Home

CVE-2019-14818

Description

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition.

Risk Information

Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
1.137

Associated Vulnerability

VulnerabilityOS Platform
dpdk security update(DSA-4567-1) dpdk_16.11.9-1+deb9u2_i386.debLinux
dpdk security update(DSA-4567-1) dpdk_16.11.9-1+deb9u2_amd64.debLinux
dpdk security update(DSA-4567-1) dpdk_18.11.2-2+deb10u2_amd64.debLinux
set of libraries for fast packet processing (USN-4189-1) dpdk_17.11.8-0~ubuntu18.04.2_i386.debLinux
set of libraries for fast packet processing (USN-4189-1) dpdk_17.11.8-0~ubuntu18.04.2_amd64.debLinux
set of libraries for fast packet processing (USN-4189-1) dpdk_18.11.4-1ubuntu0.19.04.1_i386.debLinux
set of libraries for fast packet processing (USN-4189-1) dpdk_18.11.4-1ubuntu0.19.04.1_amd64.debLinux
set of libraries for fast packet processing (USN-4189-1) dpdk_18.11.4-1ubuntu0.19.10.1_i386.debLinux
set of libraries for fast packet processing (USN-4189-1) dpdk_18.11.4-1ubuntu0.19.10.1_amd64.debLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-17.11.7-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-debuginfo-17.11.7-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-debugsource-17.11.7-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-kmp-default-17.11.7_k4.12.14_95.37-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-kmp-default-debuginfo-17.11.7_k4.12.14_95.37-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-tools-17.11.7-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-tools-debuginfo-17.11.7-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) libdpdk-17_11-17.11.7-5.3.2.x86_64.rpmLinux
SUSE-SU-2019:3032-1(SUSE Linux Enterprise Server 12-SP4 ) libdpdk-17_11-debuginfo-17.11.7-5.3.2.x86_64.rpmLinux
(RHSA-2020:1226) dpdk security, bug fix, and enhancement update dpdk-18.11.5-1.el7_8.x86_64.rpmLinux
(RHSA-2020:1226) dpdk security, bug fix, and enhancement update dpdk-devel-18.11.5-1.el7_8.x86_64.rpmLinux
(RHSA-2020:1226) dpdk security, bug fix, and enhancement update dpdk-doc-18.11.5-1.el7_8.noarch.rpmLinux
(RHSA-2020:1226) dpdk security, bug fix, and enhancement update dpdk-tools-18.11.5-1.el7_8.x86_64.rpmLinux
(RHSA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-19.11-4.el8.x86_64.rpmLinux
(RHSA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-debugsource-19.11-4.el8.x86_64.rpmLinux
(RHSA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-devel-19.11-4.el8.x86_64.rpmLinux
(RHSA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-doc-19.11-4.el8.noarch.rpmLinux
(RHSA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-tools-19.11-4.el8.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-17.11.7-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-debuginfo-17.11.7-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-debugsource-17.11.7-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-kmp-default-17.11.7_k4.12.14_95.51-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-kmp-default-debuginfo-17.11.7_k4.12.14_95.51-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-tools-17.11.7-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) dpdk-tools-debuginfo-17.11.7-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) libdpdk-17_11-17.11.7-5.6.2.x86_64.rpmLinux
SUSE-SU-2020:1430-1(SUSE Linux Enterprise Server 12-SP4 ) libdpdk-17_11-debuginfo-17.11.7-5.6.2.x86_64.rpmLinux
(CESA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-19.11-4.el8.x86_64.rpmLinux
(CESA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-devel-19.11-4.el8.x86_64.rpmLinux
(CESA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-doc-19.11-4.el8.noarch.rpmLinux
(CESA-2020:1735) dpdk security, bug fix, and enhancement update dpdk-tools-19.11-4.el8.x86_64.rpmLinux

Patch Details

No records found

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234