Test ID:	1.3.6.1.4.1.25623.1.1.4.2018.1492.1
Category:	SuSE Local Security Checks
Title:	SUSE: Security Advisory (SUSE-SU-2018:1492-1)
Summary:	The remote host is missing an update for the 'dpdk-thunderxdpdk' package(s) announced via the SUSE-SU-2018:1492-1 advisory.
Description:	Summary: The remote host is missing an update for the 'dpdk-thunderxdpdk' package(s) announced via the SUSE-SU-2018:1492-1 advisory. Vulnerability Insight: This update fixes the following issues: - CVE-2018-1059: The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable. (bsc#1089638). Affected Software/OS: 'dpdk-thunderxdpdk' package(s) on SUSE Linux Enterprise Server 12-SP3, SUSE Linux Enterprise Server for SAP Applications 12-SP3. Solution: Please install the updated package(s). CVSS Score: 2.9 CVSS Vector: AV:A/AC:M/Au:N/C:P/I:N/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2018-1059 https://access.redhat.com/security/cve/cve-2018-1059 RedHat Security Advisories: RHSA-2018:1267 https://access.redhat.com/errata/RHSA-2018:1267 RedHat Security Advisories: RHSA-2018:2038 https://access.redhat.com/errata/RHSA-2018:2038 RedHat Security Advisories: RHSA-2018:2102 https://access.redhat.com/errata/RHSA-2018:2102 RedHat Security Advisories: RHSA-2018:2524 https://access.redhat.com/errata/RHSA-2018:2524 https://usn.ubuntu.com/3642-1/ https://usn.ubuntu.com/3642-2/
Copyright	Copyright (C) 2021 Greenbone AG

This is only one of 146377 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.