CVE-2020-10726— DPDK 输入验证错误漏洞

N/A

A vulnerability was found in DPDK versions 19.11 and above. A malicious container that has direct access to the vhost-user socket can keep sending VHOST_USER_GET_INFLIGHT_FD messages, causing a resource leak (file descriptors and virtual memory), which may result in a denial of service.

CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

整数溢出或超界折返

DPDK 输入验证错误漏洞

DPDK是一款基于Linux平台的数据平面开发套件。该产品支持在多种CPU架构上执行数据包处理。 DPDK 19.11及之后版本中存在输入验证错误漏洞。攻击者可借助恶意的容器利用该漏洞导致资源泄漏（文件描述符和虚拟内存），造成拒绝服务。

N/A

N/A