Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2021-36980

Опубликовано: 23 фев. 2021
Источник: redhat
CVSS3: 7.5
EPSS Низкий

Описание

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.

Open vSwitch (aka openvswitch) has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.

Отчет

Red Hat OpenStack Platform's OpenDaylight will not be updated for this flaw because it was deprecated as of OpenStack Platform 14 and is only receiving security fixes for Critical flaws.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Fast Datapath for RHEL 7openvswitchWill not fix
Fast Datapath for RHEL 7openvswitch2.10Not affected
Fast Datapath for RHEL 7openvswitch2.12Out of support scope
Fast Datapath for RHEL 7openvswitch2.15Will not fix
Fast Datapath for RHEL 8openvswitch2.12Out of support scope
Red Hat Enterprise Linux 8lldpdNot affected
Red Hat Enterprise Linux 9lldpdNot affected
Red Hat OpenShift Container Platform 4openvswitch2.13Will not fix
Red Hat OpenStack Platform 10 (Newton)opendaylightOut of support scope
Red Hat OpenStack Platform 10 (Newton)openvswitchOut of support scope

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
Дефект:
CWE-416
https://bugzilla.redhat.com/show_bug.cgi?id=1984473openvswitch: use-after-free in decode_NXAST_RAW_ENCAP during the decoding of a RAW_ENCAP action

EPSS

Процентиль: 29%
0.00104
Низкий

7.5 High

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2021-36980

CVSS3: 5.5
ubuntu
больше 4 лет назад

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.

nvd логотип

CVE-2021-36980

CVSS3: 5.5
nvd
больше 4 лет назад

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.

msrc логотип

CVE-2021-36980

CVSS3: 5.5
msrc
больше 4 лет назад

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.

debian логотип

CVE-2021-36980

CVSS3: 5.5
debian
больше 4 лет назад

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-f ...

suse-cvrf логотип

SUSE-SU-2022:3116-1

suse-cvrf
больше 3 лет назад

Security update for openvswitch

EPSS

Процентиль: 29%
0.00104
Низкий

7.5 High

CVSS3