Unrated severityNVD Advisory· Published Sep 28, 2022· Updated May 21, 2025
ovs - buffer over-read
CVE-2022-32166
Description
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
15- osv-coords13 versionspkg:rpm/opensuse/dpdk&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/openvswitch&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/dpdk&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCLpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-ESPOSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP4-LTSSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP4pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/openvswitch&distro=SUSE%20OpenStack%20Cloud%209pkg:rpm/suse/openvswitch&distro=SUSE%20OpenStack%20Cloud%20Crowbar%209pkg:rpm/suse/openvswitch-dpdk&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2-BCL
< 18.11.9-150100.4.23.1+ 12 more
- (no CPE)range: < 18.11.9-150100.4.23.1
- (no CPE)range: < 2.11.5-150100.3.18.2
- (no CPE)range: < 18.11.9-150100.4.23.1
- (no CPE)range: < 2.11.5-150100.3.18.2
- (no CPE)range: < 2.5.11-25.34.1
- (no CPE)range: < 2.8.10-4.33.1
- (no CPE)range: < 2.8.10-4.33.1
- (no CPE)range: < 2.11.5-3.12.1
- (no CPE)range: < 2.8.10-4.33.1
- (no CPE)range: < 2.11.5-3.12.1
- (no CPE)range: < 2.8.10-4.33.1
- (no CPE)range: < 2.8.10-4.33.1
- (no CPE)range: < 2.5.11-25.34.1
Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.