An update for dpdk is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS
Security Advisory
openeuler-security@openeuler.org
openEuler security committee
openEuler-SA-2022-1911
Final
1.0
1.0
2022-09-16
Initial
2022-09-16
2022-09-16
openEuler SA Tool V1.0
2022-09-16
dpdk security update
An update for dpdk is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS.
DPDK core includes kernel modules, core libraries and tools.testpmd application allows to test fast packet processing environments on arm64 platforms. For instance, it can be used to check that environment can support fast path applications such as 6WINDGate, pktgen, rumptcpip, etc. More libraries are available as extensions in other packages.
Security Fix(es):
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.(CVE-2022-2132)
An update for dpdk is now available for openEuler-20.03-LTS-SP1,openEuler-20.03-LTS-SP3 and openEuler-22.03-LTS.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.
High
dpdk
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1911
https://www.openeuler.org/en/security/cve/detail.html?id=CVE-2022-2132
https://nvd.nist.gov/vuln/detail/CVE-2022-2132
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
dpdk-devel-19.11-20.oe1.aarch64.rpm
dpdk-tools-19.11-20.oe1.aarch64.rpm
dpdk-debuginfo-19.11-20.oe1.aarch64.rpm
dpdk-debugsource-19.11-20.oe1.aarch64.rpm
dpdk-19.11-20.oe1.aarch64.rpm
dpdk-devel-19.11-20.oe1.aarch64.rpm
dpdk-debuginfo-19.11-20.oe1.aarch64.rpm
dpdk-tools-19.11-20.oe1.aarch64.rpm
dpdk-19.11-20.oe1.aarch64.rpm
dpdk-debugsource-19.11-20.oe1.aarch64.rpm
dpdk-debugsource-21.11-16.oe2203.aarch64.rpm
dpdk-debuginfo-21.11-16.oe2203.aarch64.rpm
dpdk-21.11-16.oe2203.aarch64.rpm
dpdk-tools-21.11-16.oe2203.aarch64.rpm
dpdk-devel-21.11-16.oe2203.aarch64.rpm
dpdk-doc-19.11-20.oe1.noarch.rpm
dpdk-doc-19.11-20.oe1.noarch.rpm
dpdk-doc-21.11-16.oe2203.noarch.rpm
dpdk-19.11-20.oe1.src.rpm
dpdk-19.11-20.oe1.src.rpm
dpdk-21.11-16.oe2203.src.rpm
dpdk-debuginfo-19.11-20.oe1.x86_64.rpm
dpdk-devel-19.11-20.oe1.x86_64.rpm
dpdk-19.11-20.oe1.x86_64.rpm
dpdk-debugsource-19.11-20.oe1.x86_64.rpm
dpdk-tools-19.11-20.oe1.x86_64.rpm
dpdk-19.11-20.oe1.x86_64.rpm
dpdk-debuginfo-19.11-20.oe1.x86_64.rpm
dpdk-devel-19.11-20.oe1.x86_64.rpm
dpdk-tools-19.11-20.oe1.x86_64.rpm
dpdk-debugsource-19.11-20.oe1.x86_64.rpm
dpdk-tools-21.11-16.oe2203.x86_64.rpm
dpdk-devel-21.11-16.oe2203.x86_64.rpm
dpdk-debuginfo-21.11-16.oe2203.x86_64.rpm
dpdk-21.11-16.oe2203.x86_64.rpm
dpdk-debugsource-21.11-16.oe2203.x86_64.rpm
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
2022-09-16
CVE-2022-2132
openEuler-20.03-LTS-SP1
openEuler-20.03-LTS-SP3
openEuler-22.03-LTS
High
8.6
AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
dpdk security update
2022-09-16
https://www.openeuler.org/en/security/safety-bulletin/detail.html?id=openEuler-SA-2022-1911