1108 matches found
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerability has been resolved: The behavior of “openvswitch: switch to per-action label counting in conntrack” has been corrected. Currently, the ovsctsetlabels function is only called for confirmed conntrack entries within ovsctcommit. However, if the conntra...
Astra Linux - уязвимость в openvswitch
It has been discovered that openvswitch 2.17.8 contains a memory leak due to the xmalloc function in openvswitch-2.17.8/lib/util.c...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fixed a possible memory leak in ovsmetercmdset. oldmeter needs to be freed after it is detached, regardless of whether the new meter is successfully attached...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fixed the dead loop in MPLS parsing An unexpected MPLS packet may not end with the bottom label stack. When there are multiple stacks, the label count value wraps around. This leads to a dead loop, causing a sof...
Astra Linux - уязвимость в linux-5.10
In the Linux kernel, the following vulnerabilities have been resolved: openvswitch: fixed a memory leak when failing to create a datapath. ovsdpcmdnew - ovsdpchange - ovsdpsetupcallportids allocates an array using kmalloc. If newvport fails during ovsdpcmdnew, dp-upcallportids must be freed. Adde...
Astra Linux - уязвимость в linux-6.1, linux-5.15, linux-5.10
In the Linux kernel, the following vulnerability has been resolved: openvswitch: The issue of unsafe attribute parsing in outputuserspace has been fixed. This patch replaces the manual Netlink attribute iteration in outputuserspace with nlaforeachnested, which ensures that only well-formed...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: Fixed the use-after-free issue in ovsctctexit. Since “kfreercu”, which is called during the hlistforeachentryrcu traversal of ovsctlimitexit, is not part of the RCU read critical section, it is possible that the...
Astra Linux - уязвимость в linux-5.10, linux-5.15
In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: Fixed a race condition related to port output. Assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows. 2. Two network namespaces: “server” and “client”. 3...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix nested key length validation in the set action It is not safe to access nlalenovskey if the data is smaller than the netlink header. Make sure the attribute is valid first...
Astra Linux - уязвимость в linux-5.10, linux
In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: Fixed a leak of nested actions. When parsing user-provided actions, the openvswitch module may dynamically allocate memory and store pointers in the internal copy of the actions. This memory must be freed whe...
Astra Linux - уязвимость в linux-5.10, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fixed a flow memory leak in ovsflowcmdnew Syzkaller reported a memory leak in ovsflowcmdnew, as the memory allocated for the flow command does not get freed when an allocation fails. Bug: Memory leak. Unreferenc...
Astra Linux - уязвимость в linux, linux-5.10, linux-5.15, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting of the original conntrack tuple for ICMPv6 OVSPACKETCMDEXECUTE has three main attributes: - OVSPACKETATTRKEY: Packet metadata in netlink format. - OVSPACKETATTRPACKET: Binary packet content. -...
Astra Linux - уязвимость в linux-5.10, linux-6.1, linux, linux-5.15
In the Linux kernel, the following vulnerability has been resolved: net: gso: The ownership in udpgsosegment was corrected. In udpgsosegment, the skb destructor is removed before the skb is segmented, but the reference to the socket remains intact. This issue arises if the original skb becomes...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix middle attribute validation in pushnsh action The pushnsh action structure looks like this: OVSACTIONATTRPUSHNSHOVSKEYATTRNSHOVSNSHKEYATTRBASE,... The outermost OVSACTIONATTRPUSHNSH attribute is validated by...
Astra Linux - уязвимость в linux-5.10, linux-6.1
In the Linux kernel, the following vulnerabilities have been resolved: net: openvswitch: removed the never-working support for setting nsh fields The validation of the setnsh... action is completely incorrect. It uses the nshkeyputfromnlattr function, which is the same function used to validate N...
SUSE-SU-2026:1871-1 Security update for openvswitch
This update for openvswitch fixes the following issue: - CVE-2026-34956: Invalid memory access in conntrack FTP alg bsc1261273...
Medium: kernel
Issue Overview: In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output CVE-2023-53188 In the Linux kernel, the following vulnerability has been resolved: ipvs: properly dereference pe in ipvsaddservice CVE-2024-42322 In the Linux kernel, the...
SUSE CVE-2026-39402
lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...
RHCOS 4 : OpenShift Container Platform 4.9.0 (RHSA-2021:3758)
The remote Red Hat Enterprise Linux CoreOS 4 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2021:3758 advisory. - coreos-installer: restrict access permissions on /boot/ignition,/config.ign CVE-2021-3917 - jetty: requests to the ConcatServlet a...
CVE-2026-39402
lxc is a Linux container runtime. In the setuid helper lxc-user-nic, the delete path contains a logic flaw in the findline function that allows an unprivileged user to delete OVS-attached network interfaces belonging to other users. When lxc-user-nic delete scans its NIC database to authorize a...