Lucene search

RedosROS-20240411-06

HistoryApr 11, 2024 - 12:00 a.m.

ROS-20240411-06

2024-04-1100:00:00

redos.red-soft.ru

vulnerability

xmalloc

openvswitch

denial of service

unix

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

A vulnerability in the xmalloc__ in() function of the openvswitch module is related to a lack of memory release after an
effective lifetime. Exploitation of the vulnerability could allow an attacker acting remotely,
cause a denial of service

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64openvswitch<= 2.16.0-4UNKNOWN

OS	Version	Architecture	Package	Version	Filename
redos	7.3	x86_64	openvswitch	<= 2.16.0-4	UNKNOWN

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.1 High

AI Score

Confidence

High

0.0005 Low

EPSS

Percentile

17.1%

JSON

Related for ROS-20240411-06