{ "threat_severity" : "Moderate", "public_date" : "2022-04-29T00:00:00Z", "bugzilla" : { "description" : "DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash", "id" : "2025882", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2025882" }, "cvss3" : { "cvss3_base_score" : "7.5", "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-125", "details" : [ "A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability.", "A flaw was found in the vhost library in DPDK. Function vhost_user_set_inflight_fd() does not validate `msg->payload.inflight.num_queues`, possibly causing out-of-bounds memory read/write. Any software using DPDK vhost library may crash as a result of this vulnerability." ], "statement" : "This flaw does not affect Red Hat Ceph Storage 3 and 4 as dpdk (embedded in ceph source rpm) is not built in the packages, therefore the vulnerable code is not available in the resulting RPM and the issue cannot be exploited.", "acknowledgement" : "Red Hat would like to thank Wenxiang Qian for reporting this issue.", "affected_release" : [ { "product_name" : "Fast Datapath for Red Hat Enterprise Linux 8", "release_date" : "2022-05-27T00:00:00Z", "advisory" : "RHSA-2022:4786", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package" : "openvswitch2.13-0:2.13.0-180.el8fdp" }, { "product_name" : "Fast Datapath for Red Hat Enterprise Linux 8", "release_date" : "2022-05-27T00:00:00Z", "advisory" : "RHSA-2022:4787", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package" : "openvswitch2.15-0:2.15.0-99.el8fdp" }, { "product_name" : "Fast Datapath for Red Hat Enterprise Linux 8", "release_date" : "2022-05-27T00:00:00Z", "advisory" : "RHSA-2022:4788", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package" : "openvswitch2.16-0:2.16.0-74.el8fdp" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2022-11-15T00:00:00Z", "advisory" : "RHSA-2022:8263", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "dpdk-2:21.11.2-1.el9_1" } ], "package_state" : [ { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Will not fix", "package_name" : "openvswitch", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Not affected", "package_name" : "openvswitch2.11", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Out of support scope", "package_name" : "openvswitch2.13", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Out of support scope", "package_name" : "openvswitch2.15", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.11", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.17", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Red Hat Ceph Storage 3", "fix_state" : "Not affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:3" }, { "product_name" : "Red Hat Ceph Storage 4", "fix_state" : "Not affected", "package_name" : "ceph", "cpe" : "cpe:/a:redhat:ceph_storage:4" }, { "product_name" : "Red Hat Enterprise Linux 7", "fix_state" : "Out of support scope", "package_name" : "dpdk", "cpe" : "cpe:/o:redhat:enterprise_linux:7" }, { "product_name" : "Red Hat Enterprise Linux 8", "fix_state" : "Will not fix", "package_name" : "dpdk", "cpe" : "cpe:/o:redhat:enterprise_linux:8" }, { "product_name" : "Red Hat Virtualization 4", "fix_state" : "Will not fix", "package_name" : "openvswitch2.11", "cpe" : "cpe:/o:redhat:rhev_hypervisor:4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2021-3839\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3839" ], "name" : "CVE-2021-3839", "mitigation" : { "value" : "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base or stability.", "lang" : "en:us" }, "csaw" : false }