Описание
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
Отчет
Red Hat Enterprise Linux 7 provides the openvswitch package only through the unsupported Optional repository. Customers are advised to install Open vSwitch (OVS) from RHEL Fast Datapath instead.
Red Hat OpenStack Platform deployments are not affected because they use OVS/OVN directly from the Fast Datapath channel. Any updates will be distributed through that channel.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Fast Datapath for RHEL 7 | openvswitch | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.11 | Not affected | ||
| Fast Datapath for RHEL 7 | openvswitch2.12 | Out of support scope | ||
| Fast Datapath for RHEL 7 | openvswitch2.13 | Will not fix | ||
| Fast Datapath for RHEL 8 | openvswitch2.11 | Not affected | ||
| Fast Datapath for RHEL 8 | openvswitch2.12 | Out of support scope | ||
| Red Hat Enterprise Linux 7 | openvswitch | Out of support scope | ||
| Red Hat OpenShift Container Platform 4 | openvswitch2.13 | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openvswitch2.15 | Will not fix | ||
| Red Hat OpenShift Container Platform 4 | openvswitch2.16 | Will not fix |
Показывать по
Дополнительная информация
Статус:
EPSS
7.5 High
CVSS3
Связанные уязвимости
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
A memory leak was found in Open vSwitch (OVS) during userspace IP frag ...
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
EPSS
7.5 High
CVSS3