{"affected":[{"ecosystem_specific":{"binaries":[{"libdpdk-20_0":"19.11.4-3.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Package Hub 15 SP2","name":"dpdk","purl":"pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"19.11.4-3.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"dpdk":"19.11.4-3.9.1","dpdk-devel":"19.11.4-3.9.1","dpdk-kmp-default":"19.11.4_k5.3.18_24.15-3.9.1","dpdk-thunderx":"19.11.4-3.9.1","dpdk-thunderx-devel":"19.11.4-3.9.1","dpdk-thunderx-kmp-default":"19.11.4_k5.3.18_24.15-3.9.1","dpdk-tools":"19.11.4-3.9.1","libdpdk-20_0":"19.11.4-3.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP2","name":"dpdk","purl":"pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"19.11.4-3.9.1"}],"type":"ECOSYSTEM"}]},{"ecosystem_specific":{"binaries":[{"dpdk":"19.11.4-3.9.1","dpdk-devel":"19.11.4-3.9.1","dpdk-kmp-default":"19.11.4_k5.3.18_24.15-3.9.1","dpdk-thunderx":"19.11.4-3.9.1","dpdk-thunderx-devel":"19.11.4-3.9.1","dpdk-thunderx-kmp-default":"19.11.4_k5.3.18_24.15-3.9.1","dpdk-tools":"19.11.4-3.9.1","libdpdk-20_0":"19.11.4-3.9.1"}]},"package":{"ecosystem":"SUSE:Linux Enterprise Module for Server Applications 15 SP2","name":"dpdk-thunderx","purl":"pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"19.11.4-3.9.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for dpdk fixes the following issues:\n\n- dpdk was updated to 19.11.4\n  - CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-14378: Fixed multiple issues where a malicious guest could \n    harm the host using vhost crypto, including executing code in host (VM Escape), reading host application memory space to guest \n    and causing partially denial of service in the host(bsc#1176590).\n- For a list of fixes check:\n  https://doc.dpdk.org/guides-19.11/rel_notes/release_19_11.html#id8\n  denial of service in the host (bsc#1176590).\n","id":"SUSE-SU-2020:2770-1","modified":"2020-09-28T15:49:35Z","published":"2020-09-28T15:49:35Z","references":[{"type":"ADVISORY","url":"https://www.suse.com/support/update/announcement/2020/suse-su-20202770-1/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176590"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14374"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14375"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14376"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14377"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14378"}],"related":["CVE-2020-14374","CVE-2020-14375","CVE-2020-14376","CVE-2020-14377","CVE-2020-14378"],"summary":"Security update for dpdk","upstream":["CVE-2020-14374","CVE-2020-14375","CVE-2020-14376","CVE-2020-14377","CVE-2020-14378"]}