Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2019-14818

Published: 14/11/2019 Updated: 07/11/2023
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 445
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Dpdk

Vulnerability Summary

A flaw was found in all dpdk version 17.x.x prior to 17.11.8, 16.x.x prior to 16.11.10, 18.x.x prior to 18.11.4 and 19.x.x prior to 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

dpdk data plane development kit

redhat enterprise linux fast datapath 7.0

redhat openstack 10

redhat enterprise linux fast datapath 8.0

redhat virtualization eus 4.2

fedoraproject fedora 31

Vendor Advisories

Ubuntu Security Notice: dpdk vulnerability
DPDK could be made to consume resources if it received specially crafted input ...
Debian Security Advisories: DSA-4567-1 dpdk -- security update
It was discovered that the vhost PMD in DPDK, a set of libraries for fast packet processing, was affected by memory and file descriptor leaks which could result in denial of service For the oldstable distribution (stretch), this problem has been fixed in version 16119-1+deb9u2 For the stable distribution (buster), this problem has been fixed in ...
Red Hat: Moderate: dpdk security, bug fix, and enhancement update
Synopsis Moderate: dpdk security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for dpdk is now available for Red Hat Enterprise Linux 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System ( ...
Red Hat: Moderate: openvswitch2.11 security and bug fix update
Synopsis Moderate: openvswitch211 security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for openvswitch211 is now available for Fast Datapath for RHEL 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Red Hat: Moderate: dpdk security, bug fix, and enhancement update
Synopsis Moderate: dpdk security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic An update for dpdk is now available for Red Hat Enterprise Linux 7 ExtrasRed Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring S ...
Red Hat: Moderate: openvswitch2.11 security and bug fix update
Synopsis Moderate: openvswitch211 security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for openvswitch211 is now available for Fast Datapath for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Red Hat: Moderate: openvswitch2.12 security and bug fix update
Synopsis Moderate: openvswitch212 security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for openvswitch212 is now available for Fast Datapath for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Red Hat: Moderate: openvswitch2.12 security and bug fix update
Synopsis Moderate: openvswitch212 security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for openvswitch212 is now available for Fast Datapath for RHEL 8Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring Sy ...
Red Hat: Moderate: openvswitch security and bug fix update
Synopsis Moderate: openvswitch security and bug fix update Type/Severity Security Advisory: Moderate Topic An update for openvswitch is now available for Fast Datapath for RHEL 7Red Hat Product Security has rated this update as having a security impact of Moderate A Common Vulnerability Scoring System (CV ...

References

CWE-401https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14818https://bugs.dpdk.org/show_bug.cgi?id=363https://access.redhat.com/errata/RHSA-2020:0165https://access.redhat.com/errata/RHSA-2020:0166https://access.redhat.com/errata/RHSA-2020:0168https://access.redhat.com/errata/RHSA-2020:0171https://access.redhat.com/errata/RHSA-2020:0172https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ULJ3C7OVBOEVDGSHYC3VCLSUHANGTFFP/https://usn.ubuntu.com/4189-1/https://nvd.nist.gov
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48654CVE-2024-2757authentication bypassCVE-2024-3194CVE-2024-33640CVE-2024-21111dosinsecure direct object referenceCVE-2024-21345
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook