Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2022-0669

Опубликовано: 29 авг. 2022
Источник: nvd
CVSS3: 6.5
EPSS Низкий

Описание

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*
Версия от 20.02 (включая) до 22.03 (исключая)
cpe:2.3:a:dpdk:data_plane_development_kit:19.11:*:*:*:*:*:*:*
cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc1:*:*:*:*:*:*
cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc2:*:*:*:*:*:*
cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc3:*:*:*:*:*:*
cpe:2.3:a:dpdk:data_plane_development_kit:19.11:rc4:*:*:*:*:*:*
cpe:2.3:a:dpdk:data_plane_development_kit:22.03:rc1:*:*:*:*:*:*
cpe:2.3:a:dpdk:data_plane_development_kit:22.03:rc2:*:*:*:*:*:*
cpe:2.3:a:dpdk:data_plane_development_kit:22.03:rc3:*:*:*:*:*:*
Конфигурация 2

Одно из

cpe:2.3:a:openvswitch:openvswitch:2.13.0:*:*:*:*:*:*:*
cpe:2.3:a:openvswitch:openvswitch:2.15.0:*:*:*:*:*:*:*
Конфигурация 3
cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

EPSS

Процентиль: 34%
0.0014
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-400
NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2022-0669

CVSS3: 6.5
ubuntu
больше 3 лет назад

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.

redhat логотип

CVE-2022-0669

CVSS3: 6.5
redhat
почти 4 года назад

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.

debian логотип

CVE-2022-0669

CVSS3: 6.5
debian
больше 3 лет назад

A flaw was found in dpdk. This flaw allows a malicious vhost-user mast ...

github логотип

GHSA-4vw6-hh56-rxvj

CVSS3: 6.5
github
больше 3 лет назад

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.

fstec логотип

BDU:2024-07307

CVSS3: 6.5
fstec
около 4 лет назад

Уязвимость набора библиотек и драйверов для быстрой обработки пакетов DPDK, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 34%
0.0014
Низкий

6.5 Medium

CVSS3

Дефекты

CWE-400
NVD-CWE-noinfo