SUSE-SU-2022:4050-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2022-32166: Fixed out of bounds read in minimaskequal bsc1203865...

RHEL 9 : kernel (RHSA-2022:8267)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2022:8267 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: off-path attacker may inject data or...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

GSD-2022-1007622 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.9.332 by commit...

GSD-2022-1007548 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.14.298 by commit...

GSD-2022-1007457 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v4.19.264 by commit...

GSD-2022-1007341 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.4.223 by commit...

GSD-2022-1007166 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.10.153 by commit...

GSD-2022-1006941 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v5.15.77 by commit...

GSD-2022-1006623 openvswitch: switch from WARN to pr_warn

openvswitch: switch from WARN to prwarn This is an automated ID intended to aid in discovery of potential security vulnerabilities. The actual impact and attack plausibility have not yet been proven. This ID is fixed in Linux Kernel version v6.0.7 by commit 7bd495f6d2ccfae3951de2e88afdeb636a4737e...

EulerOS 2.0 SP9 : kernel (EulerOS-SA-2022-2767)

According to the versions of the kernel packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - Insufficient control flow management for the IntelR 82599 Ethernet Controllers and Adapters may allow an authenticated user to potentially enabl...

PT-2022-35421 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v5.10.153 Linux Kernel versions prior to v5.10.153 Description: The issue is related to a switch from WARN to pr warn in openvswitch. The actual impact and attack plausibility have not yet been proven...

PT-2022-34878 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v6.0.7 Linux Kernel versions prior to v6.0.7 Description: The issue is related to a switch from WARN to pr warn in openvswitch. The actual impact and attack plausibility have not yet been proven. Recommendations:...

PT-2022-35196 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v5.15.77 Linux Kernel versions v3.14 through v5.15.76 Description: The issue is related to a switch from WARN to pr warn in openvswitch. The actual impact and attack plausibility have not yet been proven...

AlmaLinux 8 : kernel (ALSA-2022:7683)

The remote AlmaLinux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2022:7683 advisory. - An issue was discovered in the Linux kernel through 5.16.11. The mixed IPID assignment method with the hash-based IPID assignment policy allows an...

PT-2022-35803 · Linux +1 · Linux Kernel +1

Name of the Vulnerable Software and Affected Versions: openvswitch versions prior to v4.14.298 Linux Kernel versions prior to v4.14.298 Description: The issue is related to a switch from WARN to pr warn in openvswitch. The actual impact and attack plausibility have not yet been proven...

kernel: openvswitch: integer underflow leads to out-of-bounds write in reserve_sfa_size()

An integer coercion error was found in the openvswitch kernel module. Given a sufficiently large number of actions, while copying and reserving memory for a new action of a new flow, the reservesfasize function does not return -EMSGSIZE as expected, potentially leading to an out-of-bounds write...

Debian dla-3168 : openvswitch-common - security update

The remote Debian 10 host has packages installed that are affected by a vulnerability as referenced in the dla-3168 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3168-1 [email protected] https://www.debian.org/lts/security/...

Debian: Security Advisory (DLA-3168-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

[SECURITY] [DLA 3168-1] openvswitch security update

------------------------------------------------------------------------- Debian LTS Advisory DLA-3168-1 [email protected] https://www.debian.org/lts/security/ Thorsten Alteholz October 29, 2022 https://wiki.debian.org/LTS -...