DPDK announcements
 help / color / mirror / Atom feed
From: Maxime Coquelin <maxime.coquelin@redhat.com>
To: announce@dpdk.org
Subject: [dpdk-announce] Vhost-user CVE-2018-1059
Date: Mon, 23 Apr 2018 17:55:57 +0200	[thread overview]
Message-ID: <d51a4fe8-7456-8ee2-bd2d-c44cbf2a06d9@redhat.com> (raw)

Dear users,

All versions of DPDK's Vhost-user library are vulnerable to out-of-bound
accesses initiated by a buggy or malicious guest.

This vulnerability has been assigned CVE-2018-1059.

Users are strongly encouraged to upgrade to the latest releases:
- v16.11.6 (LTS): https://fast.dpdk.org/rel/dpdk-16.11.6.tar.xz
- v17.08.2: https://fast.dpdk.org/rel/dpdk-17.08.2.tar.xz
- v17.11.2 (LTS): https://fast.dpdk.org/rel/dpdk-17.11.2.tar.xz
- v18.02.1: https://fast.dpdk.org/rel/dpdk-18.02.1.tar.xz

Starting DPDK v17.11, rte_vhost_gpa_to_vva() API was introduced for
external Vhost backends to be able to translate guest's physical
addresses to Vhost process's virtual addresses.
This API is now marked as deprecated, and users must replace its use
with the new rte_vhost_va_from_guest_pa() API. This new API takes an
extra length parameter that must be checked properly.

Patches fixing this vulnerability will soon be posted to the dev
mailing-list for upstream master, and to the stable mailing-list for
stable branches.

Kind regards,

                 reply	other threads:[~2018-04-23 15:56 UTC|newest]

Thread overview: [no followups] expand[flat|nested]  mbox.gz  Atom feed

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=d51a4fe8-7456-8ee2-bd2d-c44cbf2a06d9@redhat.com \
    --to=maxime.coquelin@redhat.com \
    --cc=announce@dpdk.org \


* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).