CPE Details
Open vSwitch 2.10.6
2.10.6
2021-02-16
13h42 +00:00
13h42 +00:00
2021-02-16
13h42 +00:00
13h42 +00:00
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
CPE Name: cpe:2.3:a:openvswitch:openvswitch:2.10.6:*:*:*:*:*:*:*
Informations
Vendor
openvswitchProduct
openvswitchVersion
2.10.6Related CVE
| CVE ID | Published | Description | Score | Severity |
|---|---|---|---|---|
| A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. | 7.1 |
High |
||
| An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
Critical |
||
| An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | 9.8 |
Critical |
||
| The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack. | 5.8 |
Medium |
||
| A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments. | 7.5 |
High |
||
| A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability. | 7.5 |
High |
2025©
tesweb SA
