pkg:Debian/openvswitch
35 total CVEsCRITICAL12HIGH11MEDIUM11
✅ Check your installed version
All known vulnerabilities
- CRITICAL9.8CVE-2022-4338An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.from 0, < 2.15.0+ds1-2+deb11u2
- from 0, < 2.15.0+ds1-2+deb11u2
- from 0, < 2.15.0+ds1-2+deb11u2
- from 0, < 2.10.7+ds1-0+deb10u3
- from 0, < 2.15.0~git20210104.def6eb1ea+dfsg1-1
- from 0, < 2.6.10-0+deb9u1
- from 0, < 2.10.6+ds1-0+deb10u1
- CRITICAL9.8CVE-2017-9265In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp…from 0, < 2.8.1+dfsg1-2
- CRITICAL9.8CVE-2017-9264In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP…from 0, < 2.8.1+dfsg1-2
- CRITICAL9.8CVE-2017-9214In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused…from 0, < 2.8.1+dfsg1-2
- from 0, < 2.3.0+git20140819-4
- from 0, < 2.3.0+git20140819-3+deb8u1
- HIGH8.8CVE-2016-10377In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned intege…from 0, < 2.6.1+git20161123-1
- from 0, < 2.10.7+ds1-0+deb10u4
- from 0, < 2.15.0+ds1-2+deb11u4
- from 0, < 2.15.0+ds1-2+deb11u4
- from 0, < 2.15.0+ds1-2+deb11u5
- from 0, < 2.15.0+ds1-2+deb11u5
- HIGH7.5CVE-2024-22563openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.from 0, < 2.15.0+ds1-2+deb11u5
- from 0, < 2.15.0~git20210104.def6eb1ea+dfsg1-4
- from 0, < 2.15.0~git20210104.def6eb1ea+dfsg1-5
- from 0, < 2.10.7+ds1-0+deb10u1
- HIGH7.5CVE-2018-17205An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c.from 0, < 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
- MEDIUM6.5CVE-2017-9263In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role stat…from 0, < 2.8.1+dfsg1-2
- from 0, < 2.10.7+ds1-0+deb10u2
- from 0, < 2.13.0+dfsg1-1
- from 0
- MEDIUM5.9CVE-2017-14970In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages.from 0, < 2.8.1+dfsg1-2
- MEDIUM5.8CVE-2019-25076The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (d…from 0
- from 0, < 2.10.7+ds1-0+deb10u5
- from 0, < 2.15.0+ds1-2+deb11u5
- MEDIUM5.5CVE-2021-36980Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_…from 0, < 2.15.0+ds1-2+deb11u1
- from 0, < 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
- MEDIUM4.3CVE-2018-17204An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c.from 0, < 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1
- —CVE-2012-3449Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki…from 0, < 1.4.2+git20120612-8