CVE-2020-10723

Name
CVE-2020-10723
Description
A memory corruption issue was found in DPDK versions 17.05 and above. This flaw is caused by an integer truncation on the index of a payload. Under certain circumstances, the index (a UInt) is copied and truncated into a uint16, which can lead to out of bound indexing and possible memory corruption.
NVD Severity
medium
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
Mailing List https://www.openwall.com/lists/oss-security/2020/05/18/2
Issue Tracking https://bugs.dpdk.org/show_bug.cgi?id=268
Issue Tracking https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2020-10723
Third Party Advisory https://usn.ubuntu.com/4362-1/
SUSE http://lists.opensuse.org/opensuse-security-announce/2020-05/msg00045.html
FEDORA https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/HRHKFVV4MRWNNJOYQOVP64L4UVWYPEO4/
MISC https://www.oracle.com/security-alerts/cpuoct2020.html
MISC https://www.oracle.com/security-alerts/cpujan2021.html

Match rules

CPE URI Source package Min version Max version
cpe:2.3:a:dpdk:data_plane_development_kit:*:*:*:*:*:*:*:* data_plane_development_kit >= None <= 17.05

Vulnerable and fixed packages

Source package Branch Version Maintainer Status