Spdk Storage Performance Development Kit vulnerabilities
3 known vulnerabilities affecting spdk/storage_performance_development_kit.
Total CVEs
3
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
HIGH1MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2021-28361HIGHCVSS 7.5fixed in 20.01.012021-03-13
CVE-2021-28361 [HIGH] CWE-476 CVE-2021-28361: An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is s
An issue was discovered in Storage Performance Development Kit (SPDK) before 20.01.01. If a PDU is sent to the iSCSI target with a zero length (but data is expected), the iSCSI target can crash with a NULL pointer dereference.
nvd
CVE-2019-14940MEDIUMCVSS 6.5fixed in 19.072019-08-12
CVE-2019-14940 [MEDIUM] CVE-2019-14940: In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if t
In Storage Performance Development Kit (SPDK) before 19.07, a user of a vhost can cause a crash if the target is sent invalid input.
nvd
CVE-2019-9547MEDIUMCVSS 5.3fixed in 19.012019-03-01
CVE-2019-9547 [MEDIUM] CWE-834 CVE-2019-9547: In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual
In Storage Performance Development Kit (SPDK) before 19.01, a malicious vhost client (i.e., virtual machine) could carefully construct a circular descriptor chain that would result in a partial denial of service in the SPDK vhost target, because the vhost target did not properly detect such chains.
nvd