1108 matches found
CVE-2023-1668
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
CVE-2023-1668
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
AZL-26031 CVE-2023-1668 affecting package openvswitch for versions less than 2.17.5-2
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
Design/Logic Flaw
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
CVE-2023-1668
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
CVE-2023-1668
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
CVE-2023-1668
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
CVE-2023-1668
CVE-2023-1668 — Open vSwitch (OVS) has a flaw where, when processing an IP packet with protocol 0, OVS installs a datapath flow whose action does not modify the IP header. This can cause a datapath rule matching all IP protocols (nw_proto wildcarded) to have an incorrect action, risking improper ...
SUSE SLED15 / SLES15 / openSUSE 15 Security Update : openvswitch (SUSE-SU-2023:1795-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:1795-1 advisory. - Open vSwitch aka openvswitch 2.11.0 through 2.15.0 has a use-after-free in decodeNXASTRAWENCAP...
SUSE-SU-2023:1795-1 Security update for openvswitch
This update for openvswitch fixes the following issues: - CVE-2021-36980: Fixed a use-after-free issue during the decoding of a RAWENCAP action bsc1188524. - CVE-2022-32166: Fixed a out of bounds read in minimaskequal bsc1203865...
CVE-2023-1668
A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...
CBL Mariner 2.0 Security Update: openvswitch (CVE-2019-25076)
The version of openvswitch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2019-25076 advisory. - The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attacke...
Denial Of Service (DoS)
openvswitch is vulnerable to Denial of Service DoS attacks. A memory leak occurs during userspace IP fragmentation processing, which allows an attacker to use this flaw to potentially exhaust available memory by keeping sending packet fragments, causing the application to crash...
Unbreakable Enterprise kernel security update
5.4.17-2136.317.5.3 - udf: Fix file corruption when appending just after end of preallocated extent Jan Kara Orabug: 35192150 - selftests/ftrace: Fix bash specific '==' operator Masami Hiramatsu Google Orabug: 35192150 - net: Fix unwanted sign extension in netdevstatstostats64 Felix Riemann Orabu...
CBL Mariner 2.0 Security Update: openvswitch (CVE-2022-4337)
The version of openvswitch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4337 advisory. - An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch...
CBL Mariner 2.0 Security Update: openvswitch (CVE-2022-4338)
The version of openvswitch installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2022-4338 advisory. - An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch...
GSD-2023-1002374 net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
net: openvswitch: fix possible memory leak in ovsmetercmdset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.169 by commit...
GSD-2023-1002345 net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
net: openvswitch: fix possible memory leak in ovsmetercmdset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.95 by commit...
GSD-2023-1002304 net: openvswitch: fix possible memory leak in ovs_meter_cmd_set()
net: openvswitch: fix possible memory leak in ovsmetercmdset This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.1.13 by commit...
PT-2023-35380 · Unknown · Openvswitch
Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v6.1.13 Description: A potential memory leak issue exists in the ovs meter cmd set function. The actual impact and attack plausibility have not yet been proven. Recommendations: For versions prior to v6.1.13,...