Vulnerabilities > Dpdk > Data Plane Development KIT > High

DATE CVE VULNERABILITY TITLE RISK
2022-08-31 CVE-2022-2132 A permissive list of allowed inputs flaw was found in DPDK.
network
low complexity
dpdk fedoraproject debian redhat
8.6
2022-08-23 CVE-2021-3839 Out-of-bounds Write vulnerability in multiple products
A flaw was found in the vhost library in DPDK.
network
low complexity
dpdk fedoraproject redhat CWE-787
7.5
2020-09-30 CVE-2020-14374 Classic Buffer Overflow vulnerability in multiple products
A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5.
local
low complexity
dpdk opensuse canonical CWE-120
8.8
2020-05-20 CVE-2020-10725 Improper Initialization vulnerability in multiple products
A flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host.
network
low complexity
dpdk fedoraproject opensuse oracle CWE-665
7.7
2019-11-14 CVE-2019-14818 Memory Leak vulnerability in multiple products
A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors.
network
low complexity
dpdk redhat fedoraproject CWE-401
7.5