128 matches found
Moderate: Red Hat Security Advisory: openvswitch2.13 security, bug fix and enhancement update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: openvswitch2.17 security, bug fix and enhancement update
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: openvswitch2.17 security, bug fix and enhancement update
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : openvswitch2.17 (RHSA-2023:0688)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0688 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
RHEL 9 : openvswitch2.17 (RHSA-2023:0691)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0691 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
RHEL 8 : openvswitch2.13 (RHSA-2023:0685)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0685 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
RHEL 8 : openvswitch2.15 (RHSA-2023:0687)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0687 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
RHEL 8 : openvswitch2.16 (RHSA-2023:0689)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:0689 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...
CVE-2022-4337 affecting package openvswitch for versions less than 2.17.5-1
CVE-2022-4337 affecting package openvswitch for versions less than 2.17.5-1. An upgraded version of the package is available that resolves this issue...
Debian DSA-5319-1 : openvswitch - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dsa-5319 advisory. Two vulnerabilities were discovered in the LLPD implementation of Open vSwitch, software-based Ethernet virtual switch, which could result in denial of service. F...
[SECURITY] [DSA 5319-1] openvswitch security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5319-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff January 13, 2023 https://www.debian.org/security/faq -...
CVE-2022-4337
creationtimestamp| type| source ---|---|--- 2023-01-11 00:34:50+00:00| seen| https://t.me/cibsecurity/56276...
CVE-2022-4337
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch...
CVE-2022-4337
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch...
CVE-2022-4337
CVE-2022-4337 describes an out-of-bounds read in Open vSwitch’s Organization Specific TLV across various Open vSwitch versions. The related documents identify Open vSwitch as the affected product with the root cause being an out-of-bounds read in TLV handling, leading to high-severity impact (con...
CVE-2022-4337
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch...
CVE-2022-4337
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch...
_validateSignature should not revert on invalid signature (EIP-4337)
Lines of code Vulnerability details Impact Results in unexpected behavior in the EntryPoint contract. Proof of Concept As said in the official specification of EIP-4337: "If the account does not support signature aggregation, it MUST validate the signature is a valid signature of the userOpHash,...
[Medium-3] Non-compliance with EIP-4337
Lines of code Vulnerability details Impact Some parts of the codebase are not compliant with the EIP-4337 from the EIP-4337 specifications, at multiple degrees of severity. Proof of Concept Sender existence Create the account if it does not yet exist, using the initcode provided in the...
Incorrect management of requested gas amount in EIP-4337 logic
Lines of code Vulnerability details Description According to the EIP-150 call can consume as most 63/64 of parent calls' gas. That means that it is possible to manipulate the gas amount to be passed into calls mentioned in the "Links to affected code" section. Specifically, if the amount of gas...