{"id":"CVE-2022-0669","details":"A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service.","modified":"2026-04-12T09:22:03.331170Z","published":"2022-08-29T15:15:09.750Z","related":["SUSE-SU-2022:1892-1","SUSE-SU-2022:2273-1","openSUSE-SU-2024:12039-1"],"references":[{"type":"ADVISORY","url":"https://access.redhat.com/security/cve/CVE-2022-0669"},{"type":"FIX","url":"https://bugs.dpdk.org/show_bug.cgi?id=922"},{"type":"FIX","url":"https://bugzilla.redhat.com/show_bug.cgi?id=2055793"},{"type":"FIX","url":"https://github.com/DPDK/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227"},{"type":"FIX","url":"https://security-tracker.debian.org/tracker/CVE-2022-0669"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/dpdk/dpdk","events":[{"introduced":"d7142fbae16f185e11bfa44be061399afc40a1be"},{"fixed":"80c5b4d6355d1dbece8dd1f812d374f3e24086bc"},{"introduced":"0"},{"last_affected":"7001c8fdb27357c67147c0a13cb3826e48c0f2bf"},{"introduced":"0"},{"last_affected":"19397c7bf2545e6adab41b657a1f1da3c7344e7b"},{"introduced":"0"},{"last_affected":"31aa07759ecd151967b568b1f1aa12b7794217c8"},{"introduced":"0"},{"last_affected":"e5d0ba08703099c12e4bb2eac650cbb047df1a13"},{"introduced":"0"},{"last_affected":"2d0cfc0e0528bb6be3676032a2d0573d7c3b3999"},{"introduced":"0"},{"last_affected":"2e07139b66a810883871ff20a5f31e4c222e5b40"},{"introduced":"0"},{"last_affected":"305769000c40a4fdf1ed0cf24c157b447b91ea7d"},{"introduced":"0"},{"last_affected":"312b94ef884f0cf4ee42dde36acf23a41172794d"},{"fixed":"af74f7db384ed149fe42b21dbd7975f8a54ef227"}],"database_specific":{"versions":[{"introduced":"20.02"},{"fixed":"22.03"},{"introduced":"0"},{"last_affected":"19.11"},{"introduced":"0"},{"last_affected":"19.11-rc1"},{"introduced":"0"},{"last_affected":"19.11-rc2"},{"introduced":"0"},{"last_affected":"19.11-rc3"},{"introduced":"0"},{"last_affected":"19.11-rc4"},{"introduced":"0"},{"last_affected":"22.03-rc1"},{"introduced":"0"},{"last_affected":"22.03-rc2"},{"introduced":"0"},{"last_affected":"22.03-rc3"}]}},{"type":"GIT","repo":"https://github.com/openvswitch/ovs","events":[{"introduced":"0"},{"last_affected":"71d553b995d0bd527d3ab1e9fbaf5a2ae34de2f3"},{"introduced":"0"},{"last_affected":"8dc1733eaea866dce033b3c44853e1b09bf59fc7"}],"database_specific":{"versions":[{"introduced":"0"},{"last_affected":"2.13.0"},{"introduced":"0"},{"last_affected":"2.15.0"}]}}],"versions":["v0.90.0","v0.90.4","v0.99.0","v0.99.1","v0.99.2","v1.0.0","v1.0.1","v1.1.0pre1","v1.1.0pre2","v1.2.3r0","v1.3.0r0","v1.3.1r0","v1.4.0r0","v1.4.1r0","v1.5.0r0","v1.5.1r0","v1.5.2r0","v1.6.0r0","v1.6.0r1","v1.6.0r2","v1.7.0","v1.7.0-rc1","v1.7.0-rc2","v1.7.0-rc3","v1.7.0-rc4","v1.7.1","v1.8.0","v1.8.0-rc1","v1.8.0-rc2","v1.8.0-rc3","v1.8.0-rc4","v1.8.0-rc5","v1.8.0-rc6","v16.04","v16.04-rc1","v16.04-rc2","v16.04-rc3","v16.04-rc4","v16.07","v16.07-rc1","v16.07-rc2","v16.07-rc3","v16.07-rc4","v16.07-rc5","v16.11","v16.11-rc1","v16.11-rc2","v16.11-rc3","v17.02","v17.02-rc1","v17.02-rc2","v17.02-rc3","v17.05","v17.05-rc1","v17.05-rc2","v17.05-rc3","v17.05-rc4","v17.08","v17.08-rc1","v17.08-rc2","v17.08-rc3","v17.08-rc4","v17.11","v17.11-rc1","v17.11-rc2","v17.11-rc3","v17.11-rc4","v18.02","v18.02-rc1","v18.02-rc2","v18.02-rc3","v18.02-rc4","v18.05","v18.05-rc1","v18.05-rc2","v18.05-rc3","v18.05-rc4","v18.05-rc5","v18.05-rc6","v18.08","v18.08-rc1","v18.08-rc2","v18.08-rc3","v18.11","v18.11-rc1","v18.11-rc2","v18.11-rc3","v18.11-rc4","v18.11-rc5","v19.02","v19.02-rc1","v19.02-rc2","v19.02-rc3","v19.02-rc4","v19.05","v19.05-rc1","v19.05-rc2","v19.05-rc3","v19.05-rc4","v19.08","v19.08-rc1","v19.08-rc2","v19.08-rc3","v19.08-rc4","v19.11","v19.11-rc1","v19.11-rc2","v19.11-rc3","v19.11-rc4","v2.0.0","v2.0.0-rc1","v2.0.0-rc2","v2.0.0-rc3","v2.1.0","v2.1.0-rc1","v2.1.0-rc2","v2.1.0-rc3","v2.1.0-rc4","v2.13.0","v2.15.0","v2.2.0","v2.2.0-rc1","v2.2.0-rc2","v2.2.0-rc3","v2.2.0-rc4","v20.02","v20.05","v20.05-rc1","v20.05-rc2","v20.05-rc3","v20.05-rc4","v20.08","v20.08-rc1","v20.08-rc2","v20.08-rc3","v20.08-rc4","v20.11","v20.11-rc1","v20.11-rc2","v20.11-rc3","v20.11-rc4","v20.11-rc5","v21.02","v21.02-rc1","v21.02-rc2","v21.02-rc3","v21.02-rc4","v21.05","v21.05-rc1","v21.05-rc2","v21.05-rc3","v21.05-rc4","v21.08","v21.08-rc1","v21.08-rc2","v21.08-rc3","v21.08-rc4","v21.11","v21.11-rc1","v21.11-rc2","v21.11-rc3","v21.11-rc4","v22.03-rc1","v22.03-rc2","v22.03-rc3","v22.03-rc4"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-0669.json","vanir_signatures":[{"source":"https://github.com/dpdk/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227","target":{"file":"lib/vhost/vhost_user.c","function":"vhost_user_get_inflight_fd"},"signature_version":"v1","id":"CVE-2022-0669-46915754","signature_type":"Function","digest":{"length":2695,"function_hash":"200223244212454310946426545990164687955"},"deprecated":false},{"source":"https://github.com/dpdk/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227","target":{"file":"lib/vhost/vhost_user.c"},"signature_version":"v1","id":"CVE-2022-0669-7cd925aa","signature_type":"Line","digest":{"line_hashes":["223818872768659713837531296929638434056","116344875714567526600993095709210440032","65632164188427022346067638745330342493","86925578931592434140037146067078323283","177619426305843807217480219997070703598","329277146593023733927617528617310912643"],"threshold":0.9},"deprecated":false},{"source":"https://github.com/dpdk/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227","target":{"file":"lib/vhost/vhost_user.c","function":"vhost_user_set_inflight_fd"},"signature_version":"v1","id":"CVE-2022-0669-d41ea11d","signature_type":"Function","digest":{"length":2619,"function_hash":"134267928438538481519605856791737735835"},"deprecated":false}],"vanir_signatures_modified":"2026-04-12T09:22:03Z","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.0"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H"}]}