#VU66809 Error Handling in DPDK - CVE-2022-28199

Cybersecurity Help s.r.o.

Published: 2022-08-29 | Updated: 2022-08-31

Vulnerability identifier: #VU66809

Vulnerability risk: Medium

CVSSv4.0: 4.6 [CVSS:4.0/AV:A/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green]

CVE-ID: CVE-2022-28199

CWE-ID: CWE-388

Exploitation vector: Local network

Exploit availability: No

Vulnerable software:
DPDK
Server applications / Frameworks for developing and running applications

Vendor: DPDK Project

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to incorrect error handling of data within the mlx5 driver. A remote guest can send specially crafted packets to the application and perform a denial of service (DoS) attack.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

DPDK: 19.02 - 19.11.12, 20.02 - 20.11.5, 21.02 - 21.11.1

External links
https://nvidia.custhelp.com/app/answers/detail/a_id/5389
https://bugs.dpdk.org/show_bug.cgi?id=1031
https://git.dpdk.org/dpdk/commit/?id=60b254e3923d007bcadbb8d410f95ad89a2f13fa
https://www.openwall.com/lists/oss-security/2022/08/29/3

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the local network (LAN).

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in Oracle Communications Session Border Controller

Red Hat Enterprise Linux 9 update for dpdk

Multiple vulnerabilities in Oracle Linux

openEuler update for dpdk

SUSE update for dpdk

Multiple vulnerabilities in OpenShift Container Platform 4.11

Red Hat Enterprise Linux Fast Datapath 8 update for openvswitch2.13

Red Hat Enterprise Linux Fast Datapath 9 update for openvswitch2.17