Your submission was sent successfully! Close

CVE-2021-3839

Published: 29 April 2022

In DPDK Vhost communication, we didn't test if msg->payload.inflight.num_queues is out of bounds in function ‘vhost_user_set_inflight_fd()’, and could cause the program to write OOB.

Priority

Medium

Status

Package Release Status
dpdk
Launchpad, Ubuntu, Debian
bionic Not vulnerable
(code not present)
focal
Released (19.11.12-0ubuntu0.20.04.1)
impish
Released (20.11.5-0ubuntu1)
jammy
Released (21.11.1-0ubuntu0.3)
upstream Needs triage

xenial Not vulnerable
(code not present)