Unrated severityNVD Advisory· Published Sep 1, 2022· Updated Aug 3, 2024
CVE-2022-28199
CVE-2022-28199
Description
NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality.
Affected products
26- osv-coords25 versionspkg:rpm/almalinux/dpdkpkg:rpm/almalinux/dpdk-develpkg:rpm/almalinux/dpdk-docpkg:rpm/almalinux/dpdk-toolspkg:rpm/opensuse/dpdk&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/dpdk&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/dpdk-thunderx&distro=openSUSE%20Leap%2015.3pkg:rpm/opensuse/dpdk-thunderx&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/dpdk&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-BCLpkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/dpdk&distro=SUSE%20Manager%20Proxy%204.1pkg:rpm/suse/dpdk&distro=SUSE%20Manager%20Retail%20Branch%20Server%204.1pkg:rpm/suse/dpdk&distro=SUSE%20Manager%20Server%204.1pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-ESPOSpkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP3pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4pkg:rpm/suse/dpdk-thunderx&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSS
< 2:21.11.2-1.el9_1+ 24 more
- (no CPE)range: < 2:21.11.2-1.el9_1
- (no CPE)range: < 2:21.11.2-1.el9_1
- (no CPE)range: < 2:21.11.2-1.el9_1
- (no CPE)range: < 2:21.11.2-1.el9_1
- (no CPE)range: < 19.11.4-150300.16.1
- (no CPE)range: < 19.11.10-150400.4.7.1
- (no CPE)range: < 19.11.4-150300.16.1
- (no CPE)range: < 19.11.10-150400.4.7.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150300.16.1
- (no CPE)range: < 19.11.10-150400.4.7.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- (no CPE)range: < 19.11.4-150300.16.1
- (no CPE)range: < 19.11.10-150400.4.7.1
- (no CPE)range: < 19.11.4-150200.3.20.1
- NVIDIA/NVIDIA FLAREv5Range: mlnx_dpdk_19.11_1.*.* through mlnx_dpdk_20.11_1.0.0-4.*.*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
3- tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-mlx5-jbPCrqD8mitrevendor-advisoryx_refsource_CISCO
- www.openwall.com/lists/oss-security/2022/09/06/2mitremailing-listx_refsource_MLIST
- nvidia.custhelp.com/app/answers/detail/a_id/5389mitrex_refsource_MISC
News mentions
0No linked articles in our index yet.