~/products/debian/openvswitch

pipeline liveDigest Docs

Debian Openvswitch vulnerabilities

25 known vulnerabilities affecting debian/openvswitch.

Total CVEs

25

CISA KEV

0

Public exploits

0

Exploited in wild

0

Severity breakdown

CRITICAL5HIGH8MEDIUM5LOW6UNKNOWN1

Vulnerabilities

Page 2 of 2

CVE-2017-9264LOWCVSS 9.8fixed in openvswitch 2.8.1+dfsg1-2 (bookworm)2017

CVE-2017-9264 [CRITICAL] CVE-2017-9264: openvswitch - In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, t... In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be triggered remotely. Scope: local bookworm: resolved (fixed in 2.8.1+dfsg1-2) bullseye: resolved (fixed in 2.8.1+dfsg1

CVE-2016-2074CRITICALCVSS 9.8fixed in openvswitch 2.3.0+git20140819-4 (bookworm)2016

CVE-2016-2074 [CRITICAL] CVE-2016-2074: openvswitch - Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x be... Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. Scope: local bookworm: resolved (fixed in 2.3.0+git20140819-4) bullseye: resolved (fixed in 2.3.0+git20140819-4)

CVE-2016-10377HIGHCVSS 8.8fixed in openvswitch 2.6.1+git20161123-1 (bookworm)2016

CVE-2016-10377 [HIGH] CVE-2016-10377: openvswitch - In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read ... In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch. Scope: local bookworm: resolved (fixed in 2.6.1+git20161123-1) bullseye: resolved (fi

CVE-2015-8011CRITICALCVSS 9.8fixed in lldpd 0.7.19-1 (bookworm)2015

CVE-2015-8011 [CRITICAL] CVE-2015-8011: lldpd - Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd ... Buffer overflow in the lldp_decode function in daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote attackers to cause a denial of service (daemon crash) and possibly execute arbitrary code via vectors involving large management addresses and TLV boundaries. Scope: local bookworm: resolved (fixed in 0.7.19-1) bullseye: resolved (fixed in 0.7.19-1) forky: reso

CVE-2012-3449LOWCVSS 3.6fixed in openvswitch 1.4.2+git20120612-8 (bookworm)2012

CVE-2012-3449 [LOW] CVE-2012-3449: openvswitch - Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/... Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files. Scope: local bookworm: resolved (fixed in 1.4.2+git20120612-8) bullseye: resolved (fixed in 1.4.2+git20120612-8) forky: resolved (fixed in 1.

← Previous2 / 2