CVE-2015-1142857

CVSS v3.0 8.6 (High)

CVSS v2.0 5 (Medium)

EPSS 0.21 % (59^th)

Affected Products 13

Advisories 8

On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4f87e3cad35063f1c17de5 and the DPDK before commit 3f12b9f23b6499ff66ec8b0de941fb469297e5d0, additionally Multiple vendor NIC firmware is affected.

Weaknesses

CWE-254: 7PK - Security Features

Related CVEs

CVE-2018-1000017

CVE Status: PUBLISHED
CNA: MITRE
Published Date: 2018-01-23 14:29:00
(6 years ago)
Updated Date: 2018-02-15 17:23:40
(6 years ago)

Affected Products

Dpdk

Dpdk

Intel

Linux

Configuration #1

AND

		CPE23
OR
	Intel X710 Firmware	cpe:2.3:o:intel:x710_firmware:-
OR
	Running on/with
	Intel X710	cpe:2.3:h:intel:x710:-

Configuration #2

AND

		CPE23
OR
	Intel 82599 Firmware	cpe:2.3:o:intel:82599_firmware:-
OR
	Running on/with
	Intel 82599	cpe:2.3:h:intel:82599:-

Configuration #3

AND

		CPE23
OR
	Intel X540 Firmware	cpe:2.3:o:intel:x540_firmware:-
OR
	Running on/with
	Intel X540	cpe:2.3:h:intel:x540:-

Configuration #4

AND

		CPE23
OR
	Intel I350 Firmware	cpe:2.3:o:intel:i350_firmware:-
OR
	Running on/with
	Intel I350	cpe:2.3:h:intel:i350:-

Configuration #5

AND

		CPE23
OR
	Intel 82576 Firmware	cpe:2.3:o:intel:82576_firmware:-
OR
	Running on/with
	Intel 82576	cpe:2.3:h:intel:82576:-

Configuration #6

AND

		CPE23	From	Up To
OR
	Linux Kernel Ixgbe	cpe:2.3:o:linux:linux_kernel_ixgbe:-

Configuration #7

AND

		CPE23	From	Up To
OR
	Linux Kernel I40e/i40evf	cpe:2.3:o:linux:linux_kernel_i40e\%2fi40evf:-

Configuration #8

AND

		CPE23	From	Up To
OR
	Dpdk	cpe:2.3:o:dpdk:dpdk:-