CVE-2022-28199

>= 19.11_1.0.0 and < 20.11_5.0.0

NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error r

6.5MEDIUM

CVE-2022-2132

< 19.11

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service trigg

8.6HIGH

CVE-2022-0669

>= 20.02 and < 22.03

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data t

6.5MEDIUM

CVE-2021-3839

< 22.03

A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg-payload.inflight.num_q

7.5HIGH

CVE-2020-14374

>= 18.02.1 and < 18.11.10

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads

8.8HIGH

CVE-2020-14378

>= 18.02.1 and < 18.11.10

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the move_desc function can lead to large amounts of

3.3LOW

CVE-2020-14377

>= 18.02.1 and < 18.11.10

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled para

7.1HIGH

CVE-2020-14376

>= 18.02.1 and < 18.11.10

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the V

7.8HIGH

CVE-2020-14375

>= 18.02.1 and < 18.11.10

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are i

7.8HIGH

CVE-2020-10726

<= 19.11

A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket

6.0MEDIUM

CVE-2020-10725

<= 19.11

A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user bac

7.7HIGH

CVE-2020-10724

<= 18.11

A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied

5.1MEDIUM

CVE-2020-10723

<= 17.05

A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of

5.1MEDIUM

CVE-2020-10722

<= 18.05

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() c

5.1MEDIUM

CVE-2019-14818

>= 16.04 and < 16.11.10

A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.

7.5HIGH

CVE-2018-1059

< 18.02.1

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when p

6.1MEDIUM