The vulnerability of the decode_NXAST_RAW_ENCAP() function in the Open vSwitch software multi-level switch allows a hacker to execute arbitrary code.

The vulnerability of the decodeNXASTRAWENCAP function in the Open vSwitch software multi-level switch lies in the use of memory after it is freed. Exploiting this vulnerability allows a remote attacker to execute arbitrary code...

AZL-35088 CVE-2023-1668 affecting package openvswitch for versions less than 2.17.5-3

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

DEBIAN-CVE-2023-1668

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

UBUNTU-CVE-2023-1668

A flaw was found in openvswitch OVS. When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results for both kernel and userspace datapath in installing a datapath flow matching all IP protocols nwproto is wildcarded...

Open vSwitch 安全漏洞

Open vSwitch is an open source virtual switch. A security vulnerability exists in Open vSwitch that stems from the fact that when processing IP packets with protocol 0, a data path stream is installed without modifying the IP header operation...

PT-2023-9382

Name of the Vulnerable Software and Affected Versions openvswitch affected versions not specified Description A flaw was found in openvswitch OVS when processing an IP packet with protocol 0. This issue results in installing a datapath flow matching all IP protocols for this flow, but with an...

PT-2023-8636

Name of the Vulnerable Software and Affected Versions Open vSwitch affected versions not specified Description A flaw in Open vSwitch is related to insufficient handling of exceptional states due to incorrect checking of Geneve packet metadata. This issue may allow a remote attacker to cause a...

USN-5890-1: Open vSwitch vulnerabilities

Qian Chen discovered that Open vSwitch incorrectly handled certain Organization Specific TLVs. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-5890-1 openvswitch vulnerabilities

Qian Chen discovered that Open vSwitch incorrectly handled certain Organization Specific TLVs. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

SUSE CVE-2012-3449

Open vSwitch 1.4.2 uses world writable permissions for 1 /var/lib/openvswitch/pki/controllerca/incoming/ and 2 /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files...

SUSE CVE-2014-0187

The openvswitch-agent process in OpenStack Neutron 2013.1 before 2013.2.4 and 2014.1 before 2014.1.1 allows remote authenticated users to bypass security group restrictions via an invalid CIDR in a security group rule, which prevents further rules from being applied...

SUSE CVE-2016-2074

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command...

SUSE CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

SUSE CVE-2017-9265

In Open vSwitch OvS v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in lib/ofp-util.c in the function ofputilpullofp15groupmod...

SUSE CVE-2017-9263

In Open vSwitch OvS 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort function for undefined role status reasons in the function ofpprintrolestatusmessage in lib/ofp-print.c that may be leveraged toward a remote DoS attack by a malicious switch...

SUSE CVE-2017-14970

In lib/ofp-util.c in Open vSwitch OvS before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more...

SUSE CVE-2018-14636

Live-migrated instances are briefly able to inspect traffic for other instances on the same hypervisor. This brief window could be extended indefinitely if the instance's port is set administratively down prior to live-migration and kept down after the migration is complete. This is possible due ...

SUSE CVE-2018-17204

An issue was discovered in Open vSwitch OvS 2.7.x through 2.7.6, affecting parsegrouppropntrselectionmethod in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and comma...

SUSE CVE-2018-17205

An issue was discovered in Open vSwitch OvS 2.7.x through 2.7.6, affecting ofprotoruleinsert in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added e.g., the flow action is a go-to for a group id that does not exist,...

SUSE CVE-2018-17206

An issue was discovered in Open vSwitch OvS 2.7.x through 2.7.6. The decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding...