{"dataType":"CVE_RECORD","dataVersion":"5.1","cveMetadata":{"state":"PUBLISHED","cveId":"CVE-2019-14818","assignerOrgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","assignerShortName":"redhat","dateUpdated":"2024-08-05T00:26:39.137Z","dateReserved":"2019-08-10T00:00:00.000Z","datePublished":"2019-11-14T00:00:00.000Z"},"containers":{"cna":{"providerMetadata":{"orgId":"53f830b8-0a3f-465b-8143-3b8a9948e749","shortName":"redhat","dateUpdated":"2022-10-07T00:00:00.000Z"},"descriptions":[{"lang":"en","value":"A flaw was found in all dpdk version 17.x.x before 17.11.8, 16.x.x before 16.11.10, 18.x.x before 18.11.4 and 19.x.x before 19.08.1 where a malicious master, or a container with access to vhost_user socket, can send specially crafted VRING_SET_NUM messages, resulting in a memory leak including file descriptors. This flaw could lead to a denial of service condition."}],"affected":[{"vendor":"DPDK","product":"dpdk","versions":[{"version":"all dpdk version 17.x.x before 17.11.8","status":"affected"},{"version":"all dpdk version 16.x.x before 16.11.10","status":"affected"},{"version":"all dpdk version 18.x.x before 18.11.4","status":"affected"},{"version":"all dpdk version 19.x.x before 19.08.1","status":"affected"}]}],"references":[{"name":"FEDORA-2019-019df9a459","tags":["vendor-advisory"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ULJ3C7OVBOEVDGSHYC3VCLSUHANGTFFP/"},{"name":"RHSA-2020:0166","tags":["vendor-advisory"],"url":"https://access.redhat.com/errata/RHSA-2020:0166"},{"name":"RHSA-2020:0165","tags":["vendor-advisory"],"url":"https://access.redhat.com/errata/RHSA-2020:0165"},{"name":"RHSA-2020:0168","tags":["vendor-advisory"],"url":"https://access.redhat.com/errata/RHSA-2020:0168"},{"name":"RHSA-2020:0172","tags":["vendor-advisory"],"url":"https://access.redhat.com/errata/RHSA-2020:0172"},{"name":"RHSA-2020:0171","tags":["vendor-advisory"],"url":"https://access.redhat.com/errata/RHSA-2020:0171"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14818"},{"url":"https://bugs.dpdk.org/show_bug.cgi?id=363"}],"metrics":[{"cvssV3_0":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"NONE","userInteraction":"NONE","scope":"UNCHANGED","confidentialityImpact":"NONE","integrityImpact":"NONE","availabilityImpact":"HIGH","baseScore":7.5,"baseSeverity":"HIGH"}}],"problemTypes":[{"descriptions":[{"type":"CWE","lang":"en","description":"CWE-401","cweId":"CWE-401"}]}]},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-05T00:26:39.137Z"},"title":"CVE Program Container","references":[{"name":"FEDORA-2019-019df9a459","tags":["vendor-advisory","x_transferred"],"url":"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ULJ3C7OVBOEVDGSHYC3VCLSUHANGTFFP/"},{"name":"RHSA-2020:0166","tags":["vendor-advisory","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2020:0166"},{"name":"RHSA-2020:0165","tags":["vendor-advisory","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2020:0165"},{"name":"RHSA-2020:0168","tags":["vendor-advisory","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2020:0168"},{"name":"RHSA-2020:0172","tags":["vendor-advisory","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2020:0172"},{"name":"RHSA-2020:0171","tags":["vendor-advisory","x_transferred"],"url":"https://access.redhat.com/errata/RHSA-2020:0171"},{"url":"https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2019-14818","tags":["x_transferred"]},{"url":"https://bugs.dpdk.org/show_bug.cgi?id=363","tags":["x_transferred"]}]}]}}