{"vulnerability": "CVE-2020-1072", "sightings": [{"uuid": "184d12aa-4a6c-44ff-9518-440e014cd22c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10726", "type": "seen", "source": "https://t.me/cibsecurity/12193", "content": "ATENTION\u203c New - CVE-2020-10726\n\nA vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-20T18:46:25.000000Z"}, {"uuid": "65b45d90-6ef0-4b2c-8500-c6985ae849f3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10725", "type": "seen", "source": "https://t.me/cibsecurity/12194", "content": "ATENTION\u203c New - CVE-2020-10725\n\nA flaw was found in DPDK version 19.11 and above that allows a malicious guest to cause a segmentation fault of the vhost-user backend application running on the host, which could result in a loss of connectivity for the other guests running on that host. This is caused by a missing validity check of the descriptor address in the function `virtio_dev_rx_batch_packed()`.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-05-20T18:46:26.000000Z"}, {"uuid": "48499608-bbd3-4439-8579-4f7c5b94426a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2020-10720", "type": "seen", "source": "https://t.me/cibsecurity/14467", "content": "ATENTION\u203c New - CVE-2020-10720\n\nA flaw was found in the Linux kernel's implementation of GRO in versions before 5.2. This flaw allows an attacker with local access to crash the system.\n\n\ud83d\udcd6 Read\n\nvia \"National Vulnerability Database\".", "creation_timestamp": "2020-09-03T22:55:17.000000Z"}]}