CVE-2023-3966

< 3.1.0

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of

7.5HIGH

CVE-2024-22563

all versions

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.

7.5HIGH

CVE-2023-5366

< 2023-02-28

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rul

7.1HIGH

CVE-2023-1668

>= 1.5.0 and < 2.13.11

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without th

8.2HIGH

CVE-2022-4338

< 2.13.10

An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.

9.8CRITICAL

CVE-2022-4337

< 2.13.10

An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.

9.8CRITICAL

CVE-2022-32166

>= 0.90.0 and <= 2.5.0

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks”

6.1MEDIUM

CVE-2019-25076

>= 2.0.0 and <= 2.17.2

The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of s

5.8MEDIUM

CVE-2022-0669

all versions

A flaw was found in dpdk. This flaw allows a malicious vhost-user master to attach an unexpected number of fds as ancillary data t

6.5MEDIUM

CVE-2021-3905

< 2.17.0

A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to pot

7.5HIGH

CVE-2021-36980

>= 2.11.0 and <= 2.15.0

Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and

5.5MEDIUM

CVE-2020-27827

>= 2.6.0 and < 2.6.9

A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating d

7.5HIGH

CVE-2020-35498

>= 2.5.0 and < 2.5.12

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious use

7.5HIGH

CVE-2018-17206

>= 2.7.0 and <= 2.7.6

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected

4.9MEDIUM

CVE-2018-17205

>= 2.7.0 and <= 2.7.6

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bu

7.5HIGH

CVE-2018-17204

>= 2.7.0 and <= 2.7.6

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util

4.3MEDIUM

CVE-2017-14970

<= 2.8.0

In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod m

5.9MEDIUM

CVE-2017-9265

all versions

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in

9.8CRITICAL

CVE-2017-9264

all versions

In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed

9.8CRITICAL

CVE-2017-9263

all versions

In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined

6.5MEDIUM

CVE-2016-10377

all versions

In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsign

8.8HIGH

CVE-2017-9214

all versions

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that i

9.8CRITICAL

CVE-2016-2074

all versions

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote at

9.8CRITICAL

CVE-2012-3449

all versions

Open vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvs