CVE-2022-28199

Summary

NVIDIA’s distribution of the Data Plane Development Kit (MLNX_DPDK) contains a vulnerability in the network stack, where error recovery is not handled properly, which can allow a remote attacker to cause denial of service and some impact to data integrity and confidentiality.

Affected Software

VendorProductVersion RangeStatus
NVIDIANVIDIA FLAREmlnx_dpdk_19.11_1.*.* through mlnx_dpdk_20.11_1.0.0-4.*.*affected

Weaknesses

  • CWE-1284: CWE-1284: Improper Validation of Specified Quantity in Input

ADP Enrichment

CVE Program Container

Additional References

References