SUSE SLES12 Security Update : openvswitch (SUSE-SU-2026:0619-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0619-1 advisory. - CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service bsc1255435 Tenable has extracted the preceding...

Important: kernel-livepatch-6.1.158-180.294

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields CVE-2025-40254 Affected Packages: kernel-livepatch-6.1.158-180.294 Issue Correction: Please ensure you have live patching enabled. Run dnf upda...

EUVD-2020-20326

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414436 advisory. An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new acti...

EUVD-2025-13015

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-37998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested...

Linux Distros Unpatched Vulnerability : CVE-2025-37789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check...

CVE-2025-37998 openvswitch: Fix unsafe attribute parsing in output_userspace()

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested, which ensures that only well-formed attributes are processed...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2025:0561-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0561-1 advisory. - CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet. bsc1236353 Tenable has extracted the preceding description block...

CVE-2025-21681

Open vSwitch issue CVE-2025-21681 in the Linux kernel caused a lockup in skb_tx_hash when a netdev is unregistering with carrier reported as ON. The root cause was a loop in skb_tx_hash that could spin when dev->real_num_tx_queues goes to zero, especially for devices that report carrier state ...

The vulnerability of the openvswitch component in the Linux operating system allows a hacker to cause a service failure.

The vulnerability of the openvswitch component in the Linux operating system is related to insufficient validation of input data in the parseicmpv6 function. Exploiting this vulnerability can allow an attacker to cause a service failure...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper CVE-2023-52796 In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries CVE-2023-52803 In the Linux...

CVE-2021-46955 openvswitch: fix stack OOB read while fragmenting IPv4 packets

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...

Integer Underflow

openvswitch is vulnerable to integer underflow. The vulnerability exists in Organization Specific TLV which allows an attacker to cause an integer underflow...

Out-Of-Bound Reads

openvswitch is vulnerable to out-of-bounds reads. The vulnerability exists in Organization Specific TLV which allows an attacker to cause an application crash or code execution...

PT-2022-35421 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v5.10.153 Linux Kernel versions prior to v5.10.153 Description: The issue is related to a switch from WARN to pr warn in openvswitch. The actual impact and attack plausibility have not yet been proven...

openvswitch: limitation in the OVS packet parsing in userspace leads to DoS

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this...