59 matches found
SUSE SLES15: libopenvswitch-2_14-0 / libovn-20_06-0 / openvswitch / etc (SUSE-SU-2026:2481-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2481-1 advisory. This update for openvswitch fixes the following issues - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498...
kernel: ip6_tunnel: clear skb2->cb[] in ip4ip6_err()
A flaw was found in the Linux kernel's IPv6 tunnel implementation. A remote attacker could exploit this flaw by sending malicious ICMPv6 error messages to cause a stack-based buffer overflow in the kernel's IPv4-over-IPv6 tunnel error handling code. This could result in a kernel crash denial of...
SUSE SLES15: libopenvswitch-3_5-0 / libovn-25_03-0 / openvswitch / etc (SUSE-SU-2026:2463-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2463-1 advisory. This update for openvswitch fixes the following issues Update ovn to 25.03.3: - CVE-2026-5265: heap over-read in ICMP error respons...
Astra Linux – Vulnerability found in Linux 5.10, Linux 6.1, and Linux 5.15
In the Linux kernel, the following vulnerability has been resolved: Tunnels: Fixed the crash when generating IPV4 PMTU errors due to KASAN. If we attempt to emit an ICMP error in response to a non-linear SKB, we encounter the following issue: Bug: KASAN: Out-of-bounds access in...
SUSE-SU-2026:2463-1 Security update for openvswitch
This update for openvswitch fixes the following issues Update ovn to 25.03.3: - CVE-2026-5265: heap over-read in ICMP error response generation bsc1262498. - CVE-2026-5367: heap over-read in OVN DHCPv6 client ID processing bsc1262499...
kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...
kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...
kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...
kernel: ipv6: icmp: clear skb2->cb[] in ip6_err_gen_icmpv6_unreach()
A flaw was found in the Linux kernel's IPv6 ICMP error generation. A remote attacker could send a specially crafted IPv4 ICMP error packet with a Common Internet Protocol Security Option CIPSO IP option. This could lead to incorrect handling of packet control block data when generating an IPv6 IC...
ovn: ovn: Heap Over-Read in ICMP Error Response Generation
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...
Important: Red Hat Security Advisory: ovn25.09 security update
An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
PT-2026-43772
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description A race condition exists in the icmp route lookup function during the reverse path process for sending ICMP error messages with XFRM IPsec policies. When the system acts as a forwarding...
SUSE CVE-2026-43038
In the Linux kernel, the following vulnerability has been resolved: ipv6: icmp: clear skb2-cb in ip6errgenicmpv6unreach Sashiko AI-review observed: In ip6errgenicmpv6unreach, the skb is an outer IPv4 ICMP error packet where its cb contains an IPv4 inetskbparm. When skb is cloned into skb2 and...
RHEL 9 : ovn24.03 (RHSA-2026:11700)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11700 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...
RHEL 9 : ovn25.09 (RHSA-2026:11702)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11702 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...
RHEL 9 : ovn25.03 (RHSA-2026:11701)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11701 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...
RHEL 9 : ovn23.09 (RHSA-2026:11698)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:11698 advisory. OVN, the Open Virtual Network, is a system to support virtual network abstraction. OVN complements the existing capabilities of OVS to add...
ovn: ovn: Heap Over-Read in ICMP Error Response Generation
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...
Important: Red Hat Security Advisory: ovn25.09 security update
An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
ovn: ovn: Heap Over-Read in ICMP Error Response Generation
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length iptotlen for IPv4, ip6plen for IPv6 without validating it against the actual packet buffer size...