Vulnerabilities > Dpdk > Data Plane Development KIT > 16.07

DATE CVE VULNERABILITY TITLE RISK
2022-08-31 CVE-2022-2132 A permissive list of allowed inputs flaw was found in DPDK.
network
low complexity
dpdk fedoraproject debian redhat
8.6
2022-08-23 CVE-2021-3839 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the vhost library in DPDK.
network
low complexity
dpdk fedoraproject redhat CWE-787
7.5
2020-05-20 CVE-2020-10726 A vulnerability was found in DPDK versions 19.11 and above.
local
low complexity
dpdk fedoraproject opensuse oracle
4.4
2020-05-20 CVE-2020-10725 A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host.
network
low complexity
dpdk fedoraproject opensuse oracle
7.7
2020-05-19 CVE-2020-10724 Out-of-bounds Read vulnerability in multiple products
A vulnerability was found in DPDK versions 18.11 and above.
local
low complexity
dpdk canonical fedoraproject CWE-125
4.4
2020-05-19 CVE-2020-10723 A memory corruption issue was found in DPDK versions 17.05 and above.
local
low complexity
dpdk canonical fedoraproject opensuse oracle
6.7
2020-05-19 CVE-2020-10722 A vulnerability was found in DPDK versions 18.05 and above.
local
low complexity
dpdk canonical fedoraproject opensuse oracle
6.7
2019-11-14 CVE-2019-14818 Memory Leak vulnerability in multiple products
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors.
network
low complexity
dpdk redhat fedoraproject CWE-401
7.5
2018-04-24 CVE-2018-1059 Information Exposure vulnerability in multiple products
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations.
high complexity
canonical redhat dpdk CWE-200
6.1