rpm package
suse/openvswitch&distro=SUSE Linux Enterprise Server 16.0
pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2016.0
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34956 | Med | 5.9 | < 3.5.4-160000.4.1 | 3.5.4-160000.4.1 | May 5, 2026 | A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a cr | |
| CVE-2026-5367 | Hig | 8.6 | < 3.5.4-160000.4.1 | 3.5.4-160000.4.1 | Apr 24, 2026 | A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds | |
| CVE-2026-5265 | Med | 6.5 | < 3.5.4-160000.4.1 | 3.5.4-160000.4.1 | Apr 24, 2026 | When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length (ip_tot_len for IPv4, ip6_plen for IPv6) without validating it against the act |
- affected < 3.5.4-160000.4.1fixed 3.5.4-160000.4.1
A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a cr
- affected < 3.5.4-160000.4.1fixed 3.5.4-160000.4.1
A flaw was found in OVN (Open Virtual Network). A remote attacker, by sending crafted DHCPv6 (Dynamic Host Configuration Protocol for IPv6) SOLICIT packets with an inflated Client ID length, could cause the ovn-controller to read beyond the bounds of a packet. This out-of-bounds
- affected < 3.5.4-160000.4.1fixed 3.5.4-160000.4.1
When generating an ICMP Destination Unreachable or Packet Too Big response, the handler copies a portion of the original packet into the ICMP error body using the IP header's self-declared total length (ip_tot_len for IPv4, ip6_plen for IPv6) without validating it against the act