CVE-2021-3839 log

Source	CVE Red Hat MITRE NVD Debian Ubuntu SUSE Alpine Mageia CVE Details CIRCL Bugs Arch Linux Red Hat Gentoo SUSE GitHub Lists oss-security full-disclosure bugtraq Misc GitHub code web search
Severity	Medium
Remote	No
Type	Denial of service
Description	In function vhost_user_set_inflight_fd() which is in DPDK Vhost library, msg->payload.inflight.num_queues doesn't get checked to determine if it's out of bounds. So it could cause the program to write/read out of boundary. And in the end the software using DPDK Vhost library may crash.

Group	Package	Affected	Fixed	Severity	Status	Ticket
AVG-2697	dpdk	21.11-1	22.03-1	Medium	Fixed

References
https://bugs.dpdk.org/show_bug.cgi?id=657 https://github.com/DPDK/dpdk/commit/6442c329b9d2ded0f44b27d2016aaba8ba5844c5 https://github.com/DPDK/dpdk/commit/ad0a4ae491fe3b10338441dfdf11a9b3a1c05798