A set of vulnerabilities fixed in DPDK: - CVE-2020-10722 - CVE-2020-10723 - CVE-2020-10724 - CVE-2020-10725 - CVE-2020-10726 Some downstream stakeholders were warned in advance in order to coordinate the release of fixes and reduce the vulnerability window. Problem: A malicious guess/container can cause resource leak resulting a Denial-of-Service, or memory corruption and crash, or information leak in vhost-user backend application. All users of the vhost library are strongly encouraged to upgrade as soon as possible. Thanks to the reporters, all credit goes to them: Ilja Van Sprundel Marvin Liu Xiaolong Ye Stable Releases download links: DPDK 20.02.1 http://fast.dpdk.org/rel/dpdk-20.02.1.tar.xz DPDK 18.11.8 (LTS) http://fast.dpdk.org/rel/dpdk-18.11.8.tar.xz DPDK 19.11.2 (LTS) http://fast.dpdk.org/rel/dpdk-19.11.2.tar.xz Details: CVE-2020-10722 Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=267 Severity: 5.1 (Medium) CVSS scores: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H Summary: DPDK librte_vhost: Interger overflow in vhost_user_set_log_base() Reporter: Ilja Van Sprundel CVE-2020-10723 Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=268 Severity: 5.1 (Medium) CVSS scores: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H Summary: DPDK librte_vhost: Integer truncation in vhost_user_check_and_alloc_queue_pair() Reporter: Ilja Van Sprundel CVE-2020-10724 Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=269 Severity: 5.1 (Medium) CVSS scores: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H Summary: DPDK librte_vhost: Missing inputs validation in Vhost-crypto Reporter: Ilja Van Sprundel CVE-2020-10725 Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=270 Severity: 7.7 (High) CVSS scores: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H Summary: DPDK librte_vhost: Malicious guest could cause segfault by sending invalid Virtio descriptor Reporter: Marvin Liu CVE-2020-10726 Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=271 Severity: 6.0 (Medium) CVSS scores: CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H Summary: DPDK librte_vhost: VHOST_USER_GET_INFLIGHT_FD message flooding to result in a DOS Reporter: Marvin Liu & Xiaolong Ye Commits: main repo https://git.dpdk.org/dpdk/commit/?id=3ae4beb079ce https://git.dpdk.org/dpdk/commit/?id=c78d94189dce https://git.dpdk.org/dpdk/commit/?id=acd4c92fa693 https://git.dpdk.org/dpdk/commit/?id=97ecc1c85c95 https://git.dpdk.org/dpdk/commit/?id=549de54c4f9f https://git.dpdk.org/dpdk/commit/?id=e7debf602633 DPDK 20.02.1 https://git.dpdk.org/dpdk-stable/commit/?h=20.02&id=0545a19f5b99 https://git.dpdk.org/dpdk-stable/commit/?h=20.02&id=dca5d97491b4 https://git.dpdk.org/dpdk-stable/commit/?h=20.02&id=64a4d90c673e https://git.dpdk.org/dpdk-stable/commit/?h=20.02&id=47791d99afe4 https://git.dpdk.org/dpdk-stable/commit/?h=20.02&id=74b0c5db0f1e https://git.dpdk.org/dpdk-stable/commit/?h=20.02&id=a827e27d81cc DPDK 18.11.8 (LTS) https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=338f5eae5de73 https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=d87b67f57ef93 https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=5e4bc0f0e1e48 DPDK 19.11.2 (LTS) https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=2cf9c470ebff https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=8e9652b0b616 https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=963b6eea05f3 https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=cd0ea71bb6a7 https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=95e1f29c2677 https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=c9c630a117cf -- DPDK Security Team http://core.dpdk.org/security/