CVE-2019-25076
published 2022-09-08CVE-2019-25076: The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate…
medium5.8CVSS 3.1
AVNACLPRNUINSCCNINAL
The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openvswitch | — | — |
| msrc | cbl2_openvswitch_2.17.5-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_openvswitch_2.15.7-1_on_cbl_mariner_1.0 | — | — |
| openvswitch | openvswitch | — | — |
| openvswitch | openvswitch | 2.0.0 – 2.17.2 | — |
CVSS provenance
nvdv3.15.8MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
osv5.8MEDIUM