SUSE-SU-2020:2770-1
See a problem?- Import Source
- https://ftp.suse.com/pub/projects/security/osv/SUSE-SU-2020:2770-1.json
- JSON Data
- https://api.osv.dev/v1/vulns/SUSE-SU-2020:2770-1
- Related
- Published
- 2020-09-28T15:49:35Z
- Modified
- 2020-09-28T15:49:35Z
- Summary
- Security update for dpdk
- Details
-
This update for dpdk fixes the following issues:
- dpdk was updated to 19.11.4
- CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-14378: Fixed multiple issues where a malicious guest could harm the host using vhost crypto, including executing code in host (VM Escape), reading host application memory space to guest and causing partially denial of service in the host(bsc#1176590).
- For a list of fixes check: https://doc.dpdk.org/guides-19.11/relnotes/release19_11.html#id8 denial of service in the host (bsc#1176590).
- dpdk was updated to 19.11.4
- References
-
- https://www.suse.com/support/update/announcement/2020/suse-su-20202770-1/
- https://bugzilla.suse.com/1176590
- https://www.suse.com/security/cve/CVE-2020-14374
- https://www.suse.com/security/cve/CVE-2020-14375
- https://www.suse.com/security/cve/CVE-2020-14376
- https://www.suse.com/security/cve/CVE-2020-14377
- https://www.suse.com/security/cve/CVE-2020-14378
Affected packages
SUSE:Linux Enterprise Module for Package Hub 15 SP2 / dpdk
Package
- Name
- dpdk
- Purl
- purl:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2
SUSE:Linux Enterprise Module for Server Applications 15 SP2 / dpdk
Package
- Name
- dpdk
- Purl
- purl:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed19.11.4-3.9.1
Ecosystem specific
{
"binaries": [
{
"dpdk-thunderx": "19.11.4-3.9.1",
"dpdk-thunderx-devel": "19.11.4-3.9.1",
"dpdk-tools": "19.11.4-3.9.1",
"libdpdk-20_0": "19.11.4-3.9.1",
"dpdk-devel": "19.11.4-3.9.1",
"dpdk": "19.11.4-3.9.1",
"dpdk-kmp-default": "19.11.4_k5.3.18_24.15-3.9.1",
"dpdk-thunderx-kmp-default": "19.11.4_k5.3.18_24.15-3.9.1"
}
]
}
SUSE:Linux Enterprise Module for Server Applications 15 SP2 / dpdk-thunderx
Package
- Name
- dpdk-thunderx
- Purl
- purl:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed19.11.4-3.9.1
Ecosystem specific
{
"binaries": [
{
"dpdk-thunderx": "19.11.4-3.9.1",
"dpdk-thunderx-devel": "19.11.4-3.9.1",
"dpdk-tools": "19.11.4-3.9.1",
"libdpdk-20_0": "19.11.4-3.9.1",
"dpdk-devel": "19.11.4-3.9.1",
"dpdk": "19.11.4-3.9.1",
"dpdk-kmp-default": "19.11.4_k5.3.18_24.15-3.9.1",
"dpdk-thunderx-kmp-default": "19.11.4_k5.3.18_24.15-3.9.1"
}
]
}