CVSS: 6.7EPSS: 0%CPEs: 9EXPL: 0CVE-2020-10722 – dpdk: librte_vhost Integer overflow in vhost_user_set_log_base()
https://notcve.org/view.php?id=CVE-2020-10722
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption. Se encontró una vulnerabilidad en DPDK versiones 18.05 y superiores. Una falta de comprobación en un desbordamiento de enteros en la función vhost_user_set_log_base() podría resultar en un mapa de memoria más pequeño de lo requerido, posiblemente permitiendo una corrupción de la memoria. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html https://bugs.dpdk.org/show_bug.cgi?id=267 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10722 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4 https://usn.ubuntu.com/4362-1 https://www.openwall.com/lists/oss-security/2020/05/18/2 https://www.oracle.com/security-alerts/cpujan2021.html https://www.oracle.com/security-alerts/cpuoct2020&# • CWE-190: Integer Overflow or Wraparound •
CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10726 – dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS
https://notcve.org/view.php?id=CVE-2020-10726
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service. Se detectó una vulnerabilidad en DPDK versiones 19.11 y superiores. Un contenedor malicioso que presenta acceso directo al socket vhost-user puede seguir enviando mensajes de VHOST_USER_GET_INFLIGHT_FD, causando una filtración de recursos (descriptores de archivos y memoria virtual), lo que puede resultar en una denegación de servicio. • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html https://bugs.dpdk.org/show_bug.cgi?id=271 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10726 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4 https://www.openwall.com/lists/oss-security/2020/05/18/2 https://www.oracle.com/security-alerts/cpujan2021.html https://access.redhat.com/security/cve/CVE-2020-10726 https://bugzilla.redhat.com • CWE-190: Integer Overflow or Wraparound CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.7EPSS: 0%CPEs: 5EXPL: 0CVE-2020-10725 – dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor
https://notcve.org/view.php?id=CVE-2020-10725
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`. Se detectó un fallo en DPDK versión 19.11 y superior, que permite a un invitado malicioso causar un fallo de segmentación de la aplicación backend vhost-user que se ejecuta en el host, lo que podría resultar en una pérdida de conectividad para los otros invitados ejecutados en ese host. Esto es causado por una falta de comprobación de la validez de la dirección del descriptor en la función "virtio_dev_rx_batch_packed()". • http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html https://bugs.dpdk.org/show_bug.cgi?id=270 https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10725 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4 https://www.openwall.com/lists/oss-security/2020/05/18/2 https://www.oracle.com/security-alerts/cpujan2021.html https://access.redhat.com/security/cve/CVE-2020-10725 https://bugzilla.redhat.com • CWE-665: Improper Initialization •
CVSS: 7.8EPSS: 4%CPEs: 42EXPL: 0CVE-2019-9513 – Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9513
Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service. The attacker creates multiple request streams and continually shuffles the priority of the streams in a way that causes substantial churn to the priority tree. This can consume excess CPU. Algunas implementaciones de HTTP / 2 son vulnerables a los bucles de recursos, lo que puede conducir a una denegación de servicio. El atacante crea múltiples flujos de solicitud y baraja continuamente la prioridad de los flujos de una manera que provoca un cambio considerable en el árbol de prioridad. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html https://access.redhat.com/errata/RHSA-2019:2692 https:/ • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 7%CPEs: 39EXPL: 0CVE-2019-9511 – Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service
https://notcve.org/view.php?id=CVE-2019-9511
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and stream priority to force the server to queue the data in 1-byte chunks. Depending on how efficiently this data is queued, this can consume excess CPU, memory, or both. Algunas implementaciones de HTTP / 2 son vulnerables a la manipulación del tamaño de la ventana y la manipulación de priorización de flujo, lo que puede conducir a una denegación de servicio. • http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00031.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00032.html http://lists.opensuse.org/opensuse-security-announce/2019-09/msg00035.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00003.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00014.html https://access.redhat.com/errata/RHSA-2019:2692 https:/ • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •