Huawei EulerOS Local Security Checks : Huawei EulerOS: Security Advisory for dpdk (EulerOS-SA-2020-1936)

Anfälligkeitssuche		Suche in 219043 CVE Beschreibungen und 99761 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.2.2020.1936

Kategorie: Huawei EulerOS Local Security Checks

Titel: Huawei EulerOS: Security Advisory for dpdk (EulerOS-SA-2020-1936)

Zusammenfassung: The remote host is missing an update for the Huawei EulerOS 'dpdk' package(s) announced via the EulerOS-SA-2020-1936 advisory.

Beschreibung: Summary:
The remote host is missing an update for the Huawei EulerOS 'dpdk' package(s) announced via the EulerOS-SA-2020-1936 advisory.

Vulnerability Insight:
A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.(CVE-2020-10722)

A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.(CVE-2020-10723)

A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.(CVE-2020-10724)

Affected Software/OS:
'dpdk' package(s) on Huawei EulerOS V2.0SP5.

Solution:
Please install the updated package(s).

CVSS Score:
4.6

CVSS Vector:
AV:L/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2020-10722
Common Vulnerability Exposure (CVE) ID: CVE-2020-10723
Common Vulnerability Exposure (CVE) ID: CVE-2020-10724

Copyright Copyright (C) 2020 Greenbone Networks GmbH

Dies ist nur einer von 99761 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.2.2020.1936
Kategorie:	Huawei EulerOS Local Security Checks
Titel:	Huawei EulerOS: Security Advisory for dpdk (EulerOS-SA-2020-1936)
Zusammenfassung:	The remote host is missing an update for the Huawei EulerOS 'dpdk' package(s) announced via the EulerOS-SA-2020-1936 advisory.
Beschreibung:	Summary: The remote host is missing an update for the Huawei EulerOS 'dpdk' package(s) announced via the EulerOS-SA-2020-1936 advisory. Vulnerability Insight: A vulnerability was found in DPDK versions 18.05 and above. A missing check for an integer overflow in vhost_user_set_log_base() could result in a smaller memory map than requested, possibly allowing memory corruption.(CVE-2020-10722) A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.(CVE-2020-10723) A vulnerability was found in DPDK versions 18.11 and above. The vhost-crypto library code is missing validations for user-supplied values, potentially allowing an information leak through an out-of-bounds memory read.(CVE-2020-10724) Affected Software/OS: 'dpdk' package(s) on Huawei EulerOS V2.0SP5. Solution: Please install the updated package(s). CVSS Score: 4.6 CVSS Vector: AV:L/AC:L/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2020-10722 Common Vulnerability Exposure (CVE) ID: CVE-2020-10723 Common Vulnerability Exposure (CVE) ID: CVE-2020-10724
Copyright	Copyright (C) 2020 Greenbone Networks GmbH