CVE-2019-25076

CVE-2019-25076 affects Open vSwitch 2.x up to 2.17.2 and 3.0.0. The issue, known as Tuple Space Explosion (TSE), allows remote attackers to cause denial of service by sending crafted packets that require excessive evaluation time in the MegaFlow cache packet classification. The connected document...

CVE-2019-25076

The TSS Tuple Space Search algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service delays of legitimate traffic via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, ak...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2022:3098-1)

The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2022:3098-1 advisory. - Open vSwitch aka openvswitch 2.11.0 through 2.15.0 has a use-after-free in decodeNXASTRAWENCAP called from ofpactdecode and ofpactsdecode...

Open vSwitch 安全漏洞

Open vSwitch is an open source virtual switch. Open vSwitch suffers from a security vulnerability that stems from its TSS Tuple Space Search algorithm that allows a remote attacker to cause a denial of service delay of legitimate traffic via crafted packet data that requires excessive evaluation...

PT-2022-8294 · Unknown +2 · Openvswitch +2

Name of the Vulnerable Software and Affected Versions: Open vSwitch versions 2.x through 2.17.2 Open vSwitch version 3.0.0 Description: The issue allows remote attackers to cause a denial of service, resulting in delays of legitimate traffic. This is achieved via crafted packet data that requires...

RHEL 8 : openvswitch2.17 (RHSA-2022:6383)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2022:6383 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.

...

CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

Memory corruption

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

CVE-2021-3905

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

CVE-2021-3905

Open vSwitch (OVS) is affected by CVE-2021-3905: a memory leak in userspace IP fragmentation processing could allow an attacker to exhaust memory by continuously sending packet fragments. The issue is in OVS, and exploitation would target memory consumption, with an impact on availability. Remedi...

openvswitch: External triggered memory leak in Open vSwitch while processing fragmented packets

A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments...

Moderate: Red Hat Bug Fix Advisory: openvswitch2.16 bug fix and enhancement update

An update for openvswitch2.16 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Bug Fixes and Enhancements: IPv6 related datapath flows are evict...

OESA-2022-1778 openvswitch security update

Open vSwitch is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license. Security Fixes: A memory leak was found in Open vSwitch OVS during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by...

kernel: net: openvswitch: fix leak of nested actions

A flaw was found in the Open vSwitch module in the Linux kernel. Improper handling of allocated memory can lead to a memory leak, potentially impacting system performance and resulting in a denial of service...

Moderate: Red Hat Security Advisory: openvswitch2.15 security update

An update for openvswitch2.15 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

GHSA-W8HX-F868-PVCH Openstack Neutron has Insufficient Verification of IPv6 addresses

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...

Openstack Neutron has Insufficient Verification of IPv6 addresses

A flaw was found in openstack-neutron's default Open vSwitch firewall rules. By sending carefully crafted packets, anyone in control of a server instance connected to the virtual switch can impersonate the IPv6 addresses of other systems on the network, resulting in denial of service or in some...