CVE-2021-3839 log

Severity Medium
Remote No
Type Denial of service
In function vhost_user_set_inflight_fd() which is in DPDK Vhost library,  msg->payload.inflight.num_queues doesn't get checked to determine if it's out of bounds. So it could cause the program to write/read out of boundary. And in the end the software using DPDK Vhost library may crash.
Group Package Affected Fixed Severity Status Ticket
AVG-2697 dpdk 21.11-1 22.03-1 Medium Fixed