Lucene search
K

145 matches found

Vulnrichment
Vulnrichment
added 2025/03/27 4:43 p.m.1 views

CVE-2023-52977 net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

6.1AI score0.00252EPSS
Exploits0References7
RedhatCVE
RedhatCVE
added 2025/02/26 12:28 p.m.7 views

CVE-2022-49086

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix leak of nested actions While parsing user-provided actions, openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. So this memory has to be freed while...

5.5CVSS6.8AI score0.00258EPSS
Exploits0References4
OSV
OSV
added 2025/01/31 12:15 p.m.5 views

AZL-56414 CVE-2025-21682 affecting package kernel 5.15.200.1-1

In the Linux kernel, the following vulnerability has been resolved: eth: bnxt: always recalculate features after XDP clearing, fix null-deref Recalculate features when XDP is detached. Before: ip li set dev eth0 xdp obj xdpdummy.bpf.o sec xdp ip li set dev eth0 xdp off ethtool -k eth0 | grep gro...

5.5CVSS6.7AI score0.00208EPSS
Exploits0References1
SUSE CVE
SUSE CVE
added 2024/12/28 3:49 a.m.4 views

SUSE CVE-2024-56543

In the Linux kernel, the following vulnerability has been resolved: wifi: ath12k: Skip Rx TID cleanup for self peer During peer create, dp setup for the peer is done where Rx TID is updated for all the TIDs. Peer object for self peer will not go through dp setup. When core halts, dp cleanup is do...

5.5CVSS7.8AI score0.00211EPSS
Exploits0References13
BDU FSTEC
BDU FSTEC
added 2024/11/25 12:0 a.m.6 views

The vulnerability of the vhost_vdpa_probe() function in the vhost-vdpa component of Linux kernel allows a attacker to cause a service failure.

The vulnerability of the vhostvdpaprobe function in the vhost-vdpa component of Linux kernel modules is related to double memory deallocation errors. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS6.2AI score0.00241EPSS
Exploits0References14Affected Software4
NVD
NVD
added 2024/10/21 6:15 p.m.23 views

CVE-2024-49979

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from fraglist Detect tcp gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Vali...

5.5CVSS0.00229EPSS
Exploits0References5
Cvelist
Cvelist
added 2024/10/21 6:2 p.m.19 views

CVE-2024-49979 net: gso: fix tcp fraglist segmentation after pull from frag_list

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix tcp fraglist segmentation after pull from fraglist Detect tcp gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Vali...

0.00229EPSS
Exploits0References5
OSV
OSV
added 2024/10/21 6:2 p.m.11 views

CVE-2024-49978 gso: fix udp gso fraglist segmentation after pull from frag_list

In the Linux kernel, the following vulnerability has been resolved: gso: fix udp gso fraglist segmentation after pull from fraglist Detect gso fraglist skbs with corrupted geometry see below and pass these to skbsegment instead of skbsegmentlist, as the first can segment them correctly. Valid...

5.5CVSS6.1AI score0.00235EPSS
Exploits0References9
Positive Technologies
Positive Technologies
added 2024/10/21 12:0 a.m.6 views

PT-2024-33820

Name of the Vulnerable Software and Affected Versions: Linux kernel versions prior to 6.6.58 Description: The issue concerns the Linux kernel, where a vulnerability has been resolved related to the handling of UDP GSO fraglist segmentation after data is pulled from the frag list. This occurs when...

5.5CVSS5.3AI score0.00235EPSS
Exploits0
OSV
OSV
added 2024/06/19 2:15 p.m.1 views

DEBIAN-CVE-2024-38558

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

5.5CVSS6AI score0.00259EPSS
Exploits1References1
CVE
CVE
added 2024/06/19 1:35 p.m.166 views

CVE-2024-38558

CVE-2024-38558 concerns the Linux kernel's net/openvswitch handling of ICMPv6 in the OVS_PACKET_CMD_EXECUTE path. The root cause is a misuse of a shared IPv6 field between Neighbor Discovery (ND) state and conntrack original tuple (ct_orig) during packet-key parsing. When parsing ICMPv6, the code...

5.5CVSS7AI score0.00259EPSS
Exploits1References12Affected Software1
RedHat Linux
RedHat Linux
added 2024/05/22 10:3 a.m.4 views

kernel: net: openvswitch: reject negative ifindex

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next commit 759ab1edb56c "net: store netdevs in an xarray" refactored the handling of pre-assigned ifindexes and let syzbot surface a latent problem in ovs. ovs does...

6.8AI score0.00203EPSS
Exploits0References5
NVD
NVD
added 2024/04/12 2:15 p.m.12 views

CVE-2024-29461

An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote attacker to cause a denial of service via the datapath id component...

6.3CVSS6.6AI score0.00512EPSS
Exploits1References2
CVE
CVE
added 2024/04/12 12:0 a.m.52 views

CVE-2024-29461

CVE-2024-29461 affects Floodlight SDN OpenFlow Controller v1.2, with a vulnerability in the datapath id component that enables a remote attacker to cause a denial of service. Public documentation consistently notes the issue but does not provide exploit specifics. PT-2024-22913 explicitly lists F...

6.3CVSS6.8AI score0.00512EPSS
Exploits1References2Affected Software1
CNNVD
CNNVD
added 2024/04/12 12:0 a.m.8 views

Floodlight 安全漏洞

Floodlight is a leading open source OpenFlow controller. A security vulnerability exists in Floodlight version v.1.2 that originated from allowing remote attackers to cause a denial of service DOS via the datapath id component...

6.3CVSS6.6AI score0.00512EPSS
Exploits1References3
Cvelist
Cvelist
added 2024/04/12 12:0 a.m.21 views

CVE-2024-29461

An issue in Floodlight SDN OpenFlow Controller v.1.2 allows a remote attacker to cause a denial of service via the datapath id component...

6.8AI score0.00512EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2024/04/12 12:0 a.m.4 views

PT-2024-22913 · Unknown · Open Floodlight Sdn Controller

Name of the Vulnerable Software and Affected Versions: Floodlight SDN OpenFlow Controller version 1.2 Description: An issue in the Floodlight SDN OpenFlow Controller allows a remote attacker to cause a denial of service via the datapath id component. Recommendations: For Floodlight SDN OpenFlow...

6.3CVSS7.2AI score0.00512EPSS
Exploits1References7
Vulnrichment
Vulnrichment
added 2024/04/04 8:20 a.m.13 views

CVE-2024-26803 net: veth: clear GRO when clearing XDP even when down

In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIFFGRO automatically when XDP is enabled, because both features use the same NAPI machinery. The logic to clear NETIFFGRO sits in vethdisablexdp which is called...

6.6AI score0.00225EPSS
Exploits0References5
UbuntuCve
UbuntuCve
added 2024/04/04 12:0 a.m.24 views

CVE-2024-26803

In the Linux kernel, the following vulnerability has been resolved: net: veth: clear GRO when clearing XDP even when down veth sets NETIFFGRO automatically when XDP is enabled, because both features use the same NAPI machinery. The logic to clear NETIFFGRO sits in vethdisablexdp which is called...

5.5CVSS6.4AI score0.00225EPSS
Exploits0References21
RedHat Linux
RedHat Linux
added 2024/03/07 6:25 p.m.6 views

Moderate: Red Hat Bug Fix Advisory: openvswitch3.2 bug fix and enhancement update

An update for openvswitch3.2 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Bug Fixes and Enhancements: 24.B RHEL-9 Fast Datapath Release...

7.1CVSS6.7AI score0.00389EPSS
Exploits0References1
Rows per page
Query Builder