CVE-2022-2132

Опубликовано: 31 авг. 2022

Источник: nvd

CVSS3: 8.6

EPSS Низкий

Описание

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

Ссылки

https://bugs.dpdk.org/show_bug.cgi?id=1031
Exploit
Issue Tracking
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2099475
Exploit
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html
Mailing List
Third Party Advisory
https://bugs.dpdk.org/show_bug.cgi?id=1031
Exploit
Issue Tracking
Patch
Vendor Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=2099475
Exploit
Issue Tracking
Third Party Advisory
https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html
Mailing List
Third Party Advisory

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*

Версия до 19.11 (исключая)

cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*

Версия от 20.0 (включая) до 20.11 (исключая)

cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*

Версия от 21.0 (включая) до 21.11 (исключая)

Конфигурация 2

cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:*

Конфигурация 3

cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*

Конфигурация 4

Одно из

cpe:2.3:a:redhat:enterprise_linux_fast_datapath:7.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:enterprise_linux_fast_datapath:8.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:enterprise_linux_fast_datapath:9.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:*

cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:*

EPSS

Процентиль: 68%

0.00582

Низкий

8.6 High

CVSS3

Дефекты

CWE-791

NVD-CWE-Other

Связанные уязвимости

CVE-2022-2132

CVSS3: 8.6

ubuntu

почти 3 года назад

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

CVE-2022-2132

CVSS3: 8.6

redhat

почти 3 года назад

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.

CVE-2022-2132

CVSS3: 8.6

debian

почти 3 года назад

A permissive list of allowed inputs flaw was found in DPDK. This issue ...

SUSE-SU-2024:0576-1

suse-cvrf

больше 1 года назад

Security update for dpdk

SUSE-SU-2024:0554-1

suse-cvrf

больше 1 года назад

Security update for dpdk

EPSS

Процентиль: 68%

0.00582

Низкий

8.6 High

CVSS3

Дефекты

CWE-791

NVD-CWE-Other