400 matches found
SUSE CVE-2017-14970
In lib/ofp-util.c in Open vSwitch OvS before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more...
SUSE CVE-2018-7327
In Wireshark 2.4.0 to 2.4.4 and 2.2.0 to 2.2.12, epan/dissectors/packet-openflowv6.c had an infinite loop that was addressed by validating property lengths...
SUSE CVE-2018-17204
An issue was discovered in Open vSwitch OvS 2.7.x through 2.7.6, affecting parsegrouppropntrselectionmethod in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and comma...
SUSE CVE-2018-1000155
OpenFlow version 1.0 onwards contains a Denial of Service and Improper authorization vulnerability in OpenFlow handshake: The DPID DataPath IDentifier in the featuresreply message are inherently trusted by the controller. that can result in Denial of Service, Unauthorized Access, Network...
SUSE CVE-2021-36980
Open vSwitch aka openvswitch 2.11.0 through 2.15.0 has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode during the decoding of a RAWENCAP action...
SUSE CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
Moderate: Red Hat Security Advisory: openvswitch2.13 security, bug fix and enhancement update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: openvswitch2.17 security, bug fix and enhancement update
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
DEBIAN-CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
UBUNTU-CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
CVE-2022-4345
Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6.9 allows denial of service via packet injection or crafted capture file...
Wireshark 4.0.x < 4.0.2 Multiple Vulnerabilities
The version of Wireshark installed on the remote Windows host is prior to 4.0.2. It is, therefore, affected by multiple vulnerabilities as referenced in the wireshark-4.0.2 advisory. - Infinite loops in the BPv6, OpenFlow, and Kafka protocol dissectors in Wireshark 4.0.0 to 4.0.1 and 3.6.0 to 3.6...
Wireshark 安全漏洞
Wireshark formerly known as Ethereal is a network packet analysis software from the Wireshark team. The software's function is to intercept network packets and display detailed data for analysis.Wireshark has a security vulnerability that stems from an infinite loop in the BPv6, OpenFlow, and Kaf...
Wireshark has an unspecified vulnerability (CNVD-2023-04534)
Wireshark formerly known as Ethereal is a network packet analysis software from the Wireshark team. The software's function is to intercept network packets and display detailed data for analysis.Wireshark has a security vulnerability that stems from an infinite loop in the BPv6, OpenFlow, and Kaf...
KLA20164 Multiple vulnerabilities in Wireshark
Multiple vulnerabilities were found in Wireshark. Malicious users can exploit these vulnerabilities to cause denial of service. Below is a complete list of vulnerabilities: 1. Denial of service vulnerability in BPv6, OpenFlow, and Kafka protocol dissectors can be exploited to cause denial of...
Moderate: Red Hat Bug Fix Advisory: openvswitch2.13 bug fix and enhancement update
An update for openvswitch2.13 is now available in Fast Datapath for Red Hat Enterprise Linux 7. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Bug Fixes and Enhancements: RHEL-7 bad key length while flow...
Moderate: Red Hat Security Advisory: openvswitch2.13 security update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: openvswitch2.15 security update
An update for openvswitch2.15 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: openvswitch2.17 security update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: openvswitch2.17 security update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...