---

CVE-2021-3839 - log back

CVE-2021-3839 edited at 13 May 2022 09:33:41
Severity	- Unknown + Medium
Remote	- Unknown + Local
Type	- Unknown + Denial of service

CVE-2021-3839 edited at 09 May 2022 21:27:33
Description	+ In function vhost_user_set_inflight_fd() which is in DPDK Vhost library, msg->payload.inflight.num_queues doesn't get checked to determine if it's out of bounds. So it could cause the program to write/read out of boundary. And in the end the software using DPDK Vhost library may crash.

CVE-2021-3839 edited at 09 May 2022 21:23:02
Description
References	+ https://bugs.dpdk.org/show_bug.cgi?id=657 + https://github.com/DPDK/dpdk/commit/6442c329b9d2ded0f44b27d2016aaba8ba5844c5 + https://github.com/DPDK/dpdk/commit/ad0a4ae491fe3b10338441dfdf11a9b3a1c05798
Notes

CVE-2021-3839 created at 09 May 2022 21:20:03