Openvswitch

Openvswitch

23 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
  • EPSS 0.33%
  • Veröffentlicht 04.06.2026 00:00:00
  • Zuletzt bearbeitet 06.06.2026 20:16:36

A missing upper-bound check in the udpif_set_threads() function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service (DoS) via resourc...

  • EPSS 1.03%
  • Veröffentlicht 22.02.2024 13:15:07
  • Zuletzt bearbeitet 16.05.2025 14:17:01

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is en...

  • EPSS 0.57%
  • Veröffentlicht 19.01.2024 15:15:09
  • Zuletzt bearbeitet 02.06.2025 15:15:31

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.

  • EPSS 0.39%
  • Veröffentlicht 06.10.2023 18:15:12
  • Zuletzt bearbeitet 21.11.2024 08:41:37

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP addre...

  • EPSS 1.32%
  • Veröffentlicht 10.01.2023 22:15:14
  • Zuletzt bearbeitet 21.11.2024 07:35:05

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.

  • EPSS 1.32%
  • Veröffentlicht 10.01.2023 22:15:13
  • Zuletzt bearbeitet 21.11.2024 07:35:04

An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.

Exploit
  • EPSS 1.84%
  • Veröffentlicht 08.09.2022 23:15:10
  • Zuletzt bearbeitet 21.11.2024 04:39:53

The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet ...

  • EPSS 0.28%
  • Veröffentlicht 29.08.2022 15:15:09
  • Zuletzt bearbeitet 21.11.2024 06:39:08

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data to VHOST_USER_GET_INFLIGHT_FD / VHOST_USER_SET_INFLIGHT_FD messages that are not closed by the vhost-user slave. By sendi...

Exploit
  • EPSS 1.58%
  • Veröffentlicht 23.08.2022 16:15:10
  • Zuletzt bearbeitet 21.11.2024 06:22:44

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.

  • EPSS 1.18%
  • Veröffentlicht 20.07.2021 07:15:08
  • Zuletzt bearbeitet 05.05.2025 17:17:25

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.