Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
dpdk data plane development kit vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2020-10726
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of s...
Dpdk Data Plane Development Kit
Fedoraproject Fedora 32
Opensuse Leap 15.1
Oracle Enterprise Communications Broker 3.1.0
Oracle Enterprise Communications Broker 3.2.0
2.1
CVSSv2
CVE-2020-10724
A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.
Dpdk Data Plane Development Kit
Canonical Ubuntu Linux 18.04
Canonical Ubuntu Linux 19.10
Fedoraproject Fedora 32
Canonical Ubuntu Linux 20.04
NA
CVE-2022-28199
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote malicious user to cause denial of service and some impact to data integrity and confiden...
Nvidia Data Plane Development Kit
1 Article
NA
CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote malicious user to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
Dpdk Data Plane Development Kit
Fedoraproject Fedora 36
Debian Debian Linux 10.0
Redhat Enterprise Linux 7.0
Redhat Virtualization 4.0
Redhat Enterprise Linux Fast Datapath 7.0
Redhat Enterprise Linux 8.0
Redhat Openshift Container Platform 4.0
Redhat Openstack Platform 13.0
Redhat Enterprise Linux Fast Datapath 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Fast Datapath 9.0
NA
CVE-2022-0669
A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously,...
Dpdk Data Plane Development Kit 22.03
Dpdk Data Plane Development Kit 19.11
Dpdk Data Plane Development Kit
Openvswitch Openvswitch 2.15.0
Openvswitch Openvswitch 2.13.0
Redhat Openshift Container Platform 4.0
1 Github repository
NA
CVE-2021-3839
A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.
Dpdk Data Plane Development Kit
Dpdk Data Plane Development Kit 22.03
Fedoraproject Fedora 35
Redhat Enterprise Linux 7.0
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
Redhat Enterprise Linux Fast Datapath 7.0
Redhat Enterprise Linux Fast Datapath 8.0
NA
CVE-2022-34844
In BIG-IP Versions 16.1.x prior to 16.1.3.1 and 15.1.x prior to 15.1.6.1, and all versions of BIG-IQ 8.x, when the Data Plane Development Kit (DPDK)/Elastic Network Adapter (ENA) driver is used with BIG-IP or BIG-IQ on Amazon Web Services (AWS) systems, undisclosed traffic can ca...
F5 Big-iq Centralized Management 7.0.0
F5 Big-iq Centralized Management 8.0.0
F5 Big-iq Centralized Management 7.1.0
F5 Big-iq Centralized Management 8.1.0
F5 Big-iq Centralized Management 8.2.0
F5 Big-ip Analytics
F5 Big-ip Link Controller
F5 Big-ip Access Policy Manager
F5 Big-ip Advanced Firewall Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Application Security Manager
F5 Big-ip Domain Name System
F5 Big-ip Fraud Protection Service
F5 Big-ip Global Traffic Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Policy Enforcement Manager
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege escalation
CVE-2024-20696
CVE-2024-29829
CVE-2024-33999
CVE-2024-35646
physical
CVE-2024-24919
CVE-2024-31030
local users
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2