Cloudbase Open Vswitch
By the Year
In 2024 there have been 0 vulnerabilities in Cloudbase Open Vswitch . Last year Open Vswitch had 1 security vulnerability published. Right now, Open Vswitch is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 8.20 |
| 2022 | 1 | 8.80 |
| 2021 | 0 | 0.00 |
| 2020 | 0 | 0.00 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Open Vswitch vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent Cloudbase Open Vswitch Security Vulnerabilities
A flaw was found in openvswitch (OVS)
CVE-2023-1668
8.2 - High
- April 10, 2023
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
Always-Incorrect Control Flow Implementation
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c
CVE-2022-32166
8.8 - High
- September 28, 2022
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of minimasks function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
Out-of-bounds Read
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for Debian Linux or by Cloudbase? Click the Watch button to subscribe.
