CVE-2020-10723

CVSS v2.0

7.2

High

Vector

AV:L/AC:L/Au:N/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions DPDK versions 17.05 and above

Description A memory corruption issue was found, caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption. This flaw may allow an attacker to access confidential data, compromise their integrity, and cause a denial of service.

Recommendations For DPDK versions 17.05 and above, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

Integer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-190

Related Identifiers

ALT-PU-2018-2158

ALT-PU-2020-2208

ALT-PU-2020-2214

ALT-PU-2020-2878

ALT-PU-2021-1176

ALT-PU-2021-2053

AZL-38977

BDU:2020-03905

CESA-2020_4806

CVE-2020-10723

DSA-4688-1

OPENSUSE-SU-2020:0693-1

OPENSUSE-SU-2020_0693-1

RHSA-2020:2295

RHSA-2020:2296

RHSA-2020:2297

RHSA-2020:2298

RHSA-2020:2683

RHSA-2020:4114

RHSA-2020:4806

RHSA-2020_4806

RHSA-2021:0931

SUSE-SU-2020:1334-1

SUSE-SU-2020:1335-1

SUSE-SU-2020:1430-1

SUSE-SU-2020:1552-1

SUSE-SU-2020_1552-1

USN-4362-1

Affected Products

Alt Linux

Centos

Dpdk

Linuxmint

Red Hat

Suse

Ubuntu

CVE-2020-10723

Weakness Enumeration

Related Identifiers

Affected Products

References · 49