ALT-PU-2021-1479-1
Package openvswitch updated to version 2.14.2-alt1 for branch sisyphus in task 267793.
Closed vulnerabilities
Published: 2021-02-10
BDU:2021-01134
Уязвимость микропрограммного обеспечения коммутатора Open vSwitch, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
Published: 2021-02-11
Modified: 2024-11-21
Modified: 2024-11-21
CVE-2020-35498
A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1908845
- https://bugzilla.redhat.com/show_bug.cgi?id=1908845
- [debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update
- [debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update
- FEDORA-2021-fba11d37ee
- FEDORA-2021-fba11d37ee
- GLSA-202311-16
- GLSA-202311-16
- DSA-4852
- DSA-4852
- https://www.openwall.com/lists/oss-security/2021/02/10/4
- https://www.openwall.com/lists/oss-security/2021/02/10/4