Vulnerability   
Search   
    Search 191973 CVE descriptions
and 86218 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.853478
Category:SuSE Local Security Checks
Title:openSUSE: Security Advisory for dpdk (openSUSE-SU-2020:1599-1)
Summary:The remote host is missing an update for the 'dpdk'; package(s) announced via the openSUSE-SU-2020:1599-1 advisory.
Description:Summary:
The remote host is missing an update for the 'dpdk'
package(s) announced via the openSUSE-SU-2020:1599-1 advisory.

Vulnerability Insight:
This update for dpdk fixes the following issues:

- dpdk was updated to 19.11.4

-
CVE-2020-14374, CVE-2020-14375, CVE-2020-14376, CVE-2020-14377, CVE-2020-14378:
Fixed multiple issues where a malicious guest could harm the host
using vhost crypto, including executing code in host (VM Escape),
reading host application memory space to guest and causing partially
denial of service in the host(bsc#1176590).

This update was imported from the SUSE:SLE-15-SP2:Update update project.

Patch Instructions:

To install this openSUSE Security Update use the SUSE recommended
installation methods
like YaST online_update or 'zypper patch'.

Alternatively you can run the command listed for your product:

- openSUSE Leap 15.2:

zypper in -t patch openSUSE-2020-1599=1

Affected Software/OS:
'dpdk' package(s) on openSUSE Leap 15.2.

Solution:
Please install the updated package(s).

CVSS Score:
7.2

CVSS Vector:
AV:L/AC:L/Au:N/C:C/I:C/A:C

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2020-14374
Common Vulnerability Exposure (CVE) ID: CVE-2020-14375
Common Vulnerability Exposure (CVE) ID: CVE-2020-14376
Common Vulnerability Exposure (CVE) ID: CVE-2020-14377
Common Vulnerability Exposure (CVE) ID: CVE-2020-14378
CopyrightCopyright (C) 2020 Greenbone Networks GmbH

This is only one of 86218 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2020 E-Soft Inc. All rights reserved.