{"containers": {"cna": {"affected": [{"product": "dpdk", "vendor": "[UNKNOWN]", "versions": [{"status": "affected", "version": "20.02.1"}, {"status": "affected", "version": "19.11.2"}, {"status": "affected", "version": "18.11.8"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption."}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}}], "problemTypes": [{"descriptions": [{"cweId": "CWE-190", "description": "CWE-190", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-01-20T14:42:03", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "USN-4362-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4362-1/"}, {"name": "openSUSE-SU-2020:0693", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html"}, {"name": "FEDORA-2020-04e3d34451", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"tags": ["x_refsource_MISC"], "url": "https://www.openwall.com/lists/oss-security/2020/05/18/2"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723"}, {"tags": ["x_refsource_MISC"], "url": "https://bugs.dpdk.org/show_bug.cgi?id=268"}, {"tags": ["x_refsource_MISC"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-10723", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "dpdk", "version": {"version_data": [{"version_value": "20.02.1"}, {"version_value": "19.11.2"}, {"version_value": "18.11.8"}]}}]}, "vendor_name": "[UNKNOWN]"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption."}]}, "impact": {"cvss": [[{"vectorString": "5.1/CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.0"}]]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-190"}]}]}, "references": {"reference_data": [{"name": "USN-4362-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4362-1/"}, {"name": "openSUSE-SU-2020:0693", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html"}, {"name": "FEDORA-2020-04e3d34451", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/"}, {"name": "https://www.oracle.com/security-alerts/cpuoct2020.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"name": "https://www.openwall.com/lists/oss-security/2020/05/18/2", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2020/05/18/2"}, {"name": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723"}, {"name": "https://bugs.dpdk.org/show_bug.cgi?id=268", "refsource": "MISC", "url": "https://bugs.dpdk.org/show_bug.cgi?id=268"}, {"name": "https://www.oracle.com/security-alerts/cpujan2021.html", "refsource": "MISC", "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T11:14:14.697Z"}, "title": "CVE Program Container", "references": [{"name": "USN-4362-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4362-1/"}, {"name": "openSUSE-SU-2020:0693", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html"}, {"name": "FEDORA-2020-04e3d34451", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2020/05/18/2"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugs.dpdk.org/show_bug.cgi?id=268"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-10723", "datePublished": "2020-05-19T18:02:46", "dateReserved": "2020-03-20T00:00:00", "dateUpdated": "2024-08-04T11:14:14.697Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "BF1EC412-7634-4623-9A57-4D0384DE1903", "versionEndIncluding": "17.05", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*", "matchCriteriaId": "A31C8344-3E02-4EB8-8BD8-4C84B7959624", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:32:*:*:*:*:*:*:*", "matchCriteriaId": "36D96259-24BD-44E2-96D9-78CE1D41F956", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:communications_session_border_controller:*:*:*:*:*:*:*:*", "matchCriteriaId": "9F11DE25-DC7B-46CC-80FA-CE99D29AFDF8", "versionEndIncluding": "8.4", "versionStartIncluding": "8.2", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.1.0:*:*:*:*:*:*:*", "matchCriteriaId": "E11C65C3-1B17-4362-A99C-59583081A24D", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:enterprise_communications_broker:3.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "348EEE70-E114-4720-AAAF-E77DE5C9A2D1", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption."}, {"lang": "es", "value": "Se encontr\u00f3 un problema de corrupci\u00f3n de memoria en DPDK versiones 17.05 y superiores. Este fallo es causado por un truncamiento de enteros en el \u00edndice de una carga \u00fatil. Bajo determinadas circunstancias, el \u00edndice (un UInt) es copiado y truncado en un uint16, lo que puede conllevar a una indexaci\u00f3n fuera de l\u00edmite y una posible corrupci\u00f3n de la memoria."}], "id": "CVE-2020-10723", "lastModified": "2024-11-21T04:55:55.973", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.6, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.9, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 4.2, "source": "secalert@redhat.com", "type": "Secondary"}, {"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 6.7, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 0.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-05-19T19:15:09.837", "references": [{"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.dpdk.org/show_bug.cgi?id=268"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4362-1/"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2020/05/18/2"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Vendor Advisory"], "url": "https://bugs.dpdk.org/show_bug.cgi?id=268"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4362-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2020/05/18/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpujan2021.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://www.oracle.com/security-alerts/cpuoct2020.html"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-190"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-190"}], "source": "nvd@nist.gov", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Ferruh Yigit (Reporter) for reporting this issue.", "affected_release": [{"advisory": "RHSA-2020:2296", "cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "package": "openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 7", "release_date": "2020-05-26T00:00:00Z"}, {"advisory": "RHSA-2020:2298", "cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "package": "openvswitch-0:2.9.0-130.el7fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 7", "release_date": "2020-05-26T00:00:00Z"}, {"advisory": "RHSA-2020:2295", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package": "openvswitch2.13-0:2.13.0-25.el8fdp.1", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2020-05-26T00:00:00Z"}, {"advisory": "RHSA-2020:2297", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package": "openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2020-05-26T00:00:00Z"}, {"advisory": "RHSA-2020:2683", "cpe": "cpe:/a:redhat:rhel_extras_other:7", "package": "dpdk-0:18.11.8-1.el7_8", "product_name": "Red Hat Enterprise Linux 7 Extras", "release_date": "2020-06-23T00:00:00Z"}, {"advisory": "RHSA-2020:4806", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "dpdk-0:19.11.3-1.el8", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2020-11-04T00:00:00Z"}, {"advisory": "RHSA-2021:0931", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openvswitch2.11-0:2.11.3-77.el7fdp", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2021-03-18T00:00:00Z"}, {"advisory": "RHSA-2021:0931", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openvswitch-selinux-extra-policy-0:1.0-17.el7fdp", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2021-03-18T00:00:00Z"}, {"advisory": "RHSA-2021:0931", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "ovn2.11-0:2.11.1-57.el7fdp", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2021-03-18T00:00:00Z"}, {"advisory": "RHSA-2020:2298", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "openvswitch-0:2.9.0-130.el7fdp", "product_name": "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2020-05-26T00:00:00Z"}, {"advisory": "RHSA-2020:4114", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2020-09-30T00:00:00Z"}, {"advisory": "RHSA-2020:4114", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "ovn2.11-0:2.11.1-44.el7fdp", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2020-09-30T00:00:00Z"}, {"advisory": "RHSA-2020:4114", "cpe": "cpe:/a:redhat:rhev_manager:4.3", "package": "openvswitch2.11-0:2.11.0-54.20200327gita4efc59.el7fdp", "product_name": "Red Hat Virtualization Engine 4.3", "release_date": "2020-09-30T00:00:00Z"}, {"advisory": "RHSA-2020:4114", "cpe": "cpe:/a:redhat:rhev_manager:4.3", "package": "ovn2.11-0:2.11.1-44.el7fdp", "product_name": "Red Hat Virtualization Engine 4.3", "release_date": "2020-09-30T00:00:00Z"}], "bugzilla": {"description": "dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair()", "id": "1828874", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1828874"}, "csaw": false, "cvss3": {"cvss3_base_score": "6.7", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H", "status": "verified"}, "cwe": "CWE-190", "details": ["A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.", "A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption."], "name": "CVE-2020-10723", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Will not fix", "package_name": "openvswitch2.10", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Will not fix", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.13", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Will not fix", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Not affected", "package_name": "ceph", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:4", "fix_state": "Not affected", "package_name": "ceph", "product_name": "Red Hat Ceph Storage 4"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Out of support scope", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Affected", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:15", "fix_state": "Not affected", "package_name": "rhosp-openvswitch", "product_name": "Red Hat OpenStack Platform 15 (Stein)"}, {"cpe": "cpe:/a:redhat:openstack:16", "fix_state": "Not affected", "package_name": "rhosp-openvswitch", "product_name": "Red Hat OpenStack Platform 16 (Train)"}], "public_date": "2020-05-18T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-10723\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-10723\nhttps://bugs.dpdk.org/show_bug.cgi?id=268\nhttps://www.openwall.com/lists/oss-security/2020/05/18/2"], "statement": "This issue did not affect the versions of Ceph as shipped with Red Hat Ceph Storage 3 and 4, as they did not include support for DPDK.", "threat_severity": "Moderate", "upstream_fix": "dkdk 18.11.8, dpdk 20.02.1, dpdk 19.11.2"}