drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Zwei Probleme in DPDK
Name: |
Zwei Probleme in DPDK |
|
ID: |
USN-5401-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 21.10, Ubuntu 22.04 LTS |
|
Datum: |
Mi, 4. Mai 2022, 23:35 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-3839
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0669 |
|
Applikationen: |
DPDK |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============9178783535320032857== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------yVSzBoT0qIsQr9P5Hku6GgKP"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------yVSzBoT0qIsQr9P5Hku6GgKP Content-Type: multipart/mixed; boundary="------------6LDwNDXGLBaVC9dr4ASyW9aI"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <d51823ed-39e0-679e-8fb6-56753c83902e@canonical.com> Subject: [USN-5401-1] DPDK vulnerabilities
--------------6LDwNDXGLBaVC9dr4ASyW9aI Content-Type: text/plain; charset=UTF- Content-Transfer-Encoding: quoted-printable
========================================================================== Ubuntu Security Notice USN-5401-1 May 04, 2022
dpdk vulnerabilities ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS - Ubuntu 21.10 - Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in DPDK.
Software Description: - dpdk: set of libraries for fast packet processing
Details:
Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2021-3839)
It was discovered that DPDK incorrectly handled inflight type messages. An attacker could possibly use this issue to cause DPDK to consume resources, leading to a denial of service. (CVE-2022-0669)
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 22.04 LTS: dpdk 21.11.1-0ubuntu0.3
Ubuntu 21.10: dpdk 20.11.5-0ubuntu1
Ubuntu 20.04 LTS: dpdk 19.11.12-0ubuntu0.20.04.1
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-5401-1 CVE-2021-3839, CVE-2022-0669
Package Information: https://launchpad.net/ubuntu/+source/dpdk/21.11.1-0ubuntu0.3 https://launchpad.net/ubuntu/+source/dpdk/20.11.5-0ubuntu1 https://launchpad.net/ubuntu/+source/dpdk/19.11.12-0ubuntu0.20.04.1
--------------6LDwNDXGLBaVC9dr4ASyW9aI--
--------------yVSzBoT0qIsQr9P5Hku6GgKP Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmJys7wACgkQZWnYVadE vpMSqg//XXwb0ov36hyBxrNsHfX1AcNsAEsoUw4G2DtamWCI3M1IXsa3BzonyHkc mK14F2wlIZBkKTFl4zHFTl9lWKS+Bg+Ooh7J3wemd9NRYAqN59FRIwgKdGCCJZq2 OJy3468YsGO6/KjI9uqdK2RIy3MAMEceTe8U9Ml6i6fvwYT1lk/v6Yk6Xgh4p1ua BntH+6WBTQdAKrAU2FFgkOKKi900RdW0lteC9fmrcWgYUC2qYhriKUC+Cn6Wu3nL BvFR5iZmfr/eLA4W9/eiD5L5AZNSjAqqcgC8zESiKVieJRQD91SH0mce5woPNsSB 3GiphuNFNxMWDyEObW7zgu34ozzbzE4+PWmi8c/hF+9w6cM8BILTLtklYvAtlXm0 1aK7sB/YLfaJGX2O2DDYSbOCZ6zeyuuY0aCXaheueRnrdZTNyYkO9I0tUbVfQ2lU 2KVEmS7IhsIE/j4xl+NScKKlDh2OxtViGbNWSzX0heGAskwZenFrKY3iiooWbQ/d xP8oDHtMCs2VbUva7zpOn4ISRNoU5jX4HmTbMBIBjwEVU4o+tjUtpteLR9T4vMe6 0DTYGmqMvDAIC/yZlGcPT5oSyh9Cvh0B+i5YqSDoI/PSSSp8qSHpX84BPPt39kOQ pN7BxjRMdlsUj4z3yPiNVd51M1MUDdAhBs9OA1FdqiMq8XiVSwc= =KnKi -----END PGP SIGNATURE-----
--------------yVSzBoT0qIsQr9P5Hku6GgKP--
--===============9178783535320032857== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============9178783535320032857==--
|
|
|
|