ID CVE-2020-10722
Summary A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.
References
Vulnerable Configurations
  • cpe:2.3:a:dpdk:data_plane_development_kit:-:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:-:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:1.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:1.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:1.8.0:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:1.8.0:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:2.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:2.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:2.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:2.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:2.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:2.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.04:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.04:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.07:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.07:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.07.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.07.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.07.2:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.07.2:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.7:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.7:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.8:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.8:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.9:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.9:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.10:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.10:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:16.11.11:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:16.11.11:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.02:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.02:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.02.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.02.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.05:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.05:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.05.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.05.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.05.2:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.05.2:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.08:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.08:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.08.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.08.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.08.2:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.08.2:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.2:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.2:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.3:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.3:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.4:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.4:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.5:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.5:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.6:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.6:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.7:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.7:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.8:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.8:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:17.11.9:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:17.11.9:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:18.02:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:18.02:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:18.02.1:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:18.02.1:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:18.02.2:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:18.02.2:*:*:*:*:*:*:*
  • cpe:2.3:a:dpdk:data_plane_development_kit:18.05:*:*:*:*:*:*:*
    cpe:2.3:a:dpdk:data_plane_development_kit:18.05:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
    cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*
  • cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
    cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_border_controller:8.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_border_controller:8.2.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_border_controller:8.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:communications_session_border_controller:8.4:*:*:*:*:*:*:*
CVSS
Base: 4.6 (as of 02-09-2022 - 15:36)
Impact:
Exploitability:
CWE CWE-190
CAPEC
  • Forced Integer Overflow
    This attack forces an integer variable to go out of range. The integer variable is often used as an offset such as size of memory allocation or similarly. The attacker would typically control the value of such variable and try to get it out of range. For instance the integer in question is incremented past the maximum possible value, it may wrap to become a very small, or negative number, therefore providing a very incorrect value which can lead to unexpected behavior. At worst the attacker can execute arbitrary code.
Access
VectorComplexityAuthentication
LOCAL LOW NONE
Impact
ConfidentialityIntegrityAvailability
PARTIAL PARTIAL PARTIAL
cvss-vector via4 AV:L/AC:L/Au:N/C:P/I:P/A:P
redhat via4
rpms
  • network-scripts-openvswitch2.13-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-debuginfo-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-debugsource-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-devel-0:2.13.0-25.el8fdp.1
  • openvswitch2.13-test-0:2.13.0-25.el8fdp.1
  • python3-openvswitch2.13-0:2.13.0-25.el8fdp.1
  • python3-openvswitch2.13-debuginfo-0:2.13.0-25.el8fdp.1
  • openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-debuginfo-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-devel-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-test-0:2.11.0-54.20200327gita4efc59.el7fdp
  • python-openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp
  • network-scripts-openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-debuginfo-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-debugsource-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-devel-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch2.11-test-0:2.11.0-54.20200327gita4efc59.el8fdp
  • python3-openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp
  • python3-openvswitch2.11-debuginfo-0:2.11.0-54.20200327gita4efc59.el8fdp
  • openvswitch-0:2.9.0-130.el7fdp
  • openvswitch-debuginfo-0:2.9.0-130.el7fdp
  • openvswitch-devel-0:2.9.0-130.el7fdp
  • openvswitch-ovn-central-0:2.9.0-130.el7fdp
  • openvswitch-ovn-common-0:2.9.0-130.el7fdp
  • openvswitch-ovn-host-0:2.9.0-130.el7fdp
  • openvswitch-ovn-vtep-0:2.9.0-130.el7fdp
  • openvswitch-test-0:2.9.0-130.el7fdp
  • python-openvswitch-0:2.9.0-130.el7fdp
  • dpdk-0:18.11.8-1.el7_8
  • dpdk-debuginfo-0:18.11.8-1.el7_8
  • dpdk-devel-0:18.11.8-1.el7_8
  • dpdk-doc-0:18.11.8-1.el7_8
  • dpdk-tools-0:18.11.8-1.el7_8
  • openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-debuginfo-0:2.11.0-54.20200327gita4efc59.el7fdp
  • openvswitch2.11-devel-0:2.11.0-54.20200327gita4efc59.el7fdp
  • ovirt-ansible-repositories-0:1.1.6-1.el7ev
  • ovn2.11-0:2.11.1-44.el7fdp
  • ovn2.11-central-0:2.11.1-44.el7fdp
  • ovn2.11-debuginfo-0:2.11.1-44.el7fdp
  • ovn2.11-host-0:2.11.1-44.el7fdp
  • ovn2.11-vtep-0:2.11.1-44.el7fdp
  • python-openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp
  • python-ovirt-engine-sdk4-0:4.3.4-1.el7ev
  • python-ovirt-engine-sdk4-debuginfo-0:4.3.4-1.el7ev
  • dpdk-0:19.11.3-1.el8
  • dpdk-debuginfo-0:19.11.3-1.el8
  • dpdk-debugsource-0:19.11.3-1.el8
  • dpdk-devel-0:19.11.3-1.el8
  • dpdk-devel-debuginfo-0:19.11.3-1.el8
  • dpdk-doc-0:19.11.3-1.el8
  • dpdk-tools-0:19.11.3-1.el8
refmap via4
confirm https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10722
fedora FEDORA-2020-04e3d34451
misc
suse openSUSE-SU-2020:0693
ubuntu USN-4362-1
Last major update 02-09-2022 - 15:36
Published 19-05-2020 - 19:15
Last modified 02-09-2022 - 15:36
Back to Top