SUSE-SU-2024:2123-1 Security update for the Linux Kernel (Live Patch 41 for SLE 15 SP2)

This update for the Linux Kernel 5.3.18-15020024166 fixes several issues. The following security issues were fixed: - CVE-2021-46955: Fixed an out-of-bounds read with openvswitch, when fragmenting IPv4 packets bsc1220537. - CVE-2024-26852: Fixed use-after-free in ip6routempathnotify bsc1223059...

DEBIAN-CVE-2024-38558

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

UBUNTU-CVE-2024-38558

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

CVE-2024-38558 net: openvswitch: fix overwriting ct original tuple for ICMPv6

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

CVE-2024-38558

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

CVE-2024-38558 net: openvswitch: fix overwriting ct original tuple for ICMPv6

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix overwriting ct original tuple for ICMPv6 OVSPACKETCMDEXECUTE has 3 main attributes: - OVSPACKETATTRKEY - Packet metadata in a netlink format. - OVSPACKETATTRPACKET - Binary packet content. -...

Linux kernel security vulnerabilities

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from a security issue in the net openvswitch...

OPENSUSE-SU-2024:10150-1 openvswitch-2.6.1-2.1 on GA media

These are all security issues fixed in the openvswitch-2.6.1-2.1 package on the GA media of openSUSE Tumbleweed...

OPENSUSE-SU-2024:13657-1 libopenvswitch-3_1-0-3.1.0-18.1 on GA media

These are all security issues fixed in the libopenvswitch-31-0-3.1.0-18.1 package on the GA media of openSUSE Tumbleweed...

CVE-2023-3966 affecting package openvswitch for versions less than 2.17.9-1

CVE-2023-3966 affecting package openvswitch for versions less than 2.17.9-1. A patched version of the package is available...

CVE-2023-5366 affecting package openvswitch for versions less than 2.17.9-1

CVE-2023-5366 affecting package openvswitch for versions less than 2.17.9-1. A patched version of the package is available...

K000139876: Linux kernel vulnerability CVE-2021-46955

Security Advisory Description In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix stack OOB read while fragmenting IPv4 packets running openvswitch on kernels built with KASAN, it's possible to see the following splat while testing fragmentation of IPv4 packets:...

RHEL 6 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openvswitch: Buffer over-read while parsing the group mod OpenFlow message CVE-2017-9265 - In Open vSwitc...

RHEL 7 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dpdk: librtevhost Integer truncation in vhostusercheckandallocqueuepair CVE-2020-10723 - openvswitch:...

RHEL 8 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - dpdk: librtevhost Integer truncation in vhostusercheckandallocqueuepair CVE-2020-10723 - openvswitch:...

kernel: net: openvswitch: reject negative ifindex

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: reject negative ifindex Recent changes in net-next commit 759ab1edb56c "net: store netdevs in an xarray" refactored the handling of pre-assigned ifindexes and let syzbot surface a latent problem in ovs. ovs does...

CVE-2023-52702

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it is detached regardless of whether the new meter is successfully attached...

DEBIAN-CVE-2023-52702

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it is detached regardless of whether the new meter is successfully attached...

CVE-2023-52702

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it is detached regardless of whether the new meter is successfully attached...

UBUNTU-CVE-2023-52702

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix possible memory leak in ovsmetercmdset oldmeter needs to be free after it is detached regardless of whether the new meter is successfully attached...