Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2018-1059

Опубликовано: 24 апр. 2018
Источник: nvd
CVSS3: 6.1
CVSS2: 2.9
EPSS Низкий

Описание

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:redhat:ceph_storage:3.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_linux_fast_datapath:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openshift:3.0:*:*:*:enterprise:*:*:*
cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия до 18.02.1 (исключая)

EPSS

Процентиль: 38%
0.0017
Низкий

6.1 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-200
CWE-200

Связанные уязвимости

ubuntu логотип

CVE-2018-1059

CVSS3: 6.1
ubuntu
почти 8 лет назад

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.

redhat логотип

CVE-2018-1059

CVSS3: 6.1
redhat
почти 8 лет назад

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.

debian логотип

CVE-2018-1059

CVSS3: 6.1
debian
почти 8 лет назад

The DPDK vhost-user interface does not check to verify that all the re ...

suse-cvrf логотип

openSUSE-SU-2018:4003-1

suse-cvrf
около 7 лет назад

Security update for dpdk

suse-cvrf логотип

openSUSE-SU-2018:1560-1

suse-cvrf
больше 7 лет назад

Security update for dpdk-thunderxdpdk

EPSS

Процентиль: 38%
0.0017
Низкий

6.1 Medium

CVSS3

2.9 Low

CVSS2

Дефекты

CWE-200
CWE-200