CVE-2022-2132 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	8.6 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 67%

Affected Products (NVD)

Vendor	Product	Version
dpdk	data_plane_development_kit	𝑥 < 19.11
dpdk	data_plane_development_kit	20.0 ≤ 𝑥 < 20.11
dpdk	data_plane_development_kit	21.0 ≤ 𝑥 < 21.11
debian	debian_linux	10.0
redhat	enterprise_linux_fast_datapath	7.0
redhat	enterprise_linux_fast_datapath	8.0
redhat	enterprise_linux_fast_datapath	9.0
redhat	openshift_container_platform	4.0
redhat	openstack_platform	13.0
redhat	virtualization	4.0
redhat	enterprise_linux	7.0
redhat	enterprise_linux	8.0
redhat	enterprise_linux	9.0

𝑥

= Vulnerable software versions

Debian Releases

Debian Product

Codename

dpdk

bookworm	22.11.5-1~deb12u1 fixed
bullseye	20.11.10-1~deb11u1 fixed
bullseye (security)	20.11.6-1~deb11u1 fixed
sid	23.11.2-2 fixed
trixie	23.11.2-2 fixed

Ubuntu Releases

Ubuntu Product

Codename

dpdk

bionic	Fixed 17.11.10-0ubuntu0.2 released
focal	Fixed 19.11.13-0ubuntu0.20.04.1 released
jammy	Fixed 21.11.2-0ubuntu0.22.04.1 released
kinetic	Fixed 21.11.2-0ubuntu1 released
lunar	Fixed 21.11.2-0ubuntu1 released
mantic	Fixed 21.11.2-0ubuntu1 released
noble	Fixed 21.11.2-0ubuntu1 released
trusty	dne
xenial	needed

openSUSE / SLES Releases

openSUSE Product

Release

dpdk

suse enterprise sap 12 SP5	18.11.9-3.29.1 fixed
suse enterprise sap 15 SP3	19.11.4-150300.16.1 fixed
suse enterprise sap 15 SP4	19.11.10-150400.4.7.1 fixed
suse enterprise sap 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise sap 15 SP7	24.11.1-150700.1.17 fixed
suse enterprise server 12 SP5	18.11.9-3.29.1 fixed
suse enterprise server 15	18.11.9-150000.3.32.2 fixed
suse enterprise server 15 SP1	18.11.9-150100.4.19.1 fixed
suse enterprise server 15 SP2	19.11.4-150200.3.25.1 fixed
suse enterprise server 15 SP3	19.11.4-150300.21.1 fixed
suse enterprise server 15 SP4	19.11.10-150400.4.12.1 fixed
suse enterprise server 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise server 15 SP7	24.11.1-150700.1.17 fixed

dpdk-devel

suse enterprise sap 15 SP3	19.11.4-150300.16.1 fixed
suse enterprise sap 15 SP4	19.11.10-150400.4.7.1 fixed
suse enterprise sap 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise sap 15 SP7	24.11.1-150700.1.17 fixed
suse enterprise server 15	18.11.9-150000.3.32.2 fixed
suse enterprise server 15 SP1	18.11.9-150100.4.19.1 fixed
suse enterprise server 15 SP2	19.11.4-150200.3.25.1 fixed
suse enterprise server 15 SP3	19.11.4-150300.21.1 fixed
suse enterprise server 15 SP4	19.11.10-150400.4.12.1 fixed
suse enterprise server 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise server 15 SP7	24.11.1-150700.1.17 fixed

dpdk-thunderx

suse enterprise sap 12 SP5	18.11.9-3.29.1 fixed
suse enterprise sap 15 SP3	19.11.4-150300.16.1 fixed
suse enterprise sap 15 SP4	19.11.10-150400.4.7.1 fixed
suse enterprise sap 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise sap 15 SP7	24.11.1-150700.1.15 fixed
suse enterprise server 12 SP5	18.11.9-3.29.1 fixed
suse enterprise server 15	18.11.9-150000.3.32.2 fixed
suse enterprise server 15 SP2	19.11.4-150200.3.25.1 fixed
suse enterprise server 15 SP3	19.11.4-150300.21.1 fixed
suse enterprise server 15 SP4	19.11.10-150400.4.12.1 fixed
suse enterprise server 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise server 15 SP7	24.11.1-150700.1.15 fixed

dpdk-thunderx-devel

suse enterprise sap 15 SP3	19.11.4-150300.16.1 fixed
suse enterprise sap 15 SP4	19.11.10-150400.4.7.1 fixed
suse enterprise sap 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise sap 15 SP7	24.11.1-150700.1.15 fixed
suse enterprise server 15	18.11.9-150000.3.32.2 fixed
suse enterprise server 15 SP2	19.11.4-150200.3.25.1 fixed
suse enterprise server 15 SP3	19.11.4-150300.21.1 fixed
suse enterprise server 15 SP4	19.11.10-150400.4.12.1 fixed
suse enterprise server 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise server 15 SP7	24.11.1-150700.1.15 fixed

dpdk-tools

suse enterprise sap 12 SP5	18.11.9-3.29.1 fixed
suse enterprise sap 15 SP3	19.11.4-150300.16.1 fixed
suse enterprise sap 15 SP4	19.11.10-150400.4.7.1 fixed
suse enterprise sap 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise sap 15 SP7	24.11.1-150700.1.17 fixed
suse enterprise server 12 SP5	18.11.9-3.29.1 fixed
suse enterprise server 15	18.11.9-150000.3.32.2 fixed
suse enterprise server 15 SP1	18.11.9-150100.4.19.1 fixed
suse enterprise server 15 SP2	19.11.4-150200.3.25.1 fixed
suse enterprise server 15 SP3	19.11.4-150300.21.1 fixed
suse enterprise server 15 SP4	19.11.10-150400.4.12.1 fixed
suse enterprise server 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise server 15 SP7	24.11.1-150700.1.17 fixed

libdpdk-18_11

suse enterprise sap 12 SP5	18.11.9-3.29.1 fixed
suse enterprise server 12 SP5	18.11.9-3.29.1 fixed
suse enterprise server 15	18.11.9-150000.3.32.2 fixed
suse enterprise server 15 SP1	18.11.9-150100.4.19.1 fixed

libdpdk-20_0

suse enterprise sap 15 SP3	19.11.4-150300.16.1 fixed
suse enterprise sap 15 SP4	19.11.10-150400.4.7.1 fixed
suse enterprise sap 15 SP5	19.11.10-150500.5.3.1 fixed
suse enterprise server 15 SP2	19.11.4-150200.3.25.1 fixed
suse enterprise server 15 SP3	19.11.4-150300.21.1 fixed
suse enterprise server 15 SP4	19.11.10-150400.4.12.1 fixed
suse enterprise server 15 SP5	19.11.10-150500.5.3.1 fixed

libdpdk-25

suse enterprise sap 15 SP7	24.11.1-150700.1.17 fixed
suse enterprise server 15 SP7	24.11.1-150700.1.17 fixed

Red Hat Enterprise Linux Releases

Red Hat Product

Release

dpdk

RHEL 8	0:21.11-2.el8_7 fixed
RHEL 8.1 E4S	0:18.11.2-5.el8_1 fixed
RHEL 8.2 AUS	0:19.11-6.el8_2 fixed
RHEL 8.2 E4S	0:19.11-6.el8_2 fixed
RHEL 8.2 TUS	0:19.11-6.el8_2 fixed
RHEL 8.4 AUS	0:20.11-4.el8_4 fixed
RHEL 8.4 E4S	0:20.11-4.el8_4 fixed
RHEL 8.4 EUS	0:20.11-4.el8_4 fixed
RHEL 8.4 TUS	0:20.11-4.el8_4 fixed
RHEL 8.6 AUS	0:21.11-2.el8_6 fixed
RHEL 8.6 E4S	0:21.11-2.el8_6 fixed
RHEL 8.6 EUS	0:21.11-2.el8_6 fixed
RHEL 8.6 TUS	0:21.11-2.el8_6 fixed
RHEL 9	2:21.11.2-1.el9_1 fixed

dpdk-devel

RHEL 8	0:21.11-2.el8_7 fixed
RHEL 8.1 E4S	0:18.11.2-5.el8_1 fixed
RHEL 8.2 AUS	0:19.11-6.el8_2 fixed
RHEL 8.2 E4S	0:19.11-6.el8_2 fixed
RHEL 8.2 TUS	0:19.11-6.el8_2 fixed
RHEL 8.4 AUS	0:20.11-4.el8_4 fixed
RHEL 8.4 E4S	0:20.11-4.el8_4 fixed
RHEL 8.4 EUS	0:20.11-4.el8_4 fixed
RHEL 8.4 TUS	0:20.11-4.el8_4 fixed
RHEL 8.6 AUS	0:21.11-2.el8_6 fixed
RHEL 8.6 E4S	0:21.11-2.el8_6 fixed
RHEL 8.6 EUS	0:21.11-2.el8_6 fixed
RHEL 8.6 TUS	0:21.11-2.el8_6 fixed
RHEL 9	2:21.11.2-1.el9_1 fixed

dpdk-doc

RHEL 8	0:21.11-2.el8_7 fixed
RHEL 8.1 E4S	0:18.11.2-5.el8_1 fixed
RHEL 8.2 AUS	0:19.11-6.el8_2 fixed
RHEL 8.2 E4S	0:19.11-6.el8_2 fixed
RHEL 8.2 TUS	0:19.11-6.el8_2 fixed
RHEL 8.4 AUS	0:20.11-4.el8_4 fixed
RHEL 8.4 E4S	0:20.11-4.el8_4 fixed
RHEL 8.4 EUS	0:20.11-4.el8_4 fixed
RHEL 8.4 TUS	0:20.11-4.el8_4 fixed
RHEL 8.6 AUS	0:21.11-2.el8_6 fixed
RHEL 8.6 E4S	0:21.11-2.el8_6 fixed
RHEL 8.6 EUS	0:21.11-2.el8_6 fixed
RHEL 8.6 TUS	0:21.11-2.el8_6 fixed
RHEL 9	2:21.11.2-1.el9_1 fixed

dpdk-tools

RHEL 8	0:21.11-2.el8_7 fixed
RHEL 8.1 E4S	0:18.11.2-5.el8_1 fixed
RHEL 8.2 AUS	0:19.11-6.el8_2 fixed
RHEL 8.2 E4S	0:19.11-6.el8_2 fixed
RHEL 8.2 TUS	0:19.11-6.el8_2 fixed
RHEL 8.4 AUS	0:20.11-4.el8_4 fixed
RHEL 8.4 E4S	0:20.11-4.el8_4 fixed
RHEL 8.4 EUS	0:20.11-4.el8_4 fixed
RHEL 8.4 TUS	0:20.11-4.el8_4 fixed
RHEL 8.6 AUS	0:21.11-2.el8_6 fixed
RHEL 8.6 E4S	0:21.11-2.el8_6 fixed
RHEL 8.6 EUS	0:21.11-2.el8_6 fixed
RHEL 8.6 TUS	0:21.11-2.el8_6 fixed
RHEL 9	2:21.11.2-1.el9_1 fixed

Known Exploits!

Common Weakness Enumeration

CWE-791 - Incomplete Filtering of Special Elements
The software receives data from an upstream component, but does not completely filter special elements before sending it to a downstream component.

References

https://bugs.dpdk.org/show_bug.cgi?id=1031

https://bugzilla.redhat.com/show_bug.cgi?id=2099475

https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html

https://bugs.dpdk.org/show_bug.cgi?id=1031

https://bugzilla.redhat.com/show_bug.cgi?id=2099475

https://lists.debian.org/debian-lts-announce/2022/09/msg00000.html