CVE-2022-4338
published 2023-01-10CVE-2022-4338: An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
Affected
15 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | debian_linux | — | — |
| debian | openvswitch | < openvswitch 3.1.0~git20221212.739bcf2-4 (bookworm) | openvswitch 3.1.0~git20221212.739bcf2-4 (bookworm) |
| msrc | cbl2_openvswitch_2.17.5-1_on_cbl_mariner_2.0 | — | — |
| msrc | cm1_openvswitch_2.15.7-1_on_cbl_mariner_1.0 | — | — |
| openvswitch | openvswitch | < 2.13.10 | 2.13.10 |
| openvswitch | openvswitch | — | — |
| openvswitch | openvswitch | >= 0 < 2.15.0+ds1-2+deb11u2 | 2.15.0+ds1-2+deb11u2 |
| openvswitch | openvswitch | >= 0 < 3.1.0~git20221212.739bcf2-4 | 3.1.0~git20221212.739bcf2-4 |
| openvswitch | openvswitch | >= 0 < 3.1.0~git20221212.739bcf2-4 | 3.1.0~git20221212.739bcf2-4 |
| openvswitch | openvswitch | >= 0 < 3.1.0~git20221212.739bcf2-4 | 3.1.0~git20221212.739bcf2-4 |
| openvswitch | openvswitch | >= 2.14.0 < 2.14.8 | 2.14.8 |
| openvswitch | openvswitch | >= 2.15.0 < 2.15.7 | 2.15.7 |
| openvswitch | openvswitch | >= 2.16.0 < 2.16.6 | 2.16.6 |
| openvswitch | openvswitch | >= 2.17.0 < 2.17.5 | 2.17.5 |
| openvswitch | openvswitch | >= 3.0.0 < 3.0.3 | 3.0.3 |
CVSS provenance
nvdv3.19.8CRITICALCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv9.8CRITICAL