Ubuntu Security Notice 5401-1 - Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An attacker could use this issue to cause DPDK to crash, resulting in a denial of service, or possibly execute arbitrary code. It was discovered that DPDK incorrectly handled inflight type messages. An attacker could possibly use this issue to cause DPDK to consume resources, leading to a denial of service.
0c60a1f895a3ce054f03d56b5bce1371c5b1df054e25a3d1589b048b89fe829f
==========================================================================
Ubuntu Security Notice USN-5401-1
May 04, 2022
dpdk vulnerabilities
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 22.04 LTS
- Ubuntu 21.10
- Ubuntu 20.04 LTS
Summary:
Several security issues were fixed in DPDK.
Software Description:
- dpdk: set of libraries for fast packet processing
Details:
Wenxiang Qian discovered that DPDK incorrectly checked certain payloads. An
attacker could use this issue to cause DPDK to crash, resulting in a denial
of service, or possibly execute arbitrary code. (CVE-2021-3839)
It was discovered that DPDK incorrectly handled inflight type messages. An
attacker could possibly use this issue to cause DPDK to consume resources,
leading to a denial of service. (CVE-2022-0669)
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 22.04 LTS:
dpdk 21.11.1-0ubuntu0.3
Ubuntu 21.10:
dpdk 20.11.5-0ubuntu1
Ubuntu 20.04 LTS:
dpdk 19.11.12-0ubuntu0.20.04.1
In general, a standard system update will make all the necessary changes.
References:
https://ubuntu.com/security/notices/USN-5401-1
CVE-2021-3839, CVE-2022-0669
Package Information:
https://launchpad.net/ubuntu/+source/dpdk/21.11.1-0ubuntu0.3
https://launchpad.net/ubuntu/+source/dpdk/20.11.5-0ubuntu1
https://launchpad.net/ubuntu/+source/dpdk/19.11.12-0ubuntu0.20.04.1