CVE-2018-1059 - AskarLabs CVE Database

CVE-2018-1059

Vendor Red Hat, Inc.

Product DPDK

Weakness CWE-200 · Info exposure

Published April 24, 2018

Last update September 17, 2024

View on NVD All CVEs

CVSS base score

—

What the vulnerability does

01Description

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.

Key dates

02Disclosure timeline

April 24, 2018 CVE published

September 17, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2018-1059

Related vulnerabilities

04Related CVE

CVE-2022-39031 Smart eVision - Exposure of Sensitive Information to an Unauthorized Actor -3 CVE-2022-21712 Cookie and header exposure in twisted CVE-2025-24373 Unrestricted Access to PDF Documents via URL Manipulation in woocommerce-pdf-invoices-packing-slips CVE-2020-9733 Sensitive information disclosure possible in AEM CVE-2021-22728