CVE-2021-3905
published 2022-08-23CVE-2021-3905: A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available…
high7.5CVSS 3.1
AVNACLPRNUINSUCNINAH
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| debian | openvswitch | — | — |
| fedoraproject | fedora | — | — |
| msrc | cm1_openvswitch_2.15.1-2_on_cbl_mariner_1.0 | — | — |
| openvswitch | openvswitch | < 2.17.0 | 2.17.0 |
| openvswitch | openvswitch | >= 0 < 2.9.8-0ubuntu0.18.04.2 | 2.9.8-0ubuntu0.18.04.2 |
| openvswitch | openvswitch | >= 0 < 2.13.3-0ubuntu0.20.04.2 | 2.13.3-0ubuntu0.20.04.2 |
| openvswitch | openvswitch | >= 0 < 2.17.0~git20220105.0d1ffb7-0ubuntu1 | 2.17.0~git20220105.0d1ffb7-0ubuntu1 |
| redhat | enterprise_linux_fast_datapath | — | — |
| redhat | enterprise_linux_fast_datapath | — | — |
CVSS provenance
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH