DPDK announcements
 help / color / mirror / Atom feed
* CVE-2022-28199 disclosure
@ 2022-08-29 17:55 Thomas Monjalon
  0 siblings, 0 replies; only message in thread
From: Thomas Monjalon @ 2022-08-29 17:55 UTC (permalink / raw)
  To: announce; +Cc: oss-security

A vulnerability was fixed in DPDK.
Some downstream stakeholders were warned in advance
in order to coordinate the release of fixes
and reduce the vulnerability window.

When having a failure with the mlx5 driver,
the error recovery was not handled properly,
which can allow a remote attacker to cause denial of service
and some impact to data integrity and confidentiality.

CVE: CVE-2022-28199
Severity: 6.5
CVSS scores: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Commits per branch:
	main  - https://git.dpdk.org/dpdk/commit/?id=60b254e392
	21.11 - https://git.dpdk.org/dpdk-stable/commit/?id=25c01bd323
	20.11 - https://git.dpdk.org/dpdk-stable/commit/?id=ef311075d2
	19.11 - https://git.dpdk.org/dpdk-stable/commit/?id=8b090f2664

LTS Releases:
	21.11 - http://fast.dpdk.org/rel/dpdk-21.11.2.tar.xz
	20.11 - http://fast.dpdk.org/rel/dpdk-20.11.6.tar.xz
	19.11 - http://fast.dpdk.org/rel/dpdk-19.11.13.tar.xz

^ permalink raw reply	[flat|nested] only message in thread

only message in thread, other threads:[~2022-08-29 17:55 UTC | newest]

Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-08-29 17:55 CVE-2022-28199 disclosure Thomas Monjalon

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).