Vulnerabilities > CVE-2020-10722

047910
CVSS 6.7 - MEDIUM
Attack vector
LOCAL
Attack complexity
LOW
Privileges required
HIGH
Confidentiality impact
HIGH
Integrity impact
HIGH
Availability impact
HIGH

Summary

A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.

Vulnerable Configurations

Part Description Count
Application
Dpdk
44
Application
Oracle
6
OS
Canonical
3
OS
Fedoraproject
1
OS
Opensuse
1

Nessus

  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2296.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2296 advisory. - dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722) - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723) - dpdk: librte_vhost Missing inputs validation in Vhost- crypto (CVE-2020-10724) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-05
    modified2020-05-27
    plugin id136898
    published2020-05-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136898
    titleRHEL 7 : openvswitch2.11 (RHSA-2020:2296)
  • NASL familyFedora Local Security Checks
    NASL idFEDORA_2020-04E3D34451.NASL
    descriptionFix cvws CVE-2020-10726,CVE-2020-10724,CVE-2020-10723,CVE-2020-10722,CVE-2020-1 0725 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-06-10
    modified2020-06-04
    plugin id137103
    published2020-06-04
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/137103
    titleFedora 32 : 2:dpdk (2020-04e3d34451)
  • NASL familySuSE Local Security Checks
    NASL idSUSE_SU-2020-1335-1.NASL
    descriptionThis update for dpdk fixes the following issues : Security issues fixed : CVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base() (bsc#1171477). CVE-2020-10723: Fixed an integer truncation in vhost_user_check_and_alloc_queue_pair() (bsc#1171477). CVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto (bsc#1171477). CVE-2020-10725: Fixed a segfault caused by invalid virtio descriptors sent from a malicious guest (bsc#1171477). CVE-2020-10726: Fixed a denial-of-service caused by VHOST_USER_GET_INFLIGHT_FD message flooding (bsc#1171477). Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-22
    plugin id136795
    published2020-05-22
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136795
    titleSUSE SLED15 / SLES15 Security Update : dpdk (SUSE-SU-2020:1335-1)
  • NASL familyUbuntu Local Security Checks
    NASL idUBUNTU_USN-4362-1.NASL
    descriptionIt was discovered that DPDK incorrectly handled certain inputs. An attacker could possibly use this issue to cause a crash or execute arbitrary code. (CVE-2020-10722, CVE-2020-10723, CVE-2020-10724, CVE-2020-10725, CVE-2020-10726). Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
    last seen2020-05-31
    modified2020-05-19
    plugin id136709
    published2020-05-19
    reporterUbuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136709
    titleUbuntu 18.04 LTS / 19.10 / 20.04 : dpdk vulnerabilities (USN-4362-1)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2297.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2297 advisory. - dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722) - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723) - dpdk: librte_vhost Missing inputs validation in Vhost- crypto (CVE-2020-10724) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-05
    modified2020-05-27
    plugin id136912
    published2020-05-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136912
    titleRHEL 8 : openvswitch2.11 (RHSA-2020:2297)
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2298.NASL
    descriptionThe remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2298 advisory. - dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722) - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-05
    modified2020-05-27
    plugin id136913
    published2020-05-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136913
    titleRHEL 7 : openvswitch (RHSA-2020:2298)
  • NASL familyDebian Local Security Checks
    NASL idDEBIAN_DSA-4688.NASL
    descriptionMultiple vulnerabilities were discovered in the vhost code of DPDK, a set of libraries for fast packet processing, which could result in denial of service or the execution of arbitrary code by malicious guests/containers.
    last seen2020-05-31
    modified2020-05-19
    plugin id136703
    published2020-05-19
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136703
    titleDebian DSA-4688-1 : dpdk - security update
  • NASL familyRed Hat Local Security Checks
    NASL idREDHAT-RHSA-2020-2295.NASL
    descriptionThe remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2020:2295 advisory. - dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722) - dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723) - dpdk: librte_vhost Missing inputs validation in Vhost- crypto (CVE-2020-10724) - dpdk: librte_vhost Malicious guest could cause segfault by sending invalid Virtio descriptor (CVE-2020-10725) - dpdk: librte_vhost VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DoS (CVE-2020-10726) Note that Nessus has not tested for this issue but has instead relied only on the application
    last seen2020-06-05
    modified2020-05-27
    plugin id136899
    published2020-05-27
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136899
    titleRHEL 8 : openvswitch2.13 (RHSA-2020:2295)
  • NASL familySuSE Local Security Checks
    NASL idOPENSUSE-2020-693.NASL
    descriptionThis update for dpdk fixes the following issues : Security issues fixed : - CVE-2020-10722: Fixed an integer overflow in vhost_user_set_log_base() (bsc#1171477). - CVE-2020-10723: Fixed an integer truncation in vhost_user_check_and_alloc_queue_pair() (bsc#1171477). - CVE-2020-10724: Fixed a missing inputs validation in Vhost-crypto (bsc#1171477). - CVE-2020-10725: Fixed a segfault caused by invalid virtio descriptors sent from a malicious guest (bsc#1171477). - CVE-2020-10726: Fixed a denial-of-service caused by VHOST_USER_GET_INFLIGHT_FD message flooding (bsc#1171477). This update was imported from the SUSE:SLE-15-SP1:Update update project.
    last seen2020-05-31
    modified2020-05-26
    plugin id136882
    published2020-05-26
    reporterThis script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
    sourcehttps://www.tenable.com/plugins/nessus/136882
    titleopenSUSE Security Update : dpdk (openSUSE-2020-693)

Redhat

rpms
  • network-scripts-openvswitch2.13-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-debuginfo-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-debugsource-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-devel-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-test-0:2.13.0-25.el8fdp.1
  • python3-openvswitch2.13-0:2.13.0-25.el8fdp.1
  • python3-openvswitch2.13-debuginfo-0:2.13.0-25.el8fdp.1
  • openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-debuginfo-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-devel-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-test-0:2.11.0-54.20200327gita4efc59.el7fdp
  • python-openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp
  • network-scripts-openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-debuginfo-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-debugsource-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-devel-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-test-0:2.11.0-54.20200327gita4efc59.el8fdp
  • python3-openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp
  • python3-openvswitch2.11-debuginfo-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch-0:2.9.0-130.el7fdp
  • openvswitch-debuginfo-0:2.9.0-130.el7fdp
  • openvswitch-devel-0:2.9.0-130.el7fdp
  • openvswitch-ovn-central-0:2.9.0-130.el7fdp
  • openvswitch-ovn-common-0:2.9.0-130.el7fdp
  • openvswitch-ovn-host-0:2.9.0-130.el7fdp
  • openvswitch-ovn-vtep-0:2.9.0-130.el7fdp
  • openvswitch-test-0:2.9.0-130.el7fdp
  • python-openvswitch-0:2.9.0-130.el7fdp