UbuntuUpdates.org

Package "librte-net-bnxt22"

Name: librte-net-bnxt22

Description:

Data Plane Development Kit (librte-net-bnxt runtime library)

Latest version: 21.11.6-0ubuntu0.22.04.2
Release: jammy (22.04)
Level: security
Repository: universe
Head package: dpdk
Homepage: https://doc.dpdk.org/guides/nics/bnxt.html

Links


Download "librte-net-bnxt22"


Other versions of "librte-net-bnxt22" in Jammy

Repository Area Version
updates universe 21.11.6-0ubuntu0.22.04.2
proposed universe 21.11.7-0ubuntu0.22.04.1

Changelog

Version: 21.11.6-0ubuntu0.22.04.2 2024-12-19 17:06:51 UTC

  dpdk (21.11.6-0ubuntu0.22.04.2) jammy-security; urgency=medium

  * SECURITY UPDATE: DoS via OOB read in checksum offload feature
    - debian/patches/CVE-2024-11614.patch: fix Rx checksum calculation in
      lib/vhost/virtio_net.c.
    - CVE-2024-11614

 -- Marc Deslauriers <email address hidden> Wed, 18 Dec 2024 13:32:23 -0500

Source diff to previous version
CVE-2024-11614 An out-of-bounds read vulnerability was found in DPDK's Vhost library checksum offload feature. This issue enables an untrusted or compromised guest

Version: 21.11.2-0ubuntu0.22.04.1 2022-09-13 19:07:19 UTC

  dpdk (21.11.2-0ubuntu0.22.04.1) jammy-security; urgency=medium

  * Merge LTS stable release 21.11.2
    - Among many general fixed this adresses a CVE:
      DoS triggered by sending a crafted Vhost header (CVE-2022-2132)
    - Full release notes are available at:
      https://doc.dpdk.org/guides-21.11/rel_notes/release_21_11.html#id1

 -- Christian Ehrhardt <email address hidden> Thu, 08 Sep 2022 10:18:45 +0200

Source diff to previous version
CVE-2022-2132 A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a c

Version: 21.11.1-0ubuntu0.3 2022-05-04 14:06:30 UTC

  dpdk (21.11.1-0ubuntu0.3) jammy-security; urgency=medium

  * Merge LTS stable release 21.11.1
    Release notes are available at:
    - https://doc.dpdk.org/guides-21.11/rel_notes/release_21_11.html#fixes
    - Among many general fixed this adresses two CVEs:
      + out of bounds write due to invalid queue number (CVE-2021-3839)
      + denial of service by injecting inflight messages (CVE-2022-0669)
    - d/*.symbols: adapt symbols for the 21.11.1 release
      This was discussed with upstream in [1] and all are considered save
      and are intentional.

 -- Christian Ehrhardt <email address hidden> Tue, 26 Apr 2022 14:49:12 +0200




About   -   Send Feedback to @ubuntu_updates