CVE-2022-2132
HIGHDPDK < 19.11 - Denial of Service via Crafted Vhost Header
Title source: llmDescription
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.
References (3)
Core 3
Core References
Exploit, Issue Tracking, Third Party Advisory x_refsource_misc
https://bugzilla.redhat.com/show_bug.cgi?id=2099475
Exploit, Issue Tracking, Patch, Vendor Advisory x_refsource_misc
https://bugs.dpdk.org/show_bug.cgi?id=1031
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html
Scores
CVSS v3
8.6
EPSS
0.0054
EPSS Percentile
67.8%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
Details
CWE
CWE-791
Status
published
Products (12)
debian/debian_linux
10.0
dpdk/data_plane_development_kit
< 19.11
fedoraproject/fedora
36
redhat/enterprise_linux
7.0
redhat/enterprise_linux
8.0
redhat/enterprise_linux
9.0
redhat/enterprise_linux_fast_datapath
7.0
redhat/enterprise_linux_fast_datapath
8.0
redhat/enterprise_linux_fast_datapath
9.0
redhat/openshift_container_platform
4.0
... and 2 more
Published
Aug 31, 2022
Tracked Since
Feb 18, 2026