net: openvswitch: remove never-working support for setting nsh fields

...

CVE-2025-40254

Open vSwitch NSH Network Service Header field modification has been fundamentally broken since introduction. The setnsh... action reuses validation code designed for different memory layouts—masked sets double attribute sizes, but the validator doesn't account for this. Additionally, 'masked' and...

SUSE CVE-2025-40254

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

AZL-71384 CVE-2025-40254 affecting package kernel for versions less than 6.6.119.3-1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254

CVE-2025-40254 targets the Linux kernel openvswitch nsh field handling. The issue stems from incorrect validation of set(nsh(...)) due to a mismatched memory layout and confusing mask vs value flags, which can cause kernel NULL pointer dereferences or crashes during validation. The advisory notes...

CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

CVE-2025-40254 net: openvswitch: remove never-working support for setting nsh fields

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

PT-2026-2517

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw within the Open vSwitch component related to insufficient validation of attributes in the push nsh action. Specifically, the code does not adequately...

PT-2025-49084

Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc4+ Description The Linux kernel contains a flaw in the Open vSwitch OVS component related to the handling of Network Service Header NSH fields within the setnsh... action. The validation process for this...

Linux Distros Unpatched Vulnerability : CVE-2025-40254

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the...

CLSA-2025-1763989962 Fix of 8 CVEs

CVE-url: https://ubuntu.com/security/CVE-2025-38352 - posix-cpu-timers: fix race between handleposixcputimers and posixcputimerdel CVE-url: https://ubuntu.com/security/CVE-2022-25265 - x86/elf: Add table to document READIMPLIESEXEC - x86/elf: Split READIMPLIESEXEC from executable PTGNUSTACK -...

EulerOS 2.0 SP12 : kernel (EulerOS-SA-2025-2330)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : tracing: Add downwritetraceeventsem when adding trace eventCVE-2025-38539 tipc: fix null-ptr-deref when acquiring remote ip of ethernet...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990564)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990564 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989151)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989151 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflo...

Unity Linux 20.1050e Security Update: kernel (UTSA-2025-990119)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990119 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-989144)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-989144 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch...

Unity Linux 20.1070a Security Update: kernel (UTSA-2025-990017)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-990017 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it i...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987615)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987615 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-987706)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-987706 advisory. In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflo...