Debian dsa-5833 : dpdk - セキュリティ更新プログラム

high Nessus プラグイン ID 213102

概要

リモートの Debian ホストにセキュリティ関連の更新プログラムがありません。

説明

リモートの Debian 12 ホストには、dsa-5833 のアドバイザリに記載された脆弱性の影響を受けるパッケージがインストールされています。

- ------------------------------------------------------------------------- Debian セキュリティアドバイザリ DSA-5833-1 [email protected] https://www.debian.org/security/Moritz Muehlenhoff 2024 年 12 月 17 日 https://www.debian.org/security/faq
- -------------------------------------------------------------------------

パッケージ : dpdk CVE ID : CVE-2024-11614

高速パケット処理のための一連のライブラリである DPDK の vhost コードに、バッファオーバーフローが発見されました。これにより、悪意のあるゲスト/コンテナが、サービス拒否または任意のコードを実行する可能性があります。

安定版 (stable) ディストリビューション (bookworm) では、これらの問題はバージョン 22.11.7-1~deb12u1 で修正されています。

お使いの dpdk パッケージをアップグレードすることを推奨します。

dpdk の詳細なセキュリティステータスについては、そのセキュリティトラッカーページを参照してください。
https://security-tracker.debian.org/tracker/dpdk

Debian セキュリティアドバイザリに関する詳細、これらの更新をシステムに適用する方法、およびよくある質問については、こちらを参照してください。https://www.debian.org/security/

メーリングリスト: [email protected]

Tenable は、前述の説明ブロックを Debian セキュリティアドバイザリから直接抽出しました。

Nessus はこの問題をテストしておらず、代わりにアプリケーションが自己報告するバージョン番号にのみ依存していることに注意してください。

ソリューション

dpdk パッケージをアップグレードしてください。

参考資料

https://security-tracker.debian.org/tracker/source-package/dpdk

https://security-tracker.debian.org/tracker/CVE-2024-11614

https://packages.debian.org/source/bookworm/dpdk

プラグインの詳細

深刻度: High

ID: 213102

ファイル名: debian_DSA-5833.nasl

バージョン: 1.2

タイプ: local

エージェント: unix

公開日: 2024/12/17

更新日: 2024/12/19

サポートされているセンサー: Frictionless Assessment Agent, Nessus Agent, Agentless Assessment, Continuous Assessment, Nessus

リスク情報

VPR

リスクファクター: Medium

スコア: 5.2

CVSS v2

リスクファクター: High

基本値: 7.5

現状値: 5.5

ベクトル: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS スコアのソース: CVE-2024-11614

CVSS v3

リスクファクター: High

基本値: 7.4

現状値: 6.4

ベクトル: CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

現状ベクトル: CVSS:3.0/E:U/RL:O/RC:C

脆弱性情報

CPE: p-cpe:/a:debian:debian_linux:librte-net-ice23, p-cpe:/a:debian:debian_linux:librte-baseband-acc23, p-cpe:/a:debian:debian_linux:librte-raw-cnxk-gpio23, p-cpe:/a:debian:debian_linux:librte-net-cxgbe23, p-cpe:/a:debian:debian_linux:librte-bus-vdev23, p-cpe:/a:debian:debian_linux:librte-bus-ifpga23, p-cpe:/a:debian:debian_linux:librte-net-vmxnet3-23, p-cpe:/a:debian:debian_linux:librte-stack23, p-cpe:/a:debian:debian_linux:librte-dma-hisilicon23, p-cpe:/a:debian:debian_linux:librte-net-dpaa2-23, p-cpe:/a:debian:debian_linux:librte-cryptodev23, p-cpe:/a:debian:debian_linux:librte-regex-cn9k23, p-cpe:/a:debian:debian_linux:librte-net-ixgbe23, p-cpe:/a:debian:debian_linux:librte-security23, p-cpe:/a:debian:debian_linux:librte-net-e1000-23, p-cpe:/a:debian:debian_linux:librte-meta-compress, p-cpe:/a:debian:debian_linux:librte-common-octeontx23, p-cpe:/a:debian:debian_linux:libdpdk-dev, p-cpe:/a:debian:debian_linux:librte-ring23, p-cpe:/a:debian:debian_linux:librte-dma-skeleton23, p-cpe:/a:debian:debian_linux:librte-graph23, p-cpe:/a:debian:debian_linux:librte-dma-dpaa23, p-cpe:/a:debian:debian_linux:librte-net-softnic23, p-cpe:/a:debian:debian_linux:librte-cmdline23, p-cpe:/a:debian:debian_linux:librte-dma-dpaa2-23, p-cpe:/a:debian:debian_linux:librte-crypto-caam-jr23, p-cpe:/a:debian:debian_linux:librte-mbuf23, p-cpe:/a:debian:debian_linux:librte-net-liquidio23, p-cpe:/a:debian:debian_linux:librte-net-enetfec23, p-cpe:/a:debian:debian_linux:librte-port23, p-cpe:/a:debian:debian_linux:dpdk-dev, p-cpe:/a:debian:debian_linux:librte-jobstats23, p-cpe:/a:debian:debian_linux:librte-mempool-dpaa23, p-cpe:/a:debian:debian_linux:librte-net-i40e23, p-cpe:/a:debian:debian_linux:librte-mempool23, p-cpe:/a:debian:debian_linux:librte-crypto-scheduler23, p-cpe:/a:debian:debian_linux:librte-ethdev23, p-cpe:/a:debian:debian_linux:librte-net-idpf23, p-cpe:/a:debian:debian_linux:librte-net-enic23, p-cpe:/a:debian:debian_linux:librte-net-octeontx23, p-cpe:/a:debian:debian_linux:librte-event-dlb2-23, p-cpe:/a:debian:debian_linux:librte-net-ena23, p-cpe:/a:debian:debian_linux:librte-mempool-stack23, p-cpe:/a:debian:debian_linux:librte-ip-frag23, p-cpe:/a:debian:debian_linux:librte-net-igc23, p-cpe:/a:debian:debian_linux:librte-pcapng23, p-cpe:/a:debian:debian_linux:librte-gso23, p-cpe:/a:debian:debian_linux:librte-meta-raw, p-cpe:/a:debian:debian_linux:librte-table23, p-cpe:/a:debian:debian_linux:librte-net-mlx4-23, p-cpe:/a:debian:debian_linux:librte-gro23, p-cpe:/a:debian:debian_linux:librte-mempool-octeontx23, p-cpe:/a:debian:debian_linux:librte-net-ipn3ke23, p-cpe:/a:debian:debian_linux:dpdk-doc, p-cpe:/a:debian:debian_linux:librte-regexdev23, p-cpe:/a:debian:debian_linux:librte-crypto-bcmfs23, p-cpe:/a:debian:debian_linux:librte-pipeline23, p-cpe:/a:debian:debian_linux:librte-event-cnxk23, p-cpe:/a:debian:debian_linux:librte-net-txgbe23, p-cpe:/a:debian:debian_linux:librte-bitratestats23, p-cpe:/a:debian:debian_linux:librte-meta-allpmds, p-cpe:/a:debian:debian_linux:librte-net-fm10k23, p-cpe:/a:debian:debian_linux:librte-meta-net, p-cpe:/a:debian:debian_linux:librte-baseband-null23, p-cpe:/a:debian:debian_linux:librte-mempool-bucket23, p-cpe:/a:debian:debian_linux:librte-net-gve23, p-cpe:/a:debian:debian_linux:librte-net-thunderx23, p-cpe:/a:debian:debian_linux:librte-bus-pci23, p-cpe:/a:debian:debian_linux:librte-common-idpf23, p-cpe:/a:debian:debian_linux:librte-eventdev23, p-cpe:/a:debian:debian_linux:librte-baseband-turbo-sw23, p-cpe:/a:debian:debian_linux:librte-event-dpaa2-23, p-cpe:/a:debian:debian_linux:librte-net-iavf23, p-cpe:/a:debian:debian_linux:librte-net-ngbe23, p-cpe:/a:debian:debian_linux:librte-event-skeleton23, p-cpe:/a:debian:debian_linux:librte-meta-crypto, p-cpe:/a:debian:debian_linux:librte-baseband-fpga-5gnr-fec23, p-cpe:/a:debian:debian_linux:librte-bus-vmbus23, p-cpe:/a:debian:debian_linux:librte-net-mlx5-23, p-cpe:/a:debian:debian_linux:librte-net-netvsc23, p-cpe:/a:debian:debian_linux:librte-rcu23, p-cpe:/a:debian:debian_linux:librte-common-qat23, p-cpe:/a:debian:debian_linux:librte-compressdev23, p-cpe:/a:debian:debian_linux:librte-crypto-dpaa2-sec23, p-cpe:/a:debian:debian_linux:librte-crypto-ipsec-mb23, p-cpe:/a:debian:debian_linux:librte-sched23, p-cpe:/a:debian:debian_linux:librte-crypto-nitrox23, p-cpe:/a:debian:debian_linux:librte-net-af-xdp23, p-cpe:/a:debian:debian_linux:librte-net-atlantic23, p-cpe:/a:debian:debian_linux:librte-dma-ioat23, p-cpe:/a:debian:debian_linux:librte-crypto-ccp23, p-cpe:/a:debian:debian_linux:librte-net-virtio23, p-cpe:/a:debian:debian_linux:librte-raw-ntb23, p-cpe:/a:debian:debian_linux:librte-common-dpaax23, p-cpe:/a:debian:debian_linux:librte-common-cpt23, p-cpe:/a:debian:debian_linux:librte-common-sfc-efx23, p-cpe:/a:debian:debian_linux:librte-regex-mlx5-23, p-cpe:/a:debian:debian_linux:librte-meter23, p-cpe:/a:debian:debian_linux:librte-net-pfe23, p-cpe:/a:debian:debian_linux:librte-timer23, p-cpe:/a:debian:debian_linux:librte-vdpa-sfc23, p-cpe:/a:debian:debian_linux:librte-raw-skeleton23, p-cpe:/a:debian:debian_linux:librte-net-nfp23, p-cpe:/a:debian:debian_linux:librte-acl23, p-cpe:/a:debian:debian_linux:librte-dma-idxd23, p-cpe:/a:debian:debian_linux:librte-event-octeontx23, p-cpe:/a:debian:debian_linux:librte-net-ring23, p-cpe:/a:debian:debian_linux:librte-bpf23, p-cpe:/a:debian:debian_linux:librte-latencystats23, p-cpe:/a:debian:debian_linux:librte-net-tap23, p-cpe:/a:debian:debian_linux:librte-crypto-octeontx23, p-cpe:/a:debian:debian_linux:librte-net-bnxt23, p-cpe:/a:debian:debian_linux:librte-net-sfc23, p-cpe:/a:debian:debian_linux:librte-net-qede23, p-cpe:/a:debian:debian_linux:librte-net-cnxk23, p-cpe:/a:debian:debian_linux:librte-crypto-cnxk23, p-cpe:/a:debian:debian_linux:librte-meta-mempool, p-cpe:/a:debian:debian_linux:librte-compress-octeontx23, p-cpe:/a:debian:debian_linux:librte-net-axgbe23, p-cpe:/a:debian:debian_linux:librte-cfgfile23, p-cpe:/a:debian:debian_linux:librte-net-null23, p-cpe:/a:debian:debian_linux:librte-meta-bus, p-cpe:/a:debian:debian_linux:librte-bus-auxiliary23, p-cpe:/a:debian:debian_linux:librte-meta-all, p-cpe:/a:debian:debian_linux:librte-net-vdev-netvsc23, p-cpe:/a:debian:debian_linux:librte-net-bond23, p-cpe:/a:debian:debian_linux:librte-common-iavf23, p-cpe:/a:debian:debian_linux:librte-net-failsafe23, p-cpe:/a:debian:debian_linux:librte-baseband-la12xx23, p-cpe:/a:debian:debian_linux:librte-bus-dpaa23, p-cpe:/a:debian:debian_linux:librte-fib23, p-cpe:/a:debian:debian_linux:librte-kvargs23, p-cpe:/a:debian:debian_linux:librte-pci23, p-cpe:/a:debian:debian_linux:librte-telemetry23, p-cpe:/a:debian:debian_linux:librte-compress-mlx5-23, p-cpe:/a:debian:debian_linux:librte-efd23, p-cpe:/a:debian:debian_linux:librte-vdpa-ifc23, p-cpe:/a:debian:debian_linux:librte-gpudev23, p-cpe:/a:debian:debian_linux:librte-lpm23, p-cpe:/a:debian:debian_linux:librte-net-pcap23, p-cpe:/a:debian:debian_linux:librte-member23, p-cpe:/a:debian:debian_linux:librte-raw-cnxk-bphy23, p-cpe:/a:debian:debian_linux:librte-net-avp23, p-cpe:/a:debian:debian_linux:librte-eal23, p-cpe:/a:debian:debian_linux:librte-meta-dma, p-cpe:/a:debian:debian_linux:dpdk, p-cpe:/a:debian:debian_linux:librte-common-cnxk23, p-cpe:/a:debian:debian_linux:librte-distributor23, p-cpe:/a:debian:debian_linux:librte-crypto-mlx5-23, p-cpe:/a:debian:debian_linux:librte-event-dsw23, p-cpe:/a:debian:debian_linux:librte-ipsec23, p-cpe:/a:debian:debian_linux:librte-crypto-virtio23, p-cpe:/a:debian:debian_linux:librte-event-sw23, p-cpe:/a:debian:debian_linux:librte-meta-baseband, p-cpe:/a:debian:debian_linux:librte-net-memif23, p-cpe:/a:debian:debian_linux:librte-rawdev23, cpe:/o:debian:debian_linux:12.0, p-cpe:/a:debian:debian_linux:librte-meta-event, p-cpe:/a:debian:debian_linux:librte-compress-zlib23, p-cpe:/a:debian:debian_linux:librte-metrics23, p-cpe:/a:debian:debian_linux:librte-net-dpaa23, p-cpe:/a:debian:debian_linux:librte-power23, p-cpe:/a:debian:debian_linux:librte-net-octeon-ep23, p-cpe:/a:debian:debian_linux:librte-crypto-dpaa-sec23, p-cpe:/a:debian:debian_linux:librte-net-bnx2x23, p-cpe:/a:debian:debian_linux:librte-pdump23, p-cpe:/a:debian:debian_linux:librte-net23, p-cpe:/a:debian:debian_linux:librte-baseband-fpga-lte-fec23, p-cpe:/a:debian:debian_linux:librte-mempool-dpaa2-23, p-cpe:/a:debian:debian_linux:librte-bbdev23, p-cpe:/a:debian:debian_linux:librte-vdpa-mlx5-23, p-cpe:/a:debian:debian_linux:librte-node23, p-cpe:/a:debian:debian_linux:librte-net-ionic23, p-cpe:/a:debian:debian_linux:librte-dma-cnxk23, p-cpe:/a:debian:debian_linux:librte-mempool-ring23, p-cpe:/a:debian:debian_linux:librte-common-mlx5-23, p-cpe:/a:debian:debian_linux:librte-net-ark23, p-cpe:/a:debian:debian_linux:librte-net-hinic23, p-cpe:/a:debian:debian_linux:librte-net-hns3-23, p-cpe:/a:debian:debian_linux:librte-compress-isal23, p-cpe:/a:debian:debian_linux:librte-raw-ifpga23, p-cpe:/a:debian:debian_linux:librte-hash23, p-cpe:/a:debian:debian_linux:librte-rib23, p-cpe:/a:debian:debian_linux:librte-mempool-cnxk23, p-cpe:/a:debian:debian_linux:librte-net-enetc23, p-cpe:/a:debian:debian_linux:librte-meta-common, p-cpe:/a:debian:debian_linux:librte-crypto-null23, p-cpe:/a:debian:debian_linux:librte-net-vhost23, p-cpe:/a:debian:debian_linux:librte-event-opdl23, p-cpe:/a:debian:debian_linux:librte-reorder23, p-cpe:/a:debian:debian_linux:librte-vhost23, p-cpe:/a:debian:debian_linux:librte-raw-dpaa2-cmdif23, p-cpe:/a:debian:debian_linux:librte-net-af-packet23, p-cpe:/a:debian:debian_linux:librte-dmadev23, p-cpe:/a:debian:debian_linux:librte-crypto-openssl23, p-cpe:/a:debian:debian_linux:librte-bus-fslmc23, p-cpe:/a:debian:debian_linux:librte-event-dpaa23

必要な KB アイテム: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

エクスプロイトの容易さ: No known exploits are available

パッチ公開日: 2024/12/17

脆弱性公開日: 2024/12/17

参照情報

CVE: CVE-2024-11614