Data Plane Development Kit 21.08 Release Candidate 4
dpdk
data_plane_development_kit
21.08
2022-08-26
11h58 +00:00
2022-08-26
18h26 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:dpdk:data_plane_development_kit:21.08:rc4:*:*:*:*:*:*

Informations

Vendor

dpdk

Product

data_plane_development_kit

Version

21.08

Update

rc4

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2022-2132 2022-08-31 13h32 +00:00 A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
8.6
High
CVE-2022-0669 2022-08-29 12h03 +00:00 A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.
6.5
Medium
CVE-2021-3839 2022-08-23 13h52 +00:00 A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.
7.5
High