Back to search
CVE-2018-1059
Published: Apr 24, 2018
Modified: Sep 17, 2024
PUBLISHED
Description
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.
| Vendor | Product | Versions |
|---|---|---|
Red Hat, Inc. | DPDK | affected before 18.02.1 |
Weaknesses (CWE)
References
RHSA-2018:2524
vendor-advisory
x_refsource_REDHAT
RHSA-2018:2102
vendor-advisory
x_refsource_REDHAT
https://access.redhat.com/security/cve/cve-2018-1059
x_refsource_MISC
USN-3642-2
vendor-advisory
x_refsource_UBUNTU
RHSA-2018:2038
vendor-advisory
x_refsource_REDHAT
USN-3642-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2018:1267
vendor-advisory
x_refsource_REDHAT
https://bugzilla.redhat.com/show_bug.cgi?id=1544298
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now