6.5
CVE-2022-0669
- EPSS 0.13%
- Veröffentlicht 29.08.2022 15:15:09
- Zuletzt bearbeitet 21.11.2024 06:39:08
- Quelle secalert@redhat.com
- Teams Watchlist Login
- Unerledigt Login
A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
Dpdk ≫ Data Plane Development Kit Version >= 20.02 < 22.03
Dpdk ≫ Data Plane Development Kit Version19.11
Dpdk ≫ Data Plane Development Kit Version19.11 Updaterc1
Dpdk ≫ Data Plane Development Kit Version19.11 Updaterc2
Dpdk ≫ Data Plane Development Kit Version19.11 Updaterc3
Dpdk ≫ Data Plane Development Kit Version19.11 Updaterc4
Dpdk ≫ Data Plane Development Kit Version22.03 Updaterc1
Dpdk ≫ Data Plane Development Kit Version22.03 Updaterc2
Dpdk ≫ Data Plane Development Kit Version22.03 Updaterc3
Openvswitch ≫ Openvswitch Version2.13.0
Openvswitch ≫ Openvswitch Version2.15.0
Redhat ≫ Openshift Container Platform Version4.0
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Typ | Quelle | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.13% | 0.331 |
| Quelle | Base Score | Exploit Score | Impact Score | Vector String |
|---|---|---|---|---|
| nvd@nist.gov | 6.5 | 2 | 4 |
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
|
CWE-400 Uncontrolled Resource Consumption
The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.