Описание
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in dpdk. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Отчет
This flaw does not affect the versions of dpdk as shipped with Red Hat Enterprise Linux 7 and 8 or the versions embedded in Red Hat Virtualization or the Fast Datapath openvswitch package, as they do not enable generic crypto device library support. This causes the vulnerable code in vhost_crypto.c to not be included.
This flaw does not affect Red Hat Ceph Storage 3 and 4 as dpdk (embedded in ceph source rpm) is not built in the packages, therefore the vulnerable code is not available in the resulting RPM and the issue cannot be exploited.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Fast Datapath for RHEL 7 | openvswitch | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.10 | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.11 | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.12 | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.13 | Not affected | ||
| Fast Datapath for RHEL 8 | openvswitch2.11 | Not affected | ||
| Fast Datapath for RHEL 8 | openvswitch2.12 | Not affected | ||
| Fast Datapath for RHEL 8 | openvswitch2.13 | Not affected | ||
| Red Hat Ceph Storage 3 | ceph | Not affected | ||
| Red Hat Ceph Storage 4 | ceph | Not affected |
Показывать по
Дополнительная информация
Статус:
8.8 High
CVSS3
Связанные уязвимости
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
8.8 High
CVSS3