CVE-2022-32166
MEDIUM6.1EPSS 0.65%openvswitch - security update
發布日:2022/9/28修改日:2026/4/28
描述
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
受影響套件(2)
- Debian/openvswitchfrom 0, < 2.13.0+dfsg1-1
- Debian/openvswitchfrom 0, < 2.10.7+ds1-0+deb10u2
CVSS 分數
| 來源 | 版本 | 嚴重程度 | 向量 |
|---|---|---|---|
| osv | CVSS 3.1 | MEDIUM6.1 | CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H |