ALT-PU-2023-1805-1
Closed vulnerabilities
Published: 2022-08-29
BDU:2022-05391
Уязвимость драйвера mlx5 набора библиотек и драйверов для быстрой обработки пакетов dpdk, позволяющая науршителю вызвать отказ в обслуживании
Severity: MEDIUM (6.5)
Vector: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2022-08-31
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-2132
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
Severity: HIGH (8.6)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
References:
- https://bugs.dpdk.org/show_bug.cgi?id=1031
- https://bugs.dpdk.org/show_bug.cgi?id=1031
- https://bugzilla.redhat.com/show_bug.cgi?id=2099475
- https://bugzilla.redhat.com/show_bug.cgi?id=2099475
- [debian-lts-announce] 20220902 [SECURITY] [DLA 3092-1] dpdk security update
- [debian-lts-announce] 20220902 [SECURITY] [DLA 3092-1] dpdk security update
Published: 2022-09-01
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2022-28199
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality.
Severity: MEDIUM (6.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
References:
- [oss-security] 20220906 Re: CVE-2022-28199: DPDK mlx5 driver error recovery handling vulnerability
- [oss-security] 20220906 Re: CVE-2022-28199: DPDK mlx5 driver error recovery handling vulnerability
- https://nvidia.custhelp.com/app/answers/detail/a_id/5389
- https://nvidia.custhelp.com/app/answers/detail/a_id/5389
- 20220907 Vulnerability in NVIDIA Data Plane Development Kit Affecting Cisco Products: August 2022
- 20220907 Vulnerability in NVIDIA Data Plane Development Kit Affecting Cisco Products: August 2022