Documentation
我要评分
获取效率
正确性
完整性
易理解
提交关闭

Third-Party Software Security Vulnerability List

The vulnerability information can be queried by CVE IDs on the National Vulnerability Database (NVD) website:

http://web.nvd.nist.gov/view/vuln/search

Software Name

Software Version

CVE Number

Vulnerability Description

Solution

DPDK

19.11

CVE-2020-10726

The memory corruption problem is found in DPDK 17.05 and later. The vulnerability is related to integer truncation on the payload index in the affected version. In some cases, the index (UInt) will be copied and truncated to uint16, which may result in out-of-range indexing and possible memory corruption.

This vulnerability has been fixed during subsequent DPDK upgrades.

Patch links:

https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=95e1f29c2677

https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=c9c630a117cf

DPDK

19.11

CVE-2020-10725

The memory corruption problem is found in DPDK 17.05 and later. The vulnerability is related to integer truncation on the payload index in the affected version. In some cases, the index (UInt) will be copied and truncated to uint16, which may result in out-of-range indexing and possible memory corruption.

This vulnerability has been fixed in subsequent DPDK bug fixes.

Patch link:

https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=cd0ea71bb6a7
Parent topic: XPF Release Notes