The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions prior to 18.02.1 are vulnerable.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
canonical ubuntu linux 17.10 |
||
canonical ubuntu linux 18.04 |
||
redhat openstack 10 |
||
redhat openstack 9 |
||
redhat ceph storage 3.0 |
||
redhat openstack 8 |
||
redhat enterprise linux fast datapath 7.0 |
||
redhat enterprise linux 7.0 |
||
redhat openshift 3.0 |
||
redhat virtualization manager 4.1 |
||
redhat virtualization 4.0 |
||
redhat openstack 12 |
||
redhat openstack 11 |
||
redhat virtualization 4.1 |
||
dpdk data plane development kit |