CVE-2020-35498

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this...

USN-4729-1 openvswitch vulnerability

Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain network packets. A remote attacker could use this issue to cause a denial of service, or possibly alter packet classification...

USN-4729-1: Open vSwitch vulnerability

Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain network packets. A remote attacker could use this issue to cause a denial of service, or possibly alter packet classification...

PT-2021-2225 · Unknown +4 · Openvswitch +4

Name of the Vulnerable Software and Affected Versions: openvswitch affected versions not specified Description: A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet, causing the resulting megaflow in the kernel to be too wide...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Open vSwitch vulnerability (USN-4729-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-4729-1 advisory. Joakim Hindersson discovered that Open vSwitch incorrectly parsed certain network packets. A remote attacker could use this issue to cause...

UBUNTU-CVE-2020-35498

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this...

CVE-2020-27827

A flaw was found in multiple versions of Open vSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...

Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS : Open vSwitch vulnerabilities (USN-4691-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS / 20.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4691-1 advisory. Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this...

USN-4691-1: Open vSwitch vulnerabilities

Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

USN-4691-1 openvswitch vulnerabilities

Jonas Rudloff discovered that Open vSwitch incorrectly handled certain malformed LLDP packets. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code...

UBUNTU-CVE-2020-27827

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability...

PT-2020-6428 · Openstack +3 · Openstack Neutron +3

Name of the Vulnerable Software and Affected Versions: openstack-neutron versions prior to 15.3.3 openstack-neutron versions prior to 16.3.1 openstack-neutron versions prior to 17.1.1 Description: A flaw was found in openstack-neutron's default Open vSwitch firewall rules, related to insufficient...

Moderate: Red Hat Security Advisory: openvswitch2.11 security, bug fix and enhancement update

An update for openvswitch2.11 is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

CVE-2018-17204

An issue was discovered in Open vSwitch OvS, 2.4.x through 2.4.1, 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and2.9.x through 2.9.2, affecting the parsegrouppropntrselectionmethod in lib/ofp-util.c. On controllers with the OpenFlow 1.5 decoder enabled, a...

CVE-2018-17206

An issue was discovered in Open vSwitch OvS 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2 where the decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. A specially craft...

Moderate: Red Hat Security Advisory: openvswitch2.11 security and bug fix update

An update for openvswitch2.11 is now available for Fast Datapath for RHEL 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

RHEL 8 : openvswitch2.11 (RHSA-2020:0171)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2020:0171 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fixe...

Moderate: Red Hat Security Advisory: openvswitch2.11 security and bug fix update

An update for openvswitch2.11 is now available for Fast Datapath for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability...

CVE-2018-17205

An issue was discovered in Open vSwitch OvS, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2, where the ofprotoruleinsert function inside ofproto/ofproto.c is affected by an assertion failure under certain circumstances. A specially crafted flow update applied using the bundling...

CVE-2017-9263

While parsing an OpenFlow role status message Open vSwitch OvS, a call to the abort function for undefined role status reasons in the function 'ofpprintrolestatusmessage' in 'lib/ofp-print.c' could be misused for a remote denial of service attack by a malicious switch...