SUSE: Security Advisory (SUSE-SU-2023:4571-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES15 / openSUSE 15 Security Update : openvswitch (SUSE-SU-2023:4571-1)

The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4571-1 advisory. - A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFl...

SUSE-SU-2023:4573-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2023-5366: Fixed missing masks on a final stage with ports trie bsc1216002...

SUSE-SU-2023:4571-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2023-5366: Fixed missing masks on a final stage with ports trie bsc1216002...

Ubuntu: Security Advisory (USN-6514-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Open vSwitch: Multiple Vulnerabilities

Background Open vSwitch is a production quality multilayer virtual switch. Description Multiple vulnerabilities have been discovered in Open vSwitch. Please review the CVE identifiers referenced below for details. Impact Please review the referenced CVE identifiers for details. Workaround There i...

SUSE SLES15 Security Update : openvswitch (SUSE-SU-2023:4508-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:4508-1 advisory. - A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This...

SUSE: Security Advisory (SUSE-SU-2023:4508-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CLSA-2023-1700591846 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

CLSA-2023-1700591071 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

CLSA-2023-1700590886 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

CLSA-2023-1700590262 kernel: Fix of 10 CVEs

openvswitch: fix OOB access in reservesfasize CVE-2022-2639 - xen/blkfront: fix leaking data in shared pages CVE-2022-26365 - Bluetooth: Fix slab-out-of-bounds read in hciextendedinquiryresultevt CVE-2020-36386 - btrfs: only search for leftinfo if there is no rightinfo in trymergefreespace...

SUSE-SU-2023:4508-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2023-5366: Fixed missing masks on a final stage with ports trie bsc1216002...

kernel: net: openvswitch: fix flow memory leak in ovs_flow_cmd_new

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix flow memory leak in ovsflowcmdnew Syzkaller reports a memory leak of newflow in ovsflowcmdnew as it is not freed when an allocation of a key fails. BUG: memory leak unreferenced object 0xffff888116668000 siz...

kernel: net: openvswitch: fix race on port output

In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: fix race on port output assume the following setup on a single machine: 1. An openvswitch instance with one bridge and default flows 2. two network namespaces "server" and "client" 3. two ovs interfaces "server"...

Important Photon OS Security Update - PHSA-2023-4.0-0510

Updates of 'linux-aws', 'openvswitch', 'linux-secure', 'linux-rt' packages of Photon OS have been released...

Advisory ROSA-SA-2023-2262

Software: openvswitch 2.16.1 OS: ROSA-CHROME packageevrstring: openvswitch-2.16.1-3.src.rpm CVE-ID: CVE-2019-25076 BDU-ID: None CVE-Crit: MEDIUM CVE-DESC.: The TSS Tuple Space Search algorithm in Open vSwitch versions 2.x-2.17.2 and 3.0.0 allows remote attackers to cause denial of service delayin...

AZL-31280 CVE-2023-5366 affecting package openvswitch for versions less than 2.17.9-1

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to...

Important Photon OS Security Update - PHSA-2023-5.0-0093

Updates of 'redis', 'python3', 'openvswitch', 'syslog-ng', 'apache-tomcat' packages of Photon OS have been released...