Your submission was sent successfully! Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 25 results


CVE-2023-3966

Medium priority
Fixed

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via...

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Fixed Fixed Fixed Not affected Not affected
Show less packages

CVE-2024-22563

Low priority
Fixed

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Not affected Not affected Fixed Not affected Not affected
Show less packages

CVE-2023-5366

Medium priority

Some fixes available 4 of 7

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or...

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Fixed Fixed Fixed Vulnerable Ignored
Show less packages

CVE-2021-43612

Medium priority
Needs evaluation

In lldpd before 1.0.13, when decoding SONMP packets in the sonmp_decode function, it's possible to trigger an out-of-bounds heap read via short SONMP packets.

2 affected packages

lldpd, openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
lldpd Needs evaluation Needs evaluation Needs evaluation Needs evaluation Needs evaluation
openvswitch Not affected Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-1668

Medium priority

Some fixes available 7 of 8

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in...

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Fixed Fixed Fixed Fixed Needs evaluation
Show less packages

CVE-2022-4338

Medium priority

Some fixes available 4 of 5

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Not affected Fixed Fixed Fixed Needs evaluation
Show less packages

CVE-2022-4337

Medium priority

Some fixes available 4 of 5

An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Not affected Fixed Fixed Fixed Needs evaluation
Show less packages

CVE-2022-32166

Medium priority
Fixed

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing...

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Not affected Not affected Fixed Fixed
Show less packages

CVE-2019-25076

Medium priority
Vulnerable

The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation...

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Vulnerable Vulnerable Vulnerable Vulnerable Vulnerable
Show less packages

CVE-2021-3905

Medium priority
Fixed

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.

1 affected packages

openvswitch

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
openvswitch Not affected Not affected Not affected Not affected
Show less packages