SUSE SLES12 Security Update : openvswitch (SUSE-SU-2026:0619-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2026:0619-1 advisory. - CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service bsc1255435 Tenable has extracted the preceding...

Important: kernel-livepatch-6.1.158-180.294

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields CVE-2025-40254 Affected Packages: kernel-livepatch-6.1.158-180.294 Issue Correction: Please ensure you have live patching enabled. Run dnf upda...

EUVD-2020-20326

Malware in sbrugna...

Unity Linux 20.1070e Security Update: kernel (UTSA-2025-414436)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-414436 advisory. An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new acti...

EUVD-2025-13015

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2025-37998

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested...

Linux Distros Unpatched Vulnerability : CVE-2025-37789

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - net: openvswitch: fix nested key length validation in the set action It's not safe to access nlalenovskey if the data is smaller than the netlink header. Check...

CVE-2025-37998 openvswitch: Fix unsafe attribute parsing in output_userspace()

In the Linux kernel, the following vulnerability has been resolved: openvswitch: Fix unsafe attribute parsing in outputuserspace This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested, which ensures that only well-formed attributes are processed...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2025:0561-1)

The remote SUSE Linux SLES12 host has packages installed that are affected by a vulnerability as referenced in the SUSE- SU-2025:0561-1 advisory. - CVE-2025-0650: ovn: egress ACLs may be bypassed via specially crafted UDP packet. bsc1236353 Tenable has extracted the preceding description block...

CVE-2025-21681

Open vSwitch issue CVE-2025-21681 in the Linux kernel caused a lockup in skb_tx_hash when a netdev is unregistering with carrier reported as ON. The root cause was a loop in skb_tx_hash that could spin when dev->real_num_tx_queues goes to zero, especially for devices that report carrier state ...

Important: kernel

Issue Overview: In the Linux kernel, the following vulnerability has been resolved: ipvlan: add ipvlanroutev6outbound helper CVE-2023-52796 In the Linux kernel, the following vulnerability has been resolved: SUNRPC: Fix RPC client cleaned up the freed pipefs dentries CVE-2023-52803 In the Linux...

CVE-2021-46955 openvswitch: fix stack OOB read while fragmenting IPv4 packets

In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets: BUG: KASAN: stack-out-of-bounds...

Integer Underflow

openvswitch is vulnerable to integer underflow. The vulnerability exists in Organization Specific TLV which allows an attacker to cause an integer underflow...

Out-Of-Bound Reads

openvswitch is vulnerable to out-of-bounds reads. The vulnerability exists in Organization Specific TLV which allows an attacker to cause an application crash or code execution...

PT-2022-35421 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v5.10.153 Linux Kernel versions prior to v5.10.153 Description: The issue is related to a switch from WARN to pr warn in openvswitch. The actual impact and attack plausibility have not yet been proven...

openvswitch: limitation in the OVS packet parsing in userspace leads to DoS

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this...