Data Plane Development KIT

DATE	CVE	VULNERABILITY TITLE	RISK
2020-05-19	CVE-2020-10723	Integer Overflow or Wraparound vulnerability in multiple products A memory corruption issue was found in DPDK versions 17.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle CWE-190	6.7
2020-05-19	CVE-2020-10722	Integer Overflow or Wraparound vulnerability in multiple products A vulnerability was found in DPDK versions 18.05 and above. local low complexity dpdk canonical fedoraproject opensuse oracle CWE-190	6.7
2019-11-14	CVE-2019-14818	Memory Leak vulnerability in multiple products A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. network low complexity dpdk redhat fedoraproject CWE-401	7.5
2018-04-24	CVE-2018-1059	Information Exposure vulnerability in multiple products The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. canonical redhat dpdk CWE-200	2.9