Hello, Is there any particular reason for the Scope metric to be Unchanged (S:U) for CVE-2020-14377 and CVE-2020-14378?
Thank you, On Mon, Sep 28, 2020 at 5:43 PM Ferruh Yigit <ferruh.yi...@intel.com> wrote: > > A set of vulnerabilities are fixed in DPDK: > - CVE-2020-14374 > - CVE-2020-14375 > - CVE-2020-14376 > - CVE-2020-14377 > - CVE-2020-14378 > > Some downstream stakeholders were warned in advance in order to coordinate the > release of fixes and reduce the vulnerability window. > > Problem: > A malicious guest can harm the host using vhost crypto, this includes > executing code in host (VM Escape), reading host application memory > space to guest and causing partially denial of service in the host. > > All users of the vhost library are strongly encouraged to upgrade as soon as > possible. > > Thanks to "Ryan Hall <ryan.e.h...@intel.com>" for reporting the issues. > > > Stable releases download links: > > DPDK 18.11.10 (LTS) > http://fast.dpdk.org/rel/dpdk-18.11.10.tar.xz > > DPDK 19.11.5 (LTS) > https://fast.dpdk.org/rel/dpdk-19.11.5.tar.xz > > > Details: > > CVE: CVE-2020-14374 > Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=272 > Severity: 8.8 (High) > CVSS scores: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H > Summary : Remote Code Execution in vhost_crypto (VM Escape) > Reporter: Ryan Hall <ryan.e.h...@intel.com> > > CVE: CVE-2020-14375 > Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=272 > Severity: 7.8 (High) > CVSS scores: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H > Summary : Time-of-check time-of-use vulnerabilities throughout vhost_crypto.c > Reporter: Ryan Hall <ryan.e.h...@intel.com> > > CVE: CVE-2020-14376 > Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=272 > Severity: 7.8 (High) > CVSS scores: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H > Summary : Buffer overflow copying iv_data from guest to > host(prepare_sym_cipher_op & prepare_sym_chain_op) > Reporter: Ryan Hall <ryan.e.h...@intel.com> > > CVE: CVE-2020-14377 > Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=272 > Severity: 7.1 (High) > CVSS scores: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:H > Summary: write_back_data buffer over read (cipher->para.dst_data_len & > desc->len) > Reporter: Ryan Hall <ryan.e.h...@intel.com> > > CVE: CVE-2020-14378 > Bugzilla: https://bugs.dpdk.org/show_bug.cgi?id=272 > Severity: 3.3 (Low) > CVSS scores: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L > Summary : Partial Denial of Service due to Integer Underflow > Reporter: Ryan Hall <ryan.e.h...@intel.com> > > > Commits: > main repo (will be 20.11.0) > https://git.dpdk.org/dpdk/commit/?id=57680e34498 > https://git.dpdk.org/dpdk/commit/?id=5677e68c05d > https://git.dpdk.org/dpdk/commit/?id=b2866f47336 > https://git.dpdk.org/dpdk/commit/?id=409c47c7c5b > https://git.dpdk.org/dpdk/commit/?id=e15b7c01120 > https://git.dpdk.org/dpdk/commit/?id=2d962bb7365 > > DPDK 18.11.10 (LTS) > https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=ab6314978567 > https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=7a5af91f8bf4 > https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=7e7c75edc635 > https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=ff65dc28bc71 > https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=75f8df70a2c8 > https://git.dpdk.org/dpdk-stable/commit/?h=18.11&id=6e8a4da39e68 > > DPDK 19.11.5 (LTS) > https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=3f2635c5a9c3 > https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=81e969483020 > https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=e4a7c14f0248 > https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=319b498e4b16 > https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=6a3a414698e4 > https://git.dpdk.org/dpdk-stable/commit/?h=19.11&id=e2666ec24535 > > -- > DPDK Security Team > http://core.dpdk.org/security/ > > > > > > > > -- Mauro Matteo Cascella Red Hat Product Security PGP-Key ID: BB3410B0
