Описание
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in dpdk. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Отчет
This flaw does not affect the versions of dpdk as shipped with Red Hat Enterprise Linux 7 and 8 or the versions embedded in Red Hat Virtualization or the Fast Datapath openvswitch package, as they do not enable generic crypto device library support. This causes the vulnerable code in vhost_crypto.c to not be included.
This flaw does not affect Red Hat Ceph Storage 3 and 4 as dpdk (embedded in ceph source rpm) is not built in the packages, therefore the vulnerable code is not available in the resulting RPM and the issue cannot be exploited.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Fast Datapath for RHEL 7 | openvswitch | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.10 | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.11 | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.12 | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.13 | Not affected | ||
| Fast Datapath for RHEL 8 | openvswitch2.11 | Not affected | ||
| Fast Datapath for RHEL 8 | openvswitch2.12 | Not affected | ||
| Fast Datapath for RHEL 8 | openvswitch2.13 | Not affected | ||
| Red Hat Ceph Storage 3 | ceph | Not affected | ||
| Red Hat Ceph Storage 4 | ceph | Not affected |
Показывать по
Дополнительная информация
Статус:
EPSS
7.8 High
CVSS3
Связанные уязвимости
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
A flaw was found in dpdk in versions before 18.11.10 and before 19.11. ...
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
EPSS
7.8 High
CVSS3