AlmaLinux 2325 Published by

A dpdk security and bug fix update has been released for AlmaLinux 9.



ALSA-2022:8263 Important: dpdk security and bug fix update


Type:
security

Severity:
important

Release date:
2022-11-18

Description
Security Fix(es):
* dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)
* DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash (CVE-2021-3839)
* dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service (CVE-2022-28199)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:
RHSA-2022:8263
CVE-2021-3839
CVE-2022-2132
CVE-2022-28199
ALSA-2022:8263

Updates packages:
dpdk-doc-21.11.2-1.el9_1.noarch.rpm
dpdk-tools-21.11.2-1.el9_1.x86_64.rpm
dpdk-21.11.2-1.el9_1.x86_64.rpm
dpdk-devel-21.11.2-1.el9_1.x86_64.rpm
dpdk-devel-21.11.2-1.el9_1.ppc64le.rpm
dpdk-tools-21.11.2-1.el9_1.ppc64le.rpm
dpdk-21.11.2-1.el9_1.ppc64le.rpm
dpdk-tools-21.11.2-1.el9_1.aarch64.rpm
dpdk-devel-21.11.2-1.el9_1.aarch64.rpm
dpdk-21.11.2-1.el9_1.aarch64.rpm

Notes:
This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.

  ALSA-2022:8263 Important: dpdk security and bug fix update