Lucene search

K
redhatRedHatRHSA-2021:2077
HistoryMay 20, 2021 - 6:57 p.m.

(RHSA-2021:2077) Important: openvswitch security update

2021-05-2018:57:03
access.redhat.com
51

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.044 Low

EPSS

Percentile

92.2%

Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

  • lldpd: buffer overflow in the lldp_decode function in daemon/protocols/lldp.c
    (CVE-2015-8011)

  • openvswitch: limitation in the OVS packet parsing in userspace leads to DoS
    (CVE-2020-35498)

  • lldp/openvswitch: denial of service via externally triggered memory leak
    (CVE-2020-27827)

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.8 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:L/Au:N/C:N/I:N/A:C

0.044 Low

EPSS

Percentile

92.2%