798 matches found
OESA-2024-1207 openvswitch security update
Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. Security Fixes: A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses...
CVE-2023-3966
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
CVE-2023-3966
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
DEBIAN-CVE-2023-3966
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
AZL-35089 CVE-2023-3966 affecting package openvswitch for versions less than 3.3.0-1
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
CVE-2023-3966
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
Design/Logic Flaw
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
CVE-2023-3966
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
CVE-2023-3966
Open vSwitch (Open vSwitch) is affected by CVE-2023-3966. The flaw affects multiple versions and arises when hardware offloading via the netlink path is enabled, allowing crafted Geneve packets to trigger denial of service and invalid memory accesses. Impact is confirmed across multiple advisorie...
CVE-2023-3966 Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
CVE-2023-3966 Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
CVE-2023-3966
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled...
Fedora 38 : kernel (2024-987089eca2)
The remote Fedora 38 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-987089eca2 advisory. The 6.7.5 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
Fedora 39 : kernel (2024-88847bc77a)
The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2024-88847bc77a advisory. The 6.7.5 stable kernel update contains a number of important fixes across the tree. Tenable has extracted the preceding description block directly...
Linux kernel Open vSwitch Denial of Service Vulnerability
Linux kernel is an open source operating system from the Linux Foundation in the United States. Linux kernel Open vSwitch suffers from a stack overflow vulnerability that can be exploited by a local attacker to submit a special request that can crash the system and cause a denial of service attac...
[SECURITY] [DLA 3734-1] openvswitch security update
Debian LTS Advisory DLA-3734-1 [email protected] https://www.debian.org/lts/security/ Tobias Frost February 17, 2024 https://wiki.debian.org/LTS Package : openvswitch Version : 2.10.7+ds1-0+deb10u5 CVE ID : CVE-2023-5366 Debian Bug : A flaw was found in Open vSwitch that allows ICMPv6...
The vulnerability of the packet-filtering filter in TC Flower software for multi-level switches like Open vSwitch (OvS) allows a hacker to cause a service failure.
The vulnerability of the packet-based flow control filter in TC Flower software multi-level switches like Open vSwitch OvS is related to deficiencies in handling exceptional states due to incorrect processing of packet metadata by Geneve. Exploiting this vulnerability can allow an attacker to cau...
CVE-2024-1151
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result,...
SUSE CVE-2024-1151
A vulnerability was reported in the Open vSwitch sub-component in the Linux Kernel. The flaw occurs when a recursive operation of code push recursively calls into the code block. The OVS module does not validate the stack depth, pushing too many frames and causing a stack overflow. As a result,...
Insufficient Verification Of Data Authenticity
Open vSwitch is vulnerable to Insufficient Verification of Data Authenticity. The vulnerability is due to improper handling of ICMPv6 packets, specifically allowing packets with modified or spoofed target IP addresses to redirect traffic to arbitrary destinations...