The vulnerability of the `ovs_vport_cmd_fill_info()` function in the `net/openvswitch/datapath.c` module, which is part of the Open vSwitch router support in the Linux operating system, allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the ovsvportcmdfillinfo function in the net/openvswitch/datapath.c module, which is part of the Open vSwitch router support in the Linux operating system, relates to the reutilization of previously released memory. Exploiting this vulnerability could allow an attacker to...

SUSE CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

SUSE CVE-2025-21958

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

DEBIAN-CVE-2025-21958

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

DEBIAN-CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

UBUNTU-CVE-2025-21958

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

UBUNTU-CVE-2025-21926

In the Linux kernel, the following vulnerability has been resolved: net: gso: fix ownership in udpgsosegment In udpgsosegment the skb destructor is removed before segmenting the skb but the socket reference is kept as-is. This is an issue if the original skb is later orphaned as we can hit the...

CVE-2025-21958 Revert "openvswitch: switch to per-action label counting in conntrack"

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

CVE-2025-21958 Revert "openvswitch: switch to per-action label counting in conntrack"

In the Linux kernel, the following vulnerability has been resolved: Revert "openvswitch: switch to per-action label counting in conntrack" Currently, ovsctsetlabels is only called for confirmed conntrack entries ct within ovsctcommit. However, if the conntrack entry does not have the labelsext...

CVE-2025-21926

CVE-2025-21926 : In the Linux kernel, the net: gso: fix ownership in __udp_gso_segment vulnerability is resolved. The bug occurs when __udp_gso_segment removes the skb destructor while keeping the socket reference intact, risking a skb_orphan-triggered kernel BUG with OpenVSwitch sequences (OVS_A...

PT-2025-14339 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: Linux kernel affected versions not specified Description: The issue is related to the openvswitch in the Linux kernel. Specifically, it involves the ovs ct set labels function, which is called for confirmed conntrack entries within ovs ct...

SUSE CVE-2023-52977

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-52977

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

DEBIAN-CVE-2023-52977

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

UBUNTU-CVE-2023-52977

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-52977 net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-52977 net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

CVE-2023-52977

CVE-2023-52977 is a kernel vulnerability in the Linux kernel’s net/openvswitch path where a memory leak occurs in ovs_flow_cmd_new when key allocation fails. The issue is triggered during netlink/genl handling as shown in the provided trace, and the remediation described in the patch is to reorde...

CVE-2023-52977 net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...