← volver
CVE-2020-10726

CVE-2020-10726

CVSS 6 MEDIUMEPSS 0.5%CWE-190
A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H
Productos afectados
[UNKNOWN] · dpdk

¿Quieres saber si tu infraestructura está expuesta a esto?

Hablar con TrueHacking →
Referencias
http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.htmlhttps://bugs.dpdk.org/show_bug.cgi?id=271https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10726https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/https://www.openwall.com/lists/oss-security/2020/05/18/2https://www.oracle.com/security-alerts/cpujan2021.html