A dpdk security and bug fix update has been released for AlmaLinux 9.
ALSA-2022:8263 Important: dpdk security and bug fix update
Type:
security
Severity:
important
Release date:
2022-11-18
Description
Security Fix(es):
* dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)
* DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash (CVE-2021-3839)
* dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service (CVE-2022-28199)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.
References:
RHSA-2022:8263
CVE-2021-3839
CVE-2022-2132
CVE-2022-28199
ALSA-2022:8263
Updates packages:
dpdk-doc-21.11.2-1.el9_1.noarch.rpm
dpdk-tools-21.11.2-1.el9_1.x86_64.rpm
dpdk-21.11.2-1.el9_1.x86_64.rpm
dpdk-devel-21.11.2-1.el9_1.x86_64.rpm
dpdk-devel-21.11.2-1.el9_1.ppc64le.rpm
dpdk-tools-21.11.2-1.el9_1.ppc64le.rpm
dpdk-21.11.2-1.el9_1.ppc64le.rpm
dpdk-tools-21.11.2-1.el9_1.aarch64.rpm
dpdk-devel-21.11.2-1.el9_1.aarch64.rpm
dpdk-21.11.2-1.el9_1.aarch64.rpm
Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.
