Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-14374

Опубликовано: 30 сент. 2020
Источник: nvd
CVSS3: 8.8
CVSS2: 7.2
EPSS Низкий

Описание

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 18.02.1 (включая) до 18.11.10 (исключая)
cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 19.02 (включая) до 19.11.5 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

EPSS

Процентиль: 37%
0.00159
Низкий

8.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-120
CWE-120

Связанные уязвимости

ubuntu логотип

CVE-2020-14374

CVSS3: 8.8
ubuntu
больше 5 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

redhat логотип

CVE-2020-14374

CVSS3: 8.8
redhat
больше 5 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

debian логотип

CVE-2020-14374

CVSS3: 8.8
debian
больше 5 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...

github логотип

GHSA-c3m3-jrj3-pjqx

CVSS3: 8.8
github
больше 3 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

suse-cvrf логотип

openSUSE-SU-2020:1599-1

suse-cvrf
больше 5 лет назад

Security update for dpdk

EPSS

Процентиль: 37%
0.00159
Низкий

8.8 High

CVSS3

7.2 High

CVSS2

Дефекты

CWE-120
CWE-120