Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 29 Aug 2022 19:55:17 +0200
From: Thomas Monjalon <>
Subject: CVE-2022-28199: DPDK mlx5 driver error recovery handling vulnerability

A vulnerability was fixed in DPDK.
Some downstream stakeholders were warned in advance
in order to coordinate the release of fixes
and reduce the vulnerability window.

When having a failure with the mlx5 driver,
the error recovery was not handled properly,
which can allow a remote attacker to cause denial of service
and some impact to data integrity and confidentiality.

CVE: CVE-2022-28199
Severity: 6.5
CVSS scores: AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Commits per branch:
	main  -
	21.11 -
	20.11 -
	19.11 -

LTS Releases:
	21.11 -
	20.11 -
	19.11 -

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.