Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-14818

Опубликовано: 14 нояб. 2019
Источник: nvd
CVSS3: 7.5
CVSS3: 7.5
CVSS2: 5
EPSS Низкий

Описание

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 16.04 (включая) до 16.11.10 (исключая)
cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 17.02 (включая) до 17.11.8 (исключая)
cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 18.02 (включая) до 18.11.4 (исключая)
cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 19.02 (включая) до 19.08.1 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:redhat:enterprise_linux_fast_datapath:7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:enterprise_linux_fast_datapath:8.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization_eus:4.2:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:o:fedoraproject:fedora:31:*:*:*:*:*:*:*

EPSS

Процентиль: 78%
0.01168
Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401
CWE-401

Связанные уязвимости

ubuntu логотип

CVE-2019-14818

CVSS3: 7.5
ubuntu
около 6 лет назад

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.

redhat логотип

CVE-2019-14818

CVSS3: 7.5
redhat
около 6 лет назад

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.

debian логотип

CVE-2019-14818

CVSS3: 7.5
debian
около 6 лет назад

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x bef ...

suse-cvrf логотип

SUSE-SU-2020:0439-1

suse-cvrf
почти 6 лет назад

Security update for dpdk

suse-cvrf логотип

SUSE-SU-2020:0412-1

suse-cvrf
почти 6 лет назад

Security update for dpdk

EPSS

Процентиль: 78%
0.01168
Низкий

7.5 High

CVSS3

7.5 High

CVSS3

5 Medium

CVSS2

Дефекты

CWE-401
CWE-401