Medium severity6.1NVD Advisory· Published Apr 24, 2018· Updated Jun 17, 2026
CVE-2018-1059
CVE-2018-1059
Description
The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
9- osv-coords7 versionspkg:rpm/opensuse/dpdk&distro=openSUSE%20Tumbleweedpkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP3pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP3pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP3
< 19.11.8-2.7+ 6 more
- (no CPE)range: < 19.11.8-2.7
- (no CPE)range: < 16.11.6-8.4.2
- (no CPE)range: < 16.11.6-8.4.2
- (no CPE)range: < 16.11.6-8.4.2
- (no CPE)range: < 16.11.6-8.4.2
- (no CPE)range: < 16.11.6-8.4.2
- (no CPE)range: < 16.11.6-8.4.2
- Red Hat, Inc./DPDKv5Range: before 18.02.1
Patches
Vulnerability mechanics
References
8- access.redhat.com/errata/RHSA-2018:1267nvdThird Party Advisory
- access.redhat.com/security/cve/cve-2018-1059nvdThird Party Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingThird Party Advisory
- usn.ubuntu.com/3642-1/nvdThird Party Advisory
- usn.ubuntu.com/3642-2/nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2018:2038nvd
- access.redhat.com/errata/RHSA-2018:2102nvd
- access.redhat.com/errata/RHSA-2018:2524nvd
News mentions
0No linked articles in our index yet.