{ "threat_severity" : "Important", "public_date" : "2024-12-17T00:00:00Z", "bugzilla" : { "description" : "dpdk: Denial Of Service from malicious guest on hypervisors using DPDK Vhost library", "id" : "2327955", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2327955" }, "cvss3" : { "cvss3_base_score" : "7.4", "cvss3_scoring_vector" : "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H", "status" : "verified" }, "cwe" : "CWE-125", "details" : [ "An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset.", "An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest to crash the hypervisor's vSwitch by forging Virtio descriptors to cause out-of-bounds reads. This flaw allows an attacker with a malicious VM using a virtio driver to cause the vhost-user side to crash by sending a packet with a Tx checksum offload request and an invalid csum_start offset." ], "statement" : "Affected versions are only vulnerable if the Vhost-based application registers devices with the RTE_VHOST_USER_NET_COMPLIANT_OL_FLAGS flag.\nOVS-DPDK uses the DPDK Vhost library but does not pass this flag, so it is affected but not vulnerable.", "affected_release" : [ { "product_name" : "Fast Datapath for Red Hat Enterprise Linux 8", "release_date" : "2025-04-17T00:00:00Z", "advisory" : "RHSA-2025:3970", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package" : "openvswitch3.1-0:3.1.0-159.el8fdp" }, { "product_name" : "Fast Datapath for Red Hat Enterprise Linux 9", "release_date" : "2025-04-17T00:00:00Z", "advisory" : "RHSA-2025:3963", "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "package" : "openvswitch3.1-0:3.1.0-149.el9fdp" }, { "product_name" : "Fast Datapath for Red Hat Enterprise Linux 9", "release_date" : "2025-04-17T00:00:00Z", "advisory" : "RHSA-2025:3964", "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "package" : "openvswitch3.3-0:3.3.0-92.el9fdp" }, { "product_name" : "Fast Datapath for Red Hat Enterprise Linux 9", "release_date" : "2025-04-17T00:00:00Z", "advisory" : "RHSA-2025:3965", "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "package" : "openvswitch3.4-0:3.4.0-48.el9fdp" }, { "product_name" : "Red Hat Enterprise Linux 8", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0222", "cpe" : "cpe:/a:redhat:enterprise_linux:8", "package" : "dpdk-0:23.11-2.el8_10" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Advanced Mission Critical Update Support", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0221", "cpe" : "cpe:/a:redhat:rhel_aus:8.6", "package" : "dpdk-0:21.11-3.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Telecommunications Update Service", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0221", "cpe" : "cpe:/a:redhat:rhel_tus:8.6", "package" : "dpdk-0:21.11-3.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.6 Update Services for SAP Solutions", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0221", "cpe" : "cpe:/a:redhat:rhel_e4s:8.6", "package" : "dpdk-0:21.11-3.el8_6" }, { "product_name" : "Red Hat Enterprise Linux 8.8 Extended Update Support", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0220", "cpe" : "cpe:/a:redhat:rhel_eus:8.8", "package" : "dpdk-0:21.11-4.el8_8" }, { "product_name" : "Red Hat Enterprise Linux 9", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0210", "cpe" : "cpe:/a:redhat:enterprise_linux:9", "package" : "dpdk-2:23.11-2.el9_5" }, { "product_name" : "Red Hat Enterprise Linux 9.0 Update Services for SAP Solutions", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0211", "cpe" : "cpe:/a:redhat:rhel_e4s:9.0", "package" : "dpdk-2:21.11-3.el9_0" }, { "product_name" : "Red Hat Enterprise Linux 9.2 Extended Update Support", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0208", "cpe" : "cpe:/a:redhat:rhel_eus:9.2", "package" : "dpdk-2:22.11-4.el9_2" }, { "product_name" : "Red Hat Enterprise Linux 9.4 Extended Update Support", "release_date" : "2025-01-09T00:00:00Z", "advisory" : "RHSA-2025:0209", "cpe" : "cpe:/a:redhat:rhel_eus:9.4", "package" : "dpdk-2:23.11-2.el9_4" } ], "package_state" : [ { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Not affected", "package_name" : "dpdk", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Not affected", "package_name" : "openvswitch", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Not affected", "package_name" : "openvswitch2.10", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Not affected", "package_name" : "openvswitch2.11", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 7", "fix_state" : "Not affected", "package_name" : "openvswitch2.12", "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.11", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.12", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.13", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.15", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.16", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 8", "fix_state" : "Not affected", "package_name" : "openvswitch2.17", "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 9", "fix_state" : "Not affected", "package_name" : "openvswitch2.17", "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 9", "fix_state" : "Not affected", "package_name" : "openvswitch3.0", "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath" }, { "product_name" : "Fast Datapath for RHEL 9", "fix_state" : "Not affected", "package_name" : "openvswitch3.2", "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openvswitch2.17", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openvswitch3.0", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openvswitch3.1", "cpe" : "cpe:/a:redhat:openshift:4" }, { "product_name" : "Red Hat OpenShift Container Platform 4", "fix_state" : "Not affected", "package_name" : "openvswitch3.3", "cpe" : "cpe:/a:redhat:openshift:4" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2024-11614\nhttps://nvd.nist.gov/vuln/detail/CVE-2024-11614" ], "name" : "CVE-2024-11614", "csaw" : false }