{"containers": {"cna": {"affected": [{"product": "dpdk", "vendor": "n/a", "versions": [{"status": "affected", "version": "All dpdk versions before 18.11.10 and before 19.11.5"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."}], "problemTypes": [{"descriptions": [{"cweId": "CWE-367", "description": "CWE-367", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"dateUpdated": "2021-01-04T15:06:21", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"tags": ["x_refsource_MISC"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879468"}, {"tags": ["x_refsource_MISC"], "url": "https://www.openwall.com/lists/oss-security/2020/09/28/3"}, {"name": "USN-4550-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/4550-1/"}, {"name": "openSUSE-SU-2020:1593", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html"}, {"name": "openSUSE-SU-2020:1599", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00006.html"}, {"name": "[oss-security] 20210104 Re: [dpdk-dev] DPDK security advisory for multiple vhost crypto issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/5"}, {"name": "[oss-security] 20210104 Re: DPDK security advisory for multiple vhost crypto issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/1"}, {"name": "[oss-security] 20210104 Re: [dpdk-dev] DPDK security advisory for multiple vhost crypto issues", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/2"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert@redhat.com", "ID": "CVE-2020-14375", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "dpdk", "version": {"version_data": [{"version_value": "All dpdk versions before 18.11.10 and before 19.11.5"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "CWE-367"}]}]}, "references": {"reference_data": [{"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1879468", "refsource": "MISC", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879468"}, {"name": "https://www.openwall.com/lists/oss-security/2020/09/28/3", "refsource": "MISC", "url": "https://www.openwall.com/lists/oss-security/2020/09/28/3"}, {"name": "USN-4550-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/4550-1/"}, {"name": "openSUSE-SU-2020:1593", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html"}, {"name": "openSUSE-SU-2020:1599", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00006.html"}, {"name": "[oss-security] 20210104 Re: [dpdk-dev] DPDK security advisory for multiple vhost crypto issues", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/01/04/5"}, {"name": "[oss-security] 20210104 Re: DPDK security advisory for multiple vhost crypto issues", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/01/04/1"}, {"name": "[oss-security] 20210104 Re: [dpdk-dev] DPDK security advisory for multiple vhost crypto issues", "refsource": "MLIST", "url": "http://www.openwall.com/lists/oss-security/2021/01/04/2"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T12:46:34.328Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879468"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://www.openwall.com/lists/oss-security/2020/09/28/3"}, {"name": "USN-4550-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/4550-1/"}, {"name": "openSUSE-SU-2020:1593", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html"}, {"name": "openSUSE-SU-2020:1599", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00006.html"}, {"name": "[oss-security] 20210104 Re: [dpdk-dev] DPDK security advisory for multiple vhost crypto issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/5"}, {"name": "[oss-security] 20210104 Re: DPDK security advisory for multiple vhost crypto issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/1"}, {"name": "[oss-security] 20210104 Re: [dpdk-dev] DPDK security advisory for multiple vhost crypto issues", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/2"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2020-14375", "datePublished": "2020-09-30T18:42:58", "dateReserved": "2020-06-17T00:00:00", "dateUpdated": "2024-08-04T12:46:34.328Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "61C6A90C-25FC-41AC-9369-DFE5DA0BB470", "versionEndExcluding": "18.11.10", "versionStartIncluding": "18.02.1", "vulnerable": true}, {"criteria": "cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:*", "matchCriteriaId": "C5309900-2EFB-41CE-84D4-4F49E30780D9", "versionEndExcluding": "19.11.5", "versionStartIncluding": "19.02", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*", "matchCriteriaId": "902B8056-9E37-443B-8905-8AA93E2447FB", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*", "matchCriteriaId": "B620311B-34A3-48A6-82DF-6F078D7A4493", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:leap:15.2:*:*:*:*:*:*:*", "matchCriteriaId": "B009C22E-30A4-4288-BCF6-C3E81DEAF45A", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."}, {"lang": "es", "value": "Se encontr\u00f3 un fallo en dpdk en versiones anteriores a 18.11.10 y anteriores a 19.11.5. Los descriptores de anillo de Virtio y los datos que describen se encuentran en una regi\u00f3n de memoria accesible tanto desde la m\u00e1quina virtual como desde el host. Un atacante en una m\u00e1quina virtual puede cambiar el contenido de la memoria despu\u00e9s de que vhost_crypto lo haya validado. La mayor amenaza de esta vulnerabilidad es la confidencialidad e integridad de los datos, as\u00ed como la disponibilidad del sistema"}], "id": "CVE-2020-14375", "lastModified": "2024-11-21T05:03:07.447", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "LOCAL", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.4, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:L/AC:M/Au:N/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 3.4, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 7.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 1.1, "impactScore": 6.0, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2020-09-30T19:15:12.760", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00006.html"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/1"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/2"}, {"source": "secalert@redhat.com", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/5"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879468"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4550-1/"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2020/09/28/3"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00004.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2020-10/msg00006.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/2"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List"], "url": "http://www.openwall.com/lists/oss-security/2021/01/04/5"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879468"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/4550-1/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2020/09/28/3"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-367"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-367"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Ryan Hall for reporting this issue.", "bugzilla": {"description": "dpdk: time-of-check time-of-use vulnerabilities throughout vhost_crypto.c", "id": "1879468", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1879468"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.8", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H", "status": "draft"}, "cwe": "CWE-367", "details": ["A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.", "A flaw was found in dpdk. Virtio ring descriptors, and the data they describe are in a region of memory accessible by from both the virtual machine and the host. An attacker in a VM can change the contents of the memory after vhost_crypto has validated it. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability."], "name": "CVE-2020-14375", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.10", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.13", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.13", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/a:redhat:ceph_storage:3", "fix_state": "Not affected", "package_name": "ceph", "product_name": "Red Hat Ceph Storage 3"}, {"cpe": "cpe:/a:redhat:ceph_storage:4", "fix_state": "Not affected", "package_name": "ceph", "product_name": "Red Hat Ceph Storage 4"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "dpdk", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "dpdk", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "dpdk", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "openvswitch2.10", "product_name": "Red Hat Virtualization 4"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Red Hat Virtualization 4"}], "public_date": "2020-09-28T15:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-14375\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-14375\nhttps://www.openwall.com/lists/oss-security/2020/09/28/3"], "statement": "This flaw does not affect the versions of `dpdk` as shipped with Red Hat Enterprise Linux 7 and 8 or the versions embedded in Red Hat Virtualization or the Fast Datapath `openvswitch` package, as they do not enable generic crypto device library support. This causes the vulnerable code in vhost_crypto.c to not be included.\nThis flaw does not affect Red Hat Ceph Storage 3 and 4 as dpdk (embedded in ceph source rpm) is not built in the packages, therefore the vulnerable code is not available in the resulting RPM and the issue cannot be exploited.", "threat_severity": "Important"}