7 matches found
CVE-2026-45840
CVE-2026-45840 : The vulnerability in the Linux kernel openvswitch path allows a CAP_NET_ADMIN user to overflow the vport netlink reply buffer by providing a large upcall PID array, triggering a -EMSGSIZE and a kernel BUG. The root cause is ovs_vport_set_upcall_portids() accepting any non-zero mu...
Linux Distros Unpatched Vulnerability : CVE-2026-45840
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - openvswitch: cap upcall PID array size and pre-size vport replies The vport netlink reply helpers allocate a fixed-size skb with nlmsgnewNLMSGDEFAULTSIZE, ... b...
PT-2026-43674
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description An issue exists in the openvswitch component where vport netlink reply helpers allocate a fixed-size socket buffer skb using nlmsg newNLMSG DEFAULT SIZE, ..., but serialize the full upca...
Astra Linux – Vulnerability in Linux 5.10
In the Linux kernel, the following vulnerabilities have been resolved: openvswitch: Fixed a memory leak that occurred during failed datapath creation. ovsdpcmdnew - ovsdpchange - ovsdpsetupcallportids allocates an array using kmalloc. If newvport fails during ovsdpcmdnew, dp-upcallportids must be...
EUVD-2022-55241
Malicious code in bioql PyPI...
DEBIAN-CVE-2022-49959
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...
UBUNTU-CVE-2022-49959
In the Linux kernel, the following vulnerability has been resolved: openvswitch: fix memory leak at failed datapath creation ovsdpcmdnew-ovsdpchange-ovsdpsetupcallportids allocates array via kmalloc. If for some reason newvport fails during ovsdpcmdnew dp-upcallportids must be freed. Add missing...