Lucene search
K

790 matches found

OSV
OSV
added 2026/04/17 1:2 p.m.9 views

OESA-2026-1961 openvswitch security update

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixes: "Description\n===========\n\nMultiple versions of Open vSwitch are vulnerable to crafted FTP payloads\ncausing invalid memory accesses, potential...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References2
OSV
OSV
added 2026/04/11 2:4 p.m.12 views

OESA-2026-1872 openvswitch security update

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixes: "Description\n===========\n\nMultiple versions of Open vSwitch are vulnerable to crafted FTP payloads\ncausing invalid memory accesses, potential...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References2
OSV
OSV
added 2026/04/11 2:4 p.m.9 views

OESA-2026-1871 openvswitch security update

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixes: "Description\n===========\n\nMultiple versions of Open vSwitch are vulnerable to crafted FTP payloads\ncausing invalid memory accesses, potential...

5.9CVSS5.8AI score0.00405EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/01 12:0 a.m.5 views

PT-2026-29690

Name of the Vulnerable Software and Affected Versions Open vSwitch affected versions not specified Description An issue exists in Open vSwitch related to invalid memory access within the conntrack FTP algorithm. Specifically, crafted FTP payloads can trigger invalid memory accesses, potentially...

5.9CVSS6.1AI score0.00405EPSS
Exploits0References45
SUSE Linux
SUSE Linux
added 2026/02/26 3:9 p.m.5 views

Security update for openvswitch

This update for openvswitch fixes the following issues: CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service bsc1255435 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper...

6.5CVSS5.4AI score0.00783EPSS
Exploits0References4
Amazon
Amazon
added 2026/02/18 12:0 a.m.46 views

Important: kernel6.12

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: netfilter: nftables: reject duplicate device on updates CVE-2025-38678 In the Linux kernel, the following vulnerability has been resolved: tcpmetrics: use dstdevnetrcu CVE-2025-40075 In the Linux kernel, the...

5.5CVSS6.4AI score0.00517EPSS
Exploits4
RedHat Linux
RedHat Linux
added 2026/02/09 2:40 a.m.3 views

kernel: Linux kernel (openvswitch): Denial of Service and limited data exposure via improper key length validation

A flaw was found in the Linux kernel's openvswitch virtual environment. A local attacker with low privileges could exploit improper data and key length validation in the set action. This could lead to a denial of service, making the system unresponsive, and potentially result in limited informati...

7.8CVSS5.8AI score0.00179EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/01/28 12:26 a.m.19 views

Moderate: Red Hat Security Advisory: kernel-rt security update

An update for kernel-rt is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

7.8CVSS6.9AI score0.00319EPSS
Exploits0References15
Tenable Nessus
Tenable Nessus
added 2026/01/22 12:0 a.m.5 views

Azure Linux 3.0 Security Update: hyperv-daemons (CVE-2024-27395)

The version of hyperv-daemons installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-27395 advisory. - In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fix...

7.8CVSS6.7AI score0.00244EPSS
Exploits0References2
Packet Storm News
Packet Storm News
added 2026/01/21 12:0 a.m.3 views

Side-Channel Attacks on Open VSwitch

Virtualization is widely adopted in cloud systems to manage resource sharing among users. A virtualized environment usually deploys a virtual switch within the host system to enable virtual machines to communicate with each other and with the physical network. The Open vSwitch OVS is one of the...

5.9AI score
Exploits0
Redos
Redos
added 2026/01/19 12:0 a.m.9 views

ROS-20260119-7355

A vulnerability in the ovsvportcmdfillinfo function of the net/openvswitch/datapath.c module of the Open vSwitch router support module of the Linux kernel is related to the reuse of previously freed memory. Exploitation of the vulnerability may allow an attacker to affect confidentiality, integri...

7.8CVSS7.8AI score0.00232EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/01/14 6:22 p.m.7 views

CVE-2025-68785

A slab-out-of-bounds read vulnerability was found in the Linux kernel's Open vSwitch OVS module. The pushnsh action does not validate the middle nested attribute OVSKEYATTRNSH between the outer action and inner key attributes. When the middle attribute has an incorrect size, the nladata unwrap...

5.5CVSS5.3AI score0.00186EPSS
Exploits0References4
OSV
OSV
added 2026/01/13 4:15 p.m.5 views

AZL-74336 CVE-2025-68785 affecting package kernel for versions less than 6.6.121.1-1

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

6.1AI score0.00186EPSS
Exploits0References1
OSV
OSV
added 2026/01/13 4:15 p.m.3 views

UBUNTU-CVE-2025-68785

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

6AI score0.00186EPSS
Exploits0References38
Cvelist
Cvelist
added 2026/01/13 3:28 p.m.22 views

CVE-2025-68785 net: openvswitch: fix middle attribute validation in push_nsh() action

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is OK'ed by the...

0.00186EPSS
Exploits0References7
OSV
OSV
added 2026/01/08 2:43 p.m.2 views

SUSE-SU-2026:20061-1 Security update for openvswitch

This update for openvswitch fixes the following issues: Update OpenvSwitch to v3.1.7 and OVN to v23.03.3: Security issues fixed: - CVE-2023-3966: ovs: invalid memory access and potential denial of service via specially crafted Geneve packets bsc1219465. - CVE-2023-5366: ovs: OpenFlow rules may be...

8.1CVSS6.6AI score0.01033EPSS
Exploits0References9
Ubuntu
Ubuntu
added 2025/12/12 1:44 p.m.7 views

USN-7907-5: Linux kernel kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Cryptographic API; - ACPI drivers; - Hardware monitoring drivers; - InfiniBand drivers; - Mailbox framework; -...

7.8CVSS7.1AI score0.00261EPSS
Exploits0
OSV
OSV
added 2025/12/09 1:30 a.m.4 views

CVE-2023-53843 net: openvswitch: reject negative ifindex

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next commit 759ab1edb56c "net: store netdevs in an xarray" refactored the handling of pre-assigned ifindexes and let syzbot surface a latent problem in ovs. ovs does...

6.5AI score0.00211EPSS
Exploits0References6
OSV
OSV
added 2025/12/04 4:16 p.m.4 views

UBUNTU-CVE-2025-40254

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

5.9AI score0.00207EPSS
Exploits0References34
EUVD
EUVD
added 2025/12/04 4:8 p.m.6 views

EUVD-2025-201203

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...

6AI score0.00207EPSS
Exploits0References6
Rows per page
Query Builder