UbuntuUpdates.org

Package "librte-mempool-ring20.0"

Name: librte-mempool-ring20.0

Description:

Data Plane Development Kit (librte_mempool_ring runtime library)

Latest version: 19.11.3-0ubuntu0.2
Release: focal (20.04)
Level: security
Repository: main
Head package: dpdk
Homepage: https://www.dpdk.org

Links


Download "librte-mempool-ring20.0"


Other versions of "librte-mempool-ring20.0" in Focal

Repository Area Version
base main 19.11.1-0ubuntu1
updates main 19.11.3-0ubuntu0.2

Changelog

Version: 19.11.3-0ubuntu0.2 2020-09-28 18:06:24 UTC

  dpdk (19.11.3-0ubuntu0.2) focal-security; urgency=medium

  * SECURITY UPDATE: Multiple security issues
    - debian/patches/CVE-2020-1437x/*.patch: added upstream patches to fix
      the issues.
    - CVE-2020-14374
    - CVE-2020-14375
    - CVE-2020-14376
    - CVE-2020-14377
    - CVE-2020-14378

 -- Marc Deslauriers <email address hidden> Thu, 17 Sep 2020 08:29:30 -0400

Source diff to previous version
CVE-2020-1437 An elevation of privilege vulnerability exists in the way that the Windows Network Location Awareness Service handles objects in memory, aka 'Windows
CVE-2020-14374 RESERVED
CVE-2020-14375 RESERVED
CVE-2020-14376 RESERVED
CVE-2020-14377 RESERVED
CVE-2020-14378 RESERVED

Version: 19.11.1-0ubuntu1.1 2020-05-18 17:06:53 UTC

  dpdk (19.11.1-0ubuntu1.1) focal-security; urgency=medium

  * SECURITY UPDATE: Integer overflow in vhost_user_set_log_base()
    - d/p/0001-vhost-check-log-mmap-offset-and-size-overflow.patch: check
      log mmap offset and size overflow in lib/librte_vhost/vhost_user.c.
    - CVE-2020-10722
  * SECURITY UPDATE: Int truncation in vhost_user_check_and_alloc_queue_pair()
    - d/p/0002-vhost-fix-vring-index-check.patch: fix vring index check in
      lib/librte_vhost/vhost_user.c.
    - CVE-2020-10723
  * SECURITY UPDATE: Missing inputs validation in Vhost-crypto
    - d/p/0003-vhost-crypto-validate-keys-lengths.patch: validate keys
      lengths in lib/librte_vhost/vhost_crypto.c.
    - CVE-2020-10724
  * SECURITY UPDATE: Malicious guest could cause segfault by sending
    invalid Virtio descriptor
    - d/p/0004-vhost-fix-translated-address-not-checked.patch: fix
      translated address not checked in lib/librte_vhost/virtio_net.c.
    - CVE-2020-10725
  * SECURITY UPDATE: VHOST_USER_GET_INFLIGHT_FD message flooding to result
    in a DOS
    - d/p/0005-vhost-fix-potential-memory-space-leak.patch: fix potential
      memory space leak in lib/librte_vhost/vhost_user.c.
    - d/p/0006-vhost-fix-potential-fd-leak.patch: fix potential fd leak in
      lib/librte_vhost/vhost_user.c.
    - CVE-2020-10726

 -- Marc Deslauriers <email address hidden> Tue, 12 May 2020 07:34:18 -0400

CVE-2020-10722 RESERVED
CVE-2020-10723 RESERVED
CVE-2020-10724 RESERVED
CVE-2020-10725 RESERVED
CVE-2020-10726 RESERVED



About   -   Send Feedback to @ubuntu_updates