SUSE-SU-2021:0439-1

Опубликовано: 11 фев. 2021

Источник: suse-cvrf

Описание

Security update for openvswitch

This update for openvswitch fixes the following issues:

CVE-2020-35498: Fixed a denial of service related to the handling of Ethernet padding (bsc#1181742).

Список пакетов

SUSE Enterprise Storage 6

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Linux Enterprise Module for Package Hub 15 SP2

python2-ovs-2.11.5-3.15.3

SUSE Linux Enterprise Server 15 SP1-BCL

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Linux Enterprise Server 15 SP1-LTSS

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Linux Enterprise Server for SAP Applications 15 SP1

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Manager Proxy 4.0

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Manager Retail Branch Server 4.0

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

SUSE Manager Server 4.0

libopenvswitch-2_11-0-2.11.5-3.15.3

openvswitch-2.11.5-3.15.3

openvswitch-devel-2.11.5-3.15.3

Ссылки

https://www.suse.com/support/update/announcement/2021/suse-su-20210439-1/
Link for SUSE-SU-2021:0439-1
https://lists.suse.com/pipermail/sle-security-updates/2021-February/008313.html
E-Mail link for SUSE-SU-2021:0439-1
https://www.suse.com/support/security/rating/
SUSE Security Ratings
https://bugzilla.suse.com/1181742
SUSE Bug 1181742
https://www.suse.com/security/cve/CVE-2020-35498/
SUSE CVE CVE-2020-35498 page

Описание

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Затронутые продукты

SUSE Enterprise Storage 6:libopenvswitch-2_11-0-2.11.5-3.15.3

SUSE Enterprise Storage 6:openvswitch-2.11.5-3.15.3

SUSE Enterprise Storage 6:openvswitch-devel-2.11.5-3.15.3

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS:libopenvswitch-2_11-0-2.11.5-3.15.3

Ссылки

https://www.suse.com/security/cve/CVE-2020-35498.html
CVE-2020-35498
https://bugzilla.suse.com/1181742
SUSE Bug 1181742

SUSE-SU-2021:0439-1

Описание

Список пакетов

SUSE Enterprise Storage 6

SUSE Linux Enterprise High Performance Computing 15 SP1-ESPOS

SUSE Linux Enterprise High Performance Computing 15 SP1-LTSS

SUSE Linux Enterprise Module for Package Hub 15 SP2

SUSE Linux Enterprise Server 15 SP1-BCL

SUSE Linux Enterprise Server 15 SP1-LTSS

SUSE Linux Enterprise Server for SAP Applications 15 SP1

SUSE Manager Proxy 4.0

SUSE Manager Retail Branch Server 4.0

SUSE Manager Server 4.0

Ссылки

Уязвимость: CVE-2020-35498

Описание

Затронутые продукты

Ссылки