Описание
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2020-10726
- https://bugs.dpdk.org/show_bug.cgi?id=271
- https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10726
- https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4
- https://www.openwall.com/lists/oss-security/2020/05/18/2
- https://www.oracle.com/security-alerts/cpujan2021.html
- http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html
Связанные уязвимости
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
A vulnerability was found in DPDK versions 19.11 and above. A maliciou ...
Уязвимость модуля vhost-user набора библиотек и драйверов для быстрой обработки пакетов dpdk, позволяющая нарушителю вызвать отказ в обслуживании