Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dpdk data plane development kit vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2022-28199
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote malicious user to cause denial of service and some impact to data integrity and confiden...
Nvidia Data Plane Development Kit
1 Article
8.6
CVSSv3
CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote malicious user to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
Dpdk Data Plane Development Kit
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Enterprise Linux Fast Datapath 7.0
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openstack Platform 13.0
Redhat Enterprise Linux Fast Datapath 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Fast Datapath 9.0
6.5
CVSSv3
CVE-2022-0669
A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously,...
Dpdk Data Plane Development Kit 22.03
Dpdk Data Plane Development Kit 19.11
Dpdk Data Plane Development Kit
Openvswitch Openvswitch 2.15.0
Openvswitch Openvswitch 2.13.0
Redhat Openshift Container Platform 4.0
1 Github repository
7.5
CVSSv3
CVE-2021-3839
A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.
Dpdk Data Plane Development Kit
Dpdk Data Plane Development Kit 22.03
Fedoraproject Fedora 35
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Fast Datapath 7.0
Redhat Enterprise Linux Fast Datapath 8.0
7.5
CVSSv3
CVE-2022-34844
In BIG-IP Versions 16.1.x prior to 16.1.3.1 and 15.1.x prior to 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can ca...
F5 Big-iq Centralized Management 7.0.0
F5 Big-iq Centralized Management 8.0.0
F5 Big-iq Centralized Management 7.1.0
F5 Big-iq Centralized Management 8.1.0
F5 Big-iq Centralized Management 8.2.0
F5 Big-ip Analytics
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
7.5
CVSSv3
CVE-2021-23051
On BIG-IP versions 15.1.0.4 up to and including 15.1.3, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP on Amazon Web Services (AWS) systems, undisclosed requests can cause the Traffic Management Microkernel (TMM) to terminate. ...
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Advanced Web Application Firewall
F5 Big-ip Analytics
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Local Traffic Manager
8.8
CVSSv3
CVE-2020-14374
A flaw was found in dpdk in versions prior to 18.11.10 and prior to 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest...
Dpdk Data Plane Development Kit
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.2
7.8
CVSSv3
CVE-2020-14375
A flaw was found in dpdk in versions prior to 18.11.10 and prior to 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vho...
Dpdk Data Plane Development Kit
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.2
7.8
CVSSv3
CVE-2020-14376
A flaw was found in dpdk in versions prior to 18.11.10 and prior to 19.11.5. A lack of bounds checking when copying iv_data from the VM guest memory into host memory can lead to a large buffer overflow. The highest threat from this vulnerability is to data confidentiality and int...
Dpdk Data Plane Development Kit
Opensuse Leap 15.1
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.2
7.1
CVSSv3
CVE-2020-14377
A flaw was found in dpdk in versions prior to 18.11.10 and prior to 19.11.5. A complete lack of validation of attacker-controlled parameters can lead to a buffer over read. The results of the over read are then written back to the guest virtual machine memory. This vulnerability ...
Dpdk Data Plane Development Kit
Canonical Ubuntu Linux 20.04
Opensuse Leap 15.1
Opensuse Leap 15.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »