dpdk-thunderx (SUSE:Linux Enterprise Module for Server Applications 15 SP2) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Module for Server Applications 15 SP2 package dpdk-thunderx, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (5)
CVE-2020-14374 — CVSS 8.8 (high): A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A flawed bounds checking in the copy_data function leads to a…
CVE-2020-14375 — CVSS 7.8 (high): A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. Virtio ring descriptors, and the data they describe are in a…
CVE-2020-14376 — CVSS 7.8 (high): A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A lack of bounds checking when copying iv_data from the VM guest…
CVE-2020-14377 — CVSS 7.1 (high): A flaw was found in dpdk in versions before 18.11.10 and before 19.11.5. A complete lack of validation of attacker-controlled parameters…
CVE-2020-14378 — CVSS 3.3 (low): An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU…