cvedb.io
CVE-2018-1059
MEDIUM · CVSS 6.1
EPSS exploitation probability: 0%
Published 2018-04-24T18:29:00.233 · Last modified 2026-06-17T01:50:23.220

Summary

The DPDK vhost-user interface does not check to verify that all the requested guest physical range is mapped and contiguous when performing Guest Physical Addresses to Host Virtual Addresses translations. This may lead to a malicious guest exposing vhost-user backend process memory. All versions before 18.02.1 are vulnerable.

Affected products

canonical — ubuntu_linux

Does this affect you?

Add your gear to cvedb and we'll alert you only when canonical ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.