Headline
RHSA-2023:0168: Red Hat Security Advisory: dpdk security update
An update for dpdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- OpenShift Dev Spaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2023-01-16
Updated:
2023-01-16
RHSA-2023:0168 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: dpdk security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for dpdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space.
Security Fix(es):
- dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1 ppc64le
- Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1 x86_64
Fixes
- BZ - 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Enterprise Linux Server for Power LE - Update Services for SAP Solutions 8.1
SRPM
dpdk-18.11.2-5.el8_1.src.rpm
SHA-256: d94cb16356a99bc233ba156f76bebed621e25c0063979547bafdcc11fb7418d0
ppc64le
dpdk-18.11.2-5.el8_1.ppc64le.rpm
SHA-256: 869b586cd8b2749af0280209e16f3416fba85f62eff3dcca8f44d583b1b26716
dpdk-debuginfo-18.11.2-5.el8_1.ppc64le.rpm
SHA-256: 9e5ce88351b754ea1080b6f248d32680fd18fbb88000dc3b477ffa81406eb3ff
dpdk-debugsource-18.11.2-5.el8_1.ppc64le.rpm
SHA-256: 849f4a22a71e18cb3b409c28079142a3e43258d21a0f554d0600e60e1a3b6f0e
dpdk-devel-18.11.2-5.el8_1.ppc64le.rpm
SHA-256: c797fb53923f4c4c23ec5c7bf7f3a56ebef3a28bf92413426088eba6409c45df
dpdk-devel-debuginfo-18.11.2-5.el8_1.ppc64le.rpm
SHA-256: 933e28ecd9c974f3699d4a2b4a75e0bae3d57ae48bd53f38698e8a41dff63198
dpdk-doc-18.11.2-5.el8_1.noarch.rpm
SHA-256: c653fe68bdef84771caa9b9cb072c1ceed1e5ebfad8c78d5c18679ac2313a55d
dpdk-tools-18.11.2-5.el8_1.ppc64le.rpm
SHA-256: 5e499df06231854c54daa7d66523624e3c49e70049c08ea65ce480ba89fc7af8
Red Hat Enterprise Linux for x86_64 - Update Services for SAP Solutions 8.1
SRPM
dpdk-18.11.2-5.el8_1.src.rpm
SHA-256: d94cb16356a99bc233ba156f76bebed621e25c0063979547bafdcc11fb7418d0
x86_64
dpdk-18.11.2-5.el8_1.x86_64.rpm
SHA-256: cc9f8e17a5e84cc581a7499970359f173a97dd5678cb69e7ba7fbc3487c49220
dpdk-debuginfo-18.11.2-5.el8_1.x86_64.rpm
SHA-256: 5e3ed66df0dbe30c11ddf1c8c44bd5700306cc265ace832ece41bfa08107fcc7
dpdk-debugsource-18.11.2-5.el8_1.x86_64.rpm
SHA-256: 486d6cb083cc06abbce0b4888374992870bf040dc4369ab360989347b201263d
dpdk-devel-18.11.2-5.el8_1.x86_64.rpm
SHA-256: dc3eb8b3216c71a35fcbaa82410180ff3ad0d4553a64bd234ec3f70f7228b30a
dpdk-devel-debuginfo-18.11.2-5.el8_1.x86_64.rpm
SHA-256: a5b9e63fb562f67153ad4aff17503bb8ac2018f331f060e6ef4e65b10fda15f1
dpdk-doc-18.11.2-5.el8_1.noarch.rpm
SHA-256: c653fe68bdef84771caa9b9cb072c1ceed1e5ebfad8c78d5c18679ac2313a55d
dpdk-tools-18.11.2-5.el8_1.x86_64.rpm
SHA-256: 9aa12716d8acb91ff554855fd89c4fe98a6f2e81fea4fd1b512418fb688b4241
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-0170-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0169-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
An update for dpdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Security Advisory 2022-7268-01 - An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Issues addressed include a denial of service vulnerability.
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...
Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.
Red Hat Security Advisory 2022-6382-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6386-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs