CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

EUVD•added 2026/05/05 6:33 p.m.•2 views

EUVD-2026-27345

A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a crash, resulting in...

NVD•added 2026/05/05 4:16 p.m.•3 views

CVE-2026-34956

5.9CVSS0.00129EPSS

Exploits0References3

ATTACKERKB•added 2026/05/05 3:45 p.m.•2 views

CVE-2026-34956

Vulnrichment•added 2026/05/05 3:45 p.m.•5 views

Exploits0References3

CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command

Cvelist•added 2026/05/05 3:45 p.m.•36 views

CVE-2026-34956 Openvswitch: open vswitch: denial of service via malformed ftp epasv command

5.9CVSS0.00129EPSS

CVE•added 2026/05/05 3:45 p.m.•9 views

CVE-2026-34956

CVE-2026-34956 affects Open vSwitch: the vulnerability is in the userspace conntrack FTP ALG handler where a crafted FTP payload (EPASV/FTP substrings) can trigger an invalid memory access due to type narrowing when copying FTP substrings. This memory access can crash the process, causing Denial ...

AstraLinux•added 2026/05/03 11:59 p.m.•3 views

Exploits0References3

Astra Linux - уязвимость в linux-6.1

In the Linux kernel, the following vulnerability has been resolved: pagepool: Always add GFPNOWARN for ATOMIC allocations. Driver authors often forget to include GFPNOWARN for page allocation from the datapath. This is annoying for users, as OOM errors are a common occurrence. We expect network R...

5.8AI score0.0004EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в openvswitch

A flaw was discovered in OpenVSwitch OVS. When processing an IP packet with protocol 0, OVS will install a datapath flow without modifying the IP header. This issue results in the installation of a datapath flow that matches all IP protocols with “nwproto” set to wildcard, but with an incorrect...

8.2CVSS6.8AI score0.00239EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•4 views

Astra Linux - уязвимость в linux-5.10, linux-5.15

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...

5.5CVSS5.9AI score0.00049EPSS

AstraLinux•added 2026/05/03 11:59 p.m.•2 views

Astra Linux - уязвимость в linux-5.10, linux-6.1

In the Linux kernel, the following vulnerability has been resolved: openvswitch: The issue of locking up the core during the process of unregistering a netdev due to the carrier status was fixed. The commit in the fixes tag attempted to address this issue through the following sequence of calls:...

5.5CVSS6.1AI score0.00016EPSS

RedHat Linux•added 2026/04/29 12:45 p.m.•5 views

Important: Red Hat Security Advisory: ovn24.03 security update

An update for ovn24.03 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS5.3AI score0.0004EPSS

Exploits0References7

RedHat Linux•added 2026/04/29 12:45 p.m.•5 views

Important: Red Hat Security Advisory: ovn25.09 security update

An update for ovn25.09 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS5.3AI score0.0004EPSS

Exploits0References10

RedHat Linux•added 2026/04/29 12:42 p.m.•4 views

Important: Red Hat Security Advisory: ovn23.09 security update

An update for ovn23.09 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.6CVSS5.3AI score0.0004EPSS

NVD•added 2026/04/22 2:16 p.m.•2 views

CVE-2026-31508

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Avoid releasing netdev before teardown completes The patch cited in the Fixes tag below changed the teardown code for OVS ports to no longer unconditionally take the RTNL. After this change, the netdevdestroy...

7.8CVSS0.00017EPSS

Exploits0References8

CVE•added 2026/04/22 1:54 p.m.•10 views

CVE-2026-31508

The CVE-2026-31508 issue affects the Linux kernel in the Open vSwitch teardown path. The root cause is that after a patch, the teardown code for OVS ports no longer unconditionally takes the RTNL, allowing netdev_destroy() to finish and free the netdev before unregistration completes if the IFF_O...

7.8CVSS5.6AI score0.00017EPSS

Exploits0References8Affected Software1

Tenable Nessus•added 2026/04/22 12:0 a.m.•0 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2026-013525)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013525 advisory. In the Linux kernel, the following vulnerability has been resolved: vdpa: fix use-after-free on vpvdparemove When vpvdpa driver is unbind, vpvdpa is freed in...

5.5CVSS5.6AI score0.00061EPSS