A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is...
7.5CVSS
6.9AI Score
0.0004EPSS
openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in...
7.5CVSS
7.7AI Score
0.0005EPSS
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...
5.5CVSS
6.5AI Score
0.0004EPSS
An integer underflow in Organization Specific TLV was found in various versions of...
9.8CVSS
9.2AI Score
0.002EPSS
An out-of-bounds read in Organization Specific TLV was found in various versions of...
9.8CVSS
9.1AI Score
0.002EPSS
The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache,....
5.8CVSS
5.6AI Score
0.003EPSS
A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user...
6.5CVSS
6.4AI Score
0.0004EPSS
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet...
7.5CVSS
7.3AI Score
0.005EPSS
Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP...
5.5CVSS
5.6AI Score
0.001EPSS
A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system...
7.5CVSS
7.1AI Score
0.006EPSS
A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this.....
7.5CVSS
7AI Score
0.004EPSS