Search CVE reports
1 – 10 of 25 results
CVE-2023-3966
Medium priorityA flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via...
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | Fixed | Fixed | Fixed | Not affected | Not affected |
CVE-2024-22563
Low priorityopenvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | Not affected | Not affected | Fixed | Not affected | Not affected |
CVE-2023-5366
Medium prioritySome fixes available 4 of 7
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or...
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | Fixed | Fixed | Fixed | Vulnerable | Ignored |
CVE-2021-43612
Medium priorityIn lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.
2 affected packages
lldpd, openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
lldpd | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
openvswitch | Not affected | Not affected | Not affected | Not affected | Not affected |
CVE-2023-1668
Medium prioritySome fixes available 7 of 8
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in...
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | Fixed | Fixed | Fixed | Fixed | Needs evaluation |
CVE-2022-4338
Medium prioritySome fixes available 4 of 5
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | Not affected | Fixed | Fixed | Fixed | Needs evaluation |
CVE-2022-4337
Medium prioritySome fixes available 4 of 5
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | Not affected | Fixed | Fixed | Fixed | Needs evaluation |
CVE-2022-32166
Medium priorityIn ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing...
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | — | Not affected | Not affected | Fixed | Fixed |
CVE-2019-25076
Medium priorityThe TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation...
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | Vulnerable | Vulnerable | Vulnerable | Vulnerable | Vulnerable |
CVE-2021-3905
Medium priorityA memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
1 affected packages
openvswitch
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
openvswitch | — | Not affected | Not affected | Not affected | Not affected |