3 matches found
CVE-2025-40254
Open vSwitch NSH Network Service Header field modification has been fundamentally broken since introduction. The setnsh... action reuses validation code designed for different memory layouts—masked sets double attribute sizes, but the validator doesn't account for this. Additionally, 'masked' and...
CVE-2025-40254
In the Linux kernel, the following vulnerability has been resolved: net: openvswitch: remove never-working support for setting nsh fields The validation of the setnsh... action is completely wrong. It runs through the nshkeyputfromnlattr function that is the same function that validates NSH keys...
PT-2025-49084
Name of the Vulnerable Software and Affected Versions Linux kernel versions prior to 6.17.0-rc4+ Description The Linux kernel contains a flaw in the Open vSwitch OVS component related to the handling of Network Service Header NSH fields within the setnsh... action. The validation process for this...