Debian Bug report logs -
#1010641
dpdk: CVE-2021-3839 and CVE-2022-0669
Package:
src:dpdk;
Maintainer for src:dpdk is Debian DPDK Maintainers <pkg-dpdk-devel@listsaliothdebianorg>;
Reported by: Luca Boccassi <bluca@debianorg>
Date: Thu, 5 May 2022 21:27:01 UTC
Severity: serious
Tags: security, upstream
Found in ...
Several security issues were fixed in DPDK ...
Two vulnerabilities were discovered in the vhost code of DPDK, a set of
libraries for fast packet processing, which could result in denial of
service or the execution of arbitrary code
The oldstable distribution (buster) is not affected
For the stable distribution (bullseye), these problems have been fixed in
version 20115-1~deb11u1
We recomme ...
Synopsis
Important: dpdk security and bug fix update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for dpdk is now available for Red Hat Enterprise Linux 9Red Hat Product Security has rated this update as hav ...
Synopsis
Moderate: openvswitch216 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for openvswitch216 is now available in Fast Datapath for Red HatEnterprise Linux 8Red Hat Product Security has ...
Synopsis
Moderate: openvswitch215 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for openvswitch215 is now available in Fast Datapath for Red HatEnterprise Linux 8Red Hat Product Security has ...
Synopsis
Moderate: openvswitch213 security update
Type/Severity
Security Advisory: Moderate
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory
View affected systems
Topic
An update for openvswitch213 is now available in Fast Datapath for Red HatEnterprise Linux 8Red Hat Product Security has ...
A flaw was found in the vhost library in DPDK Function vhost_user_set_inflight_fd() does not validate `msg-&gt;payloadinflightnum_queues`, possibly causing out-of-bounds memory read/write Any software using DPDK vhost library may crash as a result of this vulnerability ...
In function vhost_user_set_inflight_fd() which is in DPDK Vhost library, msg->payloadinflightnum_queues doesn't get checked to determine if it's out of bounds So it could cause the program to write/read out of boundary And in the end the software using DPDK Vhost library may crash ...