Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

Re: [dpdk-dev] [oss-security] DPDK security advisory for multiple vhost crypto issues

Related Vulnerabilities: CVE-2020-14377   CVE-2020-14378   CVE-2020-14374   CVE-2020-14375   CVE-2020-14376  
Source 
                On Mon, Jan 4, 2021 at 12:29 PM Ferruh Yigit <ferruh.yigit () intel com> wrote:

Thank you for the timely reply. With regard to CVE-2020-14377, the
Scope metric was rated differently by NIST [1] hence my initial
question.

[1] https://nvd.nist.gov/vuln/detail/CVE-2020-14377

kind of guest-to-host compromise, which usually implies a Scope change
(or at least, this holds true for QEMU flaws). Therefore I was
wondering what's the reason behind the different evaluation of the
Scope metric between CVE-2020-14377 and the others.

Regards.
--
Mauro Matteo Cascella
Red Hat Product Security
PGP-Key ID: BB3410B0

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started