USN-3642-2: DPDK vulnerability

16 May 2018

dpdk vulnerability

A security issue affects these releases of Ubuntu and its derivatives:

  • Ubuntu 17.10

Summary

DPDK could be made to expose sensitive information over the network.

Software Description

  • dpdk - set of libraries for fast packet processing

Details

USN-3642-1 fixed a vulnerability in DPDK. This update provides the corresponding update for Ubuntu 17.10.

Original advisory details:

Maxime Coquelin discovered that DPDK incorrectly handled guest physical ranges. A malicious guest could use this issue to possibly access sensitive information.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 17.10
dpdk - 17.05.2-0ubuntu1.1

To update your system, please follow these instructions: https://wiki.ubuntu.com/Security/Upgrades.

In general, a standard system update will make all the necessary changes.

References