rpm package
suse/openvswitch&distro=SUSE Linux Micro 6.0
pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Micro%206.0
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2026-34956 | Med | 5.9 | < 3.1.7-5.1 | 3.1.7-5.1 | May 5, 2026 | A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a cr | |
| CVE-2025-0650 | Hig | 8.1 | < 3.1.7-4.1 | 3.1.7-4.1 | Jan 23, 2025 | A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can l | |
| CVE-2024-2182 | Med | 6.5 | < 3.1.7-4.1 | 3.1.7-4.1 | Mar 12, 2024 | A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a d | |
| CVE-2023-3966 | — | < 3.1.7-4.1 | 3.1.7-4.1 | Feb 22, 2024 | A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled. | ||
| CVE-2023-5366 | — | < 3.1.7-4.1 | 3.1.7-4.1 | Oct 6, 2023 | A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICM |
- affected < 3.1.7-5.1fixed 3.1.7-5.1
A flaw was found in Open vSwitch. When Open vSwitch is configured with a conntrack flow using FTP helpers over the userspace datapath, a remote attacker can send a specially crafted FTP stream with an EPASV command exceeding 255 characters. This heap access error can lead to a cr
- affected < 3.1.7-4.1fixed 3.1.7-4.1
A flaw was found in the Open Virtual Network (OVN). Specially crafted UDP packets may bypass egress access control lists (ACLs) in OVN installations configured with a logical switch with DNS records set on it and if the same switch has any egress ACLs configured. This issue can l
- affected < 3.1.7-4.1fixed 3.1.7-4.1
A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a d
- CVE-2023-3966Feb 22, 2024affected < 3.1.7-4.1fixed 3.1.7-4.1
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.
- CVE-2023-5366Oct 6, 2023affected < 3.1.7-4.1fixed 3.1.7-4.1
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICM