First published: Tue Jan 23 2018(Updated: )
On multiple SR-IOV cars it is possible for VF's assigned to guests to send ethernet flow control pause frames via the PF. This includes Linux kernel ixgbe driver before commit f079fa005aae08ee0e1bc32699874ff4f02e11c1, the Linux Kernel i40e/i40evf driver before e7358f54a3954df16d4f87e3cad35063f1c17de5 and the DPDK before commit 3f12b9f23b6499ff66ec8b0de941fb469297e5d0, additionally Multiple vendor NIC firmware is affected.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Intel X710 Firmware | ||
Intel X710 | ||
Intel 82599 Firmware | ||
Intel 82599 | ||
Intel X540 Firmware | ||
Intel X540 | ||
Intel I350 Firmware | ||
Intel I350 | ||
Intel 82576 Firmware | ||
Intel 82576 | ||
Linux Linux Kernel Ixgbe | ||
Linux Linux Kernel I40e\/i40evf | ||
Dpdk Dpdk |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2015-1142857 is a vulnerability that allows VF's assigned to guests to send ethernet flow control pause frames via the PF on multiple SR-IOV cards.
The affected software includes Intel X710 Firmware, Intel 82599 Firmware, Intel X540 Firmware, Intel I350 Firmware, Linux Kernel Ixgbe, Linux Kernel I40e/i40evf, and DPDK. The affected hardware includes Intel X710, Intel 82599, Intel X540, and Intel I350.
The severity of CVE-2015-1142857 is rated as high with a CVSS score of 8.6.
To fix CVE-2015-1142857, update your firmware and drivers to versions that include the necessary security patches. Refer to the vendor's advisory for specific instructions.
You can find more information about CVE-2015-1142857 in the following references: [1] http://seclists.org/oss-sec/2015/q4/425, [2] https://security-center.intel.com/advisory.aspx?intelid=INTEL-SA-00046&languageid=en-fr, [3] https://www.usenix.org/system/files/conference/usenixsecurity15/sec15-paper-smolyar.pdf