SUSE: Security Advisory (SUSE-SU-2023:2251-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openvswitch (SUSE-SU-2023:2250-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2250-1 advisory. - An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitc...

SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openvswitch (SUSE-SU-2023:2255-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2255-1 advisory. - An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitc...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2023:2251-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:2251-1 advisory. - An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. CVE-2022-4337 - An integer...

SUSE-SU-2023:2255-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV bsc1206580. - CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV bsc1206581...

SUSE-SU-2023:2251-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV bsc1206580. - CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV bsc1206581...

SUSE-SU-2023:2250-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV bsc1206580. - CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV bsc1206581...

kernel: openvswitch: fix memory leak at failed datapath creation

A flaw was found in the openvswitch module in the Linux kernel. A missing release of allocated memory when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

Critical Photon OS Security Update - PHSA-2023-4.0-0391

Updates of 'openvswitch', 'etcd', 'runc', 'protobuf-c', 'mysql', 'nss' packages of Photon OS have been released...

Ubuntu: Security Advisory (USN-6068-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

kernel: openvswitch: fix memory leak at failed datapath creation

A flaw was found in the openvswitch module in the Linux kernel. A missing release of allocated memory when an error occurs will cause a memory leak, potentially impacting system performance and resulting in a denial of service...

PT-2025-25885 · Linux +2 · Linux Kernel +2

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: A memory leak issue has been identified in the Linux kernel, specifically in the openvswitch component. The issue occurs when the ovs dp cmd new function fails during datapath creation...

CLSA-2023-1683229770 kernel: Fix of 22 CVEs

media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26545 - net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0461 - Bluetooth: L2CAP: Fix u8 overflow CVE-2022-45934 -...

CLSA-2023-1683146027 kernel: Fix of 23 CVEs

media: rc: Fix use-after-free bugs caused by enetxirqsim CVE-2023-1118 - net: mpls: fix stale pointer if allocation fails during device rename CVE-2023-26545 - net/ulp: prevent ULP without clone op from entering the LISTEN status CVE-2023-0461 - Bluetooth: L2CAP: Fix u8 overflow CVE-2022-45934 -...

Siemens Industrial Products LLDP Uncontrolled Resource Consumption (CVE-2020-27827)

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. This plugin only...

[SECURITY] [DLA 3410-1] openvswitch security update

Debian LTS Advisory DLA-3410-1 [email protected] https://www.debian.org/lts/security/ Guilhem Moulin May 01, 2023 https://wiki.debian.org/LTS Package : openvswitch Version : 2.10.7+ds1-0+deb10u4 CVE ID : CVE-2023-1668 Debian Bug : 1034042 David Marchand discovered that Open vSwitch, a...

DLA-3410-1 openvswitch - security update

Bulletin has no description...

Debian: Security Advisory (DLA-3410-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Debian dla-3410 : openvswitch-common - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3410 advisory. ------------------------------------------------------------------------- Debian LTS Advisory DLA-3410-1 [email protected] https://www.debian.org/lts/security/...

Always-Incorrect Control Flow Implementation

openvswitch is vulnerable to Always-Incorrect Control Flow Implementation. The vulnerability exists due to incorrect handling of IP packets when processing an IP packet with protocol 0 resulting in an unexpected installation of datapath flow without modifying the IP header...