{"affected":[{"ecosystem_specific":{"binaries":[{"dpdk":"19.11.4-lp152.2.8.1","dpdk-devel":"19.11.4-lp152.2.8.1","dpdk-doc":"19.11.4-lp152.2.8.1","dpdk-examples":"19.11.4-lp152.2.8.1","dpdk-kmp-default":"19.11.4_k5.3.18_lp152.41-lp152.2.8.1","dpdk-kmp-preempt":"19.11.4_k5.3.18_lp152.41-lp152.2.8.1","dpdk-tools":"19.11.4-lp152.2.8.1","libdpdk-20_0":"19.11.4-lp152.2.8.1"}]},"package":{"ecosystem":"openSUSE:Leap 15.2","name":"dpdk","purl":"pkg:rpm/opensuse/dpdk&distro=openSUSE%20Leap%2015.2"},"ranges":[{"events":[{"introduced":"0"},{"fixed":"19.11.4-lp152.2.8.1"}],"type":"ECOSYSTEM"}]}],"aliases":[],"details":"This update for dpdk fixes the following issues:\n\n- dpdk was updated to 19.11.4\n  - CVE-2020-14374,CVE-2020-14375,CVE-2020-14376,CVE-2020-14377,CVE-2020-14378: Fixed multiple issues where a malicious guest could \n    harm the host using vhost crypto, including executing code in host (VM Escape), reading host application memory space to guest \n    and causing partially denial of service in the host(bsc#1176590).\n- For a list of fixes check:\n  https://doc.dpdk.org/guides-19.11/rel_notes/release_19_11.html#id8\n  denial of service in the host (bsc#1176590).\n\nThis update was imported from the SUSE:SLE-15-SP2:Update update project.","id":"openSUSE-SU-2020:1599-1","modified":"2020-10-03T22:22:25Z","published":"2020-10-03T22:22:25Z","references":[{"type":"ADVISORY","url":"https://lists.opensuse.org/archives/list/security-announce@lists.opensuse.org/thread/YBSGY453NNB4LDJYA3J7SNEOJKG5HCAD/"},{"type":"REPORT","url":"https://bugzilla.suse.com/1176590"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14374"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14375"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14376"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14377"},{"type":"WEB","url":"https://www.suse.com/security/cve/CVE-2020-14378"}],"related":["CVE-2020-14374","CVE-2020-14375","CVE-2020-14376","CVE-2020-14377","CVE-2020-14378"],"summary":"Security update for dpdk","upstream":["CVE-2020-14374","CVE-2020-14375","CVE-2020-14376","CVE-2020-14377","CVE-2020-14378"]}