ALT-PU-2021-1479-1
Package openvswitch updated to version 2.14.2-alt1 for branch sisyphus in task 267793.
Closed vulnerabilities
Published: 2021-03-09
Modified: 2024-09-16
Modified: 2024-09-16
BDU:2021-01134
Уязвимость микропрограммного обеспечения коммутатора Open vSwitch, связанная с неконтролируемым расходом ресурсов, позволяющая нарушителю вызвать отказ в обслуживании
Severity: HIGH (7.5)
Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Severity: HIGH (7.8)
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
References:
Published: 2021-02-11
Modified: 2025-04-23
Modified: 2025-04-23
CVE-2020-35498
A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Severity: HIGH (7.8)
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Severity: HIGH (7.5)
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References:
- https://bugzilla.redhat.com/show_bug.cgi?id=1908845
- https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/
- https://security.gentoo.org/glsa/202311-16
- https://www.debian.org/security/2021/dsa-4852
- https://www.openwall.com/lists/oss-security/2021/02/10/4
- https://bugzilla.redhat.com/show_bug.cgi?id=1908845
- https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/
- https://security.gentoo.org/glsa/202311-16
- https://www.debian.org/security/2021/dsa-4852
- https://www.openwall.com/lists/oss-security/2021/02/10/4