798 matches found
Ubuntu 18.04 LTS : Open vSwitch vulnerability (USN-5698-1)
The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-5698-1 advisory. It was discovered that Open vSwitch incorrectly handled comparison of certain minimasks. A remote attacker could use this issue to cause Open vSwitch to crash,...
CVE-2019-25076
A flaw was found in the Tuple Space Search TSS algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0. This issue allows remote attackers to cause a denial of service via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache...
RHEL 7 : openvswitch2.11 (RHSA-2022:6850)
The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6850 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...
CVE-2022-32166
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...
UBUNTU-CVE-2022-32166
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...
CVE-2022-32166 ovs - buffer over-read
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution...
Open vSwitch 缓冲区错误漏洞
Open vSwitch is an open source virtual switch. A buffer error vulnerability exists in Open vSwitch versions v0.90.0 through v2.5.0, which stems from a heap buffer over-read in flow.c. An unsafe comparison of the minimasks function may result in access to unmapped memory regions, which can be...
The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache aka a Tuple Space Explosion (TSE) attack.
...
Moderate: Red Hat Security Advisory: openvswitch2.13 security update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
Moderate: Red Hat Security Advisory: openvswitch2.17 security update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
RHEL 8 : openvswitch2.15 (RHSA-2022:6505)
The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6505 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...
DEBIAN-CVE-2019-25076
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
AZL-10905 CVE-2019-25076 affecting package openvswitch for versions less than 2.17.5-1
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
CVE-2019-25076
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
CVE-2019-25076
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
Code injection
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
CVE-2019-25076
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
UBUNTU-CVE-2019-25076
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
CVE-2019-25076
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...
CVE-2019-25076
The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...