(RHSA-2020:0165) Moderate: openvswitch security and bug fix update

2020-01-2106:00:26

access.redhat.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.006 Low

EPSS

Percentile

78.5%

JSON

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

dpdk: possible memory leak leads to denial of service (CVE-2019-14818)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

Fast datapath guaranteed bandwidth for SR-IOV, OVS and OVS-DPDK (Test-only) (BZ#1546429)
[ovs2.9] SSL connections drops are constantly logged in ovsdb-server-nb.log (BZ#1563574)
[FD-7 hotfix] Connectivity issue across VXLAN tunnels in OVS-DPDK after reboot of hypervisor - problem clears up after restarting openvswitch (BZ#1758824)

OSVersionArchitecturePackageVersionFilename
RedHat7s390xopenvswitch-ovn-central< 2.9.0-124.el7fdpopenvswitch-ovn-central-2.9.0-124.el7fdp.s390x.rpm
RedHat7s390xopenvswitch-ovn-vtep< 2.9.0-124.el7fdpopenvswitch-ovn-vtep-2.9.0-124.el7fdp.s390x.rpm
RedHat7noarchopenvswitch-test< 2.9.0-124.el7fdpopenvswitch-test-2.9.0-124.el7fdp.noarch.rpm
RedHat7s390xopenvswitch< 2.9.0-124.el7fdpopenvswitch-2.9.0-124.el7fdp.s390x.rpm
RedHat7ppc64leopenvswitch-ovn-host< 2.9.0-124.el7fdpopenvswitch-ovn-host-2.9.0-124.el7fdp.ppc64le.rpm
RedHat7s390xpython-openvswitch< 2.9.0-124.el7fdppython-openvswitch-2.9.0-124.el7fdp.s390x.rpm
RedHat7ppc64leopenvswitch-devel< 2.9.0-124.el7fdpopenvswitch-devel-2.9.0-124.el7fdp.ppc64le.rpm
RedHat7s390xopenvswitch-ovn-host< 2.9.0-124.el7fdpopenvswitch-ovn-host-2.9.0-124.el7fdp.s390x.rpm
RedHat7ppc64leopenvswitch-ovn-vtep< 2.9.0-124.el7fdpopenvswitch-ovn-vtep-2.9.0-124.el7fdp.ppc64le.rpm
RedHat7s390xopenvswitch-devel< 2.9.0-124.el7fdpopenvswitch-devel-2.9.0-124.el7fdp.s390x.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	s390x	openvswitch-ovn-central	< 2.9.0-124.el7fdp	openvswitch-ovn-central-2.9.0-124.el7fdp.s390x.rpm
RedHat	7	s390x	openvswitch-ovn-vtep	< 2.9.0-124.el7fdp	openvswitch-ovn-vtep-2.9.0-124.el7fdp.s390x.rpm
RedHat	7	noarch	openvswitch-test	< 2.9.0-124.el7fdp	openvswitch-test-2.9.0-124.el7fdp.noarch.rpm
RedHat	7	s390x	openvswitch	< 2.9.0-124.el7fdp	openvswitch-2.9.0-124.el7fdp.s390x.rpm
RedHat	7	ppc64le	openvswitch-ovn-host	< 2.9.0-124.el7fdp	openvswitch-ovn-host-2.9.0-124.el7fdp.ppc64le.rpm
RedHat	7	s390x	python-openvswitch	< 2.9.0-124.el7fdp	python-openvswitch-2.9.0-124.el7fdp.s390x.rpm
RedHat	7	ppc64le	openvswitch-devel	< 2.9.0-124.el7fdp	openvswitch-devel-2.9.0-124.el7fdp.ppc64le.rpm
RedHat	7	s390x	openvswitch-ovn-host	< 2.9.0-124.el7fdp	openvswitch-ovn-host-2.9.0-124.el7fdp.s390x.rpm
RedHat	7	ppc64le	openvswitch-ovn-vtep	< 2.9.0-124.el7fdp	openvswitch-ovn-vtep-2.9.0-124.el7fdp.ppc64le.rpm
RedHat	7	s390x	openvswitch-devel	< 2.9.0-124.el7fdp	openvswitch-devel-2.9.0-124.el7fdp.s390x.rpm