A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
References
Link | Resource |
---|---|
https://bugs.dpdk.org/show_bug.cgi?id=1031 | Exploit Issue Tracking Patch Vendor Advisory |
https://bugzilla.redhat.com/show_bug.cgi?id=2099475 | Exploit Issue Tracking Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
History
06 Sep 2022, 18:20
Type | Values Removed | Values Added |
---|---|---|
CVSS |
v2 : v3 : |
v2 : unknown
v3 : 8.6 |
CPE | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_linux_fast_datapath:7.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openstack_platform:13.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_linux_fast_datapath:8.0:*:*:*:*:*:*:* cpe:2.3:a:redhat:enterprise_linux_fast_datapath:9.0:*:*:*:*:*:*:* cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:* cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* cpe:2.3:o:fedoraproject:fedora:36:*:*:*:*:*:*:* cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
|
CWE | NVD-CWE-Other | |
First Time |
Fedoraproject
Dpdk Redhat enterprise Linux Fast Datapath Fedoraproject fedora Redhat Redhat openstack Platform Redhat openshift Container Platform Debian Redhat enterprise Linux Debian debian Linux Redhat virtualization Dpdk data Plane Development Kit |
|
References | (MISC) https://bugzilla.redhat.com/show_bug.cgi?id=2099475 - Exploit, Issue Tracking, Third Party Advisory | |
References | (MISC) https://bugs.dpdk.org/show_bug.cgi?id=1031 - Exploit, Issue Tracking, Patch, Vendor Advisory | |
References | (MLIST) https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html - Mailing List, Third Party Advisory |
02 Sep 2022, 07:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
31 Aug 2022, 16:53
Type | Values Removed | Values Added |
---|---|---|
New CVE |
Information
Published : 2022-08-31 16:15
Updated : 2023-12-10 14:35
NVD link : CVE-2022-2132
Mitre link : CVE-2022-2132
CVE.ORG link : CVE-2022-2132
JSON object : View
Products Affected
dpdk
- data_plane_development_kit
redhat
- enterprise_linux
- openstack_platform
- enterprise_linux_fast_datapath
- openshift_container_platform
- virtualization
debian
- debian_linux
fedoraproject
- fedora
CWE