Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2020-10722

Опубликовано: 18 мая 2020
Источник: redhat
CVSS3: 6.7
EPSS Низкий

Описание

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

Отчет

This issue did not affect the versions of Ceph as shipped with Red Hat Ceph Storage 3 and 4, as they did not include support for DPDK.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Fast Datapath for RHEL 7openvswitch2.10Will not fix
Fast Datapath for RHEL 7openvswitch2.12Will not fix
Fast Datapath for RHEL 7openvswitch2.13Not affected
Fast Datapath for RHEL 8openvswitch2.12Will not fix
Red Hat Ceph Storage 3cephNot affected
Red Hat Ceph Storage 4cephNot affected
Red Hat OpenStack Platform 10 (Newton)openvswitchOut of support scope
Red Hat OpenStack Platform 13 (Queens)openvswitchAffected
Red Hat OpenStack Platform 15 (Stein)rhosp-openvswitchNot affected
Red Hat OpenStack Platform 16 (Train)rhosp-openvswitchNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-190
https://bugzilla.redhat.com/show_bug.cgi?id=1828867dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()

EPSS

Процентиль: 32%
0.00125
Низкий

6.7 Medium

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2020-10722

CVSS3: 5.1
ubuntu
больше 5 лет назад

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

nvd логотип

CVE-2020-10722

CVSS3: 5.1
nvd
больше 5 лет назад

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

msrc логотип

CVE-2020-10722

CVSS3: 5.1
msrc
5 месяцев назад

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

debian логотип

CVE-2020-10722

CVSS3: 5.1
debian
больше 5 лет назад

A vulnerability was found in DPDK versions 18.05 and above. A missing ...

github логотип

GHSA-63gx-gp99-wcgc

CVSS3: 6.7
github
больше 3 лет назад

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

EPSS

Процентиль: 32%
0.00125
Низкий

6.7 Medium

CVSS3