N/A

A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a buffer overflow allowing an attacker in a virtual machine to write arbitrary data to any address in the vhost_crypto application. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.

N/A

未进行输入大小检查的缓冲区拷贝(传统缓冲区溢出)

Ubuntu DPDK copy_data安全漏洞

DPDK是一款基于Linux平台的数据平面开发套件。该产品支持在多种CPU架构上执行数据包处理。 DPDK 18.11.10之前版本和19.11.5之前版本中的copy_data函数存在安全漏洞，该漏洞源于错误的边界检查会导致缓冲区溢出，从而使攻击者能够将任意数据写入vhost_crypto的任何地址。该漏洞会导致数据泄露。

N/A

N/A