How severe is CVE-2020-14378?

This vulnerability has a severity rating of LOW with a CVSS score of 3.3 out of 10.

What type of vulnerability is CVE-2020-14378?

This is classified as CWE-191, which is a common weakness in software security.

CVE-2020-14378 - LOW Severity | CVSS 3.3

Vulnerability Description

An integer underflow in dpdk versions before 18.11.10 and before 19.11.5 in the `move_desc` function can lead to large amounts of CPU cycles being eaten up in a long running loop. An attacker could cause `move_desc` to get stuck in a 4,294,967,295-count iteration loop. Depending on how `vhost_crypto` is being used this could prevent other VMs or network tasks from being serviced by the busy DPDK lcore for an extended period.

Related Vulnerabilities

CVE-2025-26269

LOW

CVSS:3.3(Low)

DragonflyDB Dragonfly through 1.28.2 (fixed in 1.29.0) allows authenticated users to cause a denial of service (daemon crash) via a Lua library command that references a large negative integer.

CWE-1912025

CVE-2023-24911

MEDIUM

CVSS:4.3(Medium)

Microsoft PostScript and PCL6 Class Printer Driver Information Disclosure Vulnerability

CWE-1912023

CVE-2024-50594

MEDIUM

CVSS:4.3(Medium)

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted series of network requests can lead to denial o...

CWE-1912024

CVE-2024-50595

MEDIUM

CVSS:4.3(Medium)

CWE-1912024

CVE-2024-50596

MEDIUM

CVSS:4.3(Medium)

An integer underflow vulnerability exists in the HTTP server PUT request functionality of STMicroelectronics X-CUBE-AZRTOS-WL 2.0.0. A specially crafted network packet can lead to denial of service. A...

CWE-1912024

CVE-2024-50597

MEDIUM

CVSS:4.3(Medium)

CWE-1912024