ALT-PU-2021-4833-1

Package update openvswitch in branch sisyphus_e2k

Version2.16.1-alt2

Task#0

Published2021-12-31

Max severityHIGH

Severity:

Closed issues (2)

HIGH8.6

Уязвимость функции decode_NXAST_RAW_ENCAP() программного многоуровневого коммутатора Open vSwitch, позволяющая нарушителю выполнить произвольный код

Published: 2023-04-12

CVSS 3.xHIGH 8.6

CVSS:3.x/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H

CVSS 2.0CRITICAL 9.0

CVSS:2.0/AV:N/AC:L/Au:N/C:P/I:P/A:C

References

CVE-2021-36980

MEDIUM5.5

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.

Published: 2021-07-20Modified: 2025-05-05

CVSS 2.0MEDIUM 4.3

CVSS:2.0/AV:N/AC:M/Au:N/C:N/I:N/A:P

CVSS 3.xMEDIUM 5.5

CVSS:3.x/CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H

References