rpm package
suse/openvswitch&distro=SUSE Linux Enterprise Server LTSS Extended Security 12 SP5
pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%20LTSS%20Extended%20Security%2012%20SP5
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34956 | Med | 5.9 | < 2.11.5-3.30.1 | 2.11.5-3.30.1 | May 5, 2026 | A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a cr | |
| CVE-2025-0650 | Hig | 8.1 | < 2.11.5-3.24.2 | 2.11.5-3.24.2 | Jan 23, 2025 | A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can l | |
| CVE-2024-2182 | Med | 6.5 | < 2.11.5-3.27.1 | 2.11.5-3.27.1 | Mar 12, 2024 | A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a d |
- affected < 2.11.5-3.30.1fixed 2.11.5-3.30.1
A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a cr
- affected < 2.11.5-3.24.2fixed 2.11.5-3.24.2
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can l
- affected < 2.11.5-3.27.1fixed 2.11.5-3.27.1
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a d