Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2020-14375

Опубликовано: 30 сент. 2020
Источник: nvd
CVSS3: 7.8
CVSS2: 4.4
EPSS Низкий

Описание

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 18.02.1 (включая) до 18.11.10 (исключая)
cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 19.02 (включая) до 19.11.5 (исключая)
Конфигурация 2

Одно из

cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*

EPSS

Процентиль: 15%
0.00048
Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-367
CWE-367

Связанные уязвимости

ubuntu логотип

CVE-2020-14375

CVSS3: 7.8
ubuntu
больше 5 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

redhat логотип

CVE-2020-14375

CVSS3: 7.8
redhat
больше 5 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

debian логотип

CVE-2020-14375

CVSS3: 7.8
debian
больше 5 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...

github логотип

GHSA-m65p-x8wx-282m

github
больше 3 лет назад

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

suse-cvrf логотип

openSUSE-SU-2020:1599-1

suse-cvrf
больше 5 лет назад

Security update for dpdk

EPSS

Процентиль: 15%
0.00048
Низкий

7.8 High

CVSS3

4.4 Medium

CVSS2

Дефекты

CWE-367
CWE-367