SUSE: Security Advisory (SUSE-SU-2023:4508-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2023-1700591846 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

CLSA-2023-1700591071 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

CLSA-2023-1700590886 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

CLSA-2023-1700590262 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

SUSE-SU-2023:4508-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2023-5366: Fixed missing masks on a final stage with ports trie bsc1216002...

kernel: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

kernel: net: openvswitch: fix race on port output

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows 2. two network namespaces "server" and "client" 3. two ovs interfaces "server"...

Important Photon OS Security Update - PHSA-2023-4.0-0510

Updates of 'openvswitch', 'linux-secure', 'linux-rt', 'linux-aws' packages of Photon OS have been released...

Advisory ROSA-SA-2023-2262

Software: openvswitch 2.16.1 OS: ROSA-CHROME packageevrstring: openvswitch-2.16.1-3.src.rpm CVE-ID: CVE-2019-25076 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The TSS Tuple Space Search algorithm in Open vSwitch versions 2.x-2.17.2 and 3.0.0 allows remote attackers to cause denial of service delayin...

AZL-31280 CVE-2023-5366 affecting package openvswitch for versions less than 2.17.9-1

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...

Important Photon OS Security Update - PHSA-2023-5.0-0093

Updates of 'openvswitch', 'python3', 'redis', 'apache-tomcat', 'syslog-ng' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2023-3.0-0646

Updates of 'openvswitch', 'python3', 'binutils' packages of Photon OS have been released...

Critical Photon OS Security Update - PHSA-2023-5.0-0089

Updates of 'openvswitch', 'sqlite', 'libssh' packages of Photon OS have been released...

Amazon Linux 2 : kernel (ALASKERNEL-5.15-2023-023)

The version of kernel installed on the remote host is prior to 5.15.43-20.103. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2KERNEL-5.15-2023-023 advisory. 2024-03-13: CVE-2022-48619 was added to this advisory. 2023-10-12: CVE-2021-3923 was added to this advisor...

openSUSE 15 Security Update : openvswitch (SUSE-SU-2023:2250-2)

The remote openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2250-2 advisory. - An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. CVE-2022-4337 - An integer underflow in Organizati...

SUSE-SU-2023:2250-2 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV bsc1206580. - CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV bsc1206581...

SUSE: Security Advisory (SUSE-SU-2023:2621-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2023:2621-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:2621-1 advisory. - A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action...