CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2023-5366 – Openvswitch don't match packets on nd_target field
https://notcve.org/view.php?id=CVE-2023-5366
06 Oct 2023 — A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. Se encontró una falla en Open vSwitch que permite que los paquetes de anuncios de vecinos ICMPv6 entre máquinas virtuales omitan las reglas de OpenFlow. Este problema puede permitir que un atac... • http://www.openwall.com/lists/oss-security/2024/02/08/4 • CWE-345: Insufficient Verification of Data Authenticity •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2022-4338 – openvswitch: Integer Underflow in Organization Specific TLV
https://notcve.org/view.php?id=CVE-2022-4338
10 Jan 2023 — An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. Se encontró un desbordamiento de números enteros en el TLV específico de la organización en varias versiones de OpenvSwitch. A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cl... • https://github.com/openvswitch/ovs/pull/405 • CWE-125: Out-of-bounds Read CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 10.0EPSS: 0%CPEs: 7EXPL: 0CVE-2022-4337 – openvswitch: Out-of-Bounds Read in Organization Specific TLV
https://notcve.org/view.php?id=CVE-2022-4337
10 Jan 2023 — An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. Se encontró una lectura fuera de los límites en TLV específico de la organización en varias versiones de OpenvSwitch. A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a denial of service. Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud... • https://github.com/openvswitch/ovs/pull/405 • CWE-125: Out-of-bounds Read •
CVSS: 5.8EPSS: 0%CPEs: 2EXPL: 3CVE-2019-25076
https://notcve.org/view.php?id=CVE-2019-25076
08 Sep 2022 — The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack. El algoritmo TSS (Tuple Space Search) en Open vSwitch versiones 2.x hasta 2.17.2 y 3.0.0, permite a atacantes remotos causar una denegación de servicio (retrasos del tráfi... • https://arxiv.org/abs/2011.09107 •
CVSS: 7.8EPSS: 0%CPEs: 5EXPL: 1CVE-2021-3905 – Gentoo Linux Security Advisory 202311-16
https://notcve.org/view.php?id=CVE-2021-3905
20 Jan 2022 — A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. Se ha encontrado una pérdida de memoria en Open vSwitch (OVS) durante el procesamiento de la fragmentación IP en el espacio de usuario. Un atacante podría usar este fallo para agotar potencialmente la memoria disponible al seguir enviando fragmentos de paquetes. It was discovered that Open vSwitch incorrectly ... • https://access.redhat.com/security/cve/CVE-2021-3905 • CWE-401: Missing Release of Memory after Effective Lifetime •
CVSS: 7.8EPSS: 1%CPEs: 13EXPL: 1CVE-2020-35498 – openvswitch: limitation in the OVS packet parsing in userspace leads to DoS
https://notcve.org/view.php?id=CVE-2020-35498
11 Feb 2021 — A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. Se encontró una vulnerabilidad en openvswitch. Una limitación en la implementación del análisis de paquetes del espacio de usuario puede permitir a un usuario malicioso... • https://github.com/freddierice/cve-2020-35498-flag • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.5EPSS: 0%CPEs: 37EXPL: 0CVE-2020-27827 – lldp/openvswitch: denial of service via externally triggered memory leak
https://notcve.org/view.php?id=CVE-2020-27827
28 Jan 2021 — A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. Se encontró un fallo en múltiples versiones de OpenvSwitch. Los paquetes LLDP especialmente diseñados pueden causar que una memoria se pierda cuando se asignan datos para manejar TLV opcionales específicos, potencialmente causan... • https://bugzilla.redhat.com/show_bug.cgi?id=1921438 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 4.9EPSS: 0%CPEs: 6EXPL: 0CVE-2018-17206 – openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle()
https://notcve.org/view.php?id=CVE-2018-17206
19 Sep 2018 — An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding. Se ha descubierto un problema en Open vSwitch, en versiones 2.7.x hasta la 2.7.6. La función decode_bundle dentro de lib/ofp-actions.c se ve afectada por un problema de sobrelectura de búfer durante la decodificación de la acción BUNDLE. An issue was discovered in Open vSwitch (OvS) 2.5.x through 2.5.5, 2.6.x through 2.6... • https://access.redhat.com/errata/RHSA-2018:3500 • CWE-125: Out-of-bounds Read •
CVSS: 4.3EPSS: 0%CPEs: 6EXPL: 0CVE-2018-17204 – openvswitch: Mishandle of group mods in lib/ofp-util.c:parse_group_prop_ntr_selection_method() allows for assertion failure
https://notcve.org/view.php?id=CVE-2018-17204
19 Sep 2018 — An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default. Se ha descubierto un problema en Open vSwi... • https://access.redhat.com/errata/RHSA-2018:3500 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 1CVE-2018-17205 – openvswitch: Error during bundle commit in ofproto/ofproto.c:ofproto_rule_insert__() allows for crash
https://notcve.org/view.php?id=CVE-2018-17205
19 Sep 2018 — An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While rei... • https://access.redhat.com/errata/RHSA-2018:3500 • CWE-20: Improper Input Validation CWE-617: Reachable Assertion •