CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-5366 – Openvswitch don't match packets on nd_target field
https://notcve.org/view.php?id=CVE-2023-5366
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. Se encontró una falla en Open vSwitch que permite que los paquetes de anuncios de vecinos ICMPv6 entre máquinas virtuales omitan las reglas de OpenFlow. Este problema puede permitir que un atacante local cree paquetes especialmente manipulados con un campo de dirección IP de destino modificado o falsificado que puede redirigir el tráfico ICMPv6 a direcciones IP arbitrarias. • http://www.openwall.com/lists/oss-security/2024/02/08/4 https://access.redhat.com/security/cve/CVE-2023-5366 https://bugzilla.redhat.com/show_bug.cgi?id=2006347 https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-4337 – openvswitch: Out-of-Bounds Read in Organization Specific TLV
https://notcve.org/view.php?id=CVE-2022-4337
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. Se encontró una lectura fuera de los límites en TLV específico de la organización en varias versiones de OpenvSwitch. A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a denial of service. • https://github.com/openvswitch/ovs/pull/405 https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html https://security.gentoo.org/glsa/202311-16 https://www.debian.org/security/2023/dsa-5319 https://www.openwall.com/lists/oss-security/2022/12/21/4 https://access.redhat.com/security/cve/CVE-2022-4337 https://bugzilla.redhat.com/show_bug.cgi?id=2155378 • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 7EXPL: 0CVE-2022-4338 – openvswitch: Integer Underflow in Organization Specific TLV
https://notcve.org/view.php?id=CVE-2022-4338
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Se encontró un desbordamiento de números enteros en el TLV específico de la organización en varias versiones de OpenvSwitch. A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow. • https://github.com/openvswitch/ovs/pull/405 https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html https://security.gentoo.org/glsa/202311-16 https://www.debian.org/security/2023/dsa-5319 https://www.openwall.com/lists/oss-security/2022/12/21/4 https://access.redhat.com/security/cve/CVE-2022-4338 https://bugzilla.redhat.com/show_bug.cgi?id=2155381 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 3CVE-2019-25076
https://notcve.org/view.php?id=CVE-2019-25076
The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack. El algoritmo TSS (Tuple Space Search) en Open vSwitch versiones 2.x hasta 2.17.2 y 3.0.0, permite a atacantes remotos causar una denegación de servicio (retrasos del tráfico legítimo) por medio de datos de paquetes diseñados que requieren un tiempo de evaluación excesivo dentro del algoritmo de clasificación de paquetes para la caché de MegaFlow, también se conoce como ataque Tuple Space Explosion (TSE) • https://arxiv.org/abs/2011.09107 https://dl.acm.org/citation.cfm?doid=3359989.3365431 https://sites.google.com/view/tuple-space-explosion https://www.youtube.com/watch?v=5cHpzVK0D28 https://www.youtube.com/watch?v=DSC3m-Bww64 •
CVSS: 6.5EPSS: 0%CPEs: 12EXPL: 0CVE-2022-0669 – dpdk: sending vhost-user-inflight type messages could lead to DoS
https://notcve.org/view.php?id=CVE-2022-0669
A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sending such messages continuously, the vhost-user master exhausts available fd in the vhost-user slave process, leading to a denial of service. Se ha encontrado un fallo en dpdk. Este fallo permite a un vhost-user master malicioso adjuntar un número inesperado de fds como datos auxiliares a los mensajes VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD que no son cerrados por el vhost-user slave. • https://access.redhat.com/security/cve/CVE-2022-0669 https://bugs.dpdk.org/show_bug.cgi?id=922 https://bugzilla.redhat.com/show_bug.cgi?id=2055793 https://github.com/DPDK/dpdk/commit/af74f7db384ed149fe42b21dbd7975f8a54ef227 https://security-tracker.debian.org/tracker/CVE-2022-0669 • CWE-400: Uncontrolled Resource Consumption CWE-770: Allocation of Resources Without Limits or Throttling •