Openvswitch: >> Openvswitch >> 2.17.3 Security Vulnerabilities
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.
CVSS Score
7.5
EPSS Score
0.0
Published
2024-02-22
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.
CVSS Score
7.1
EPSS Score
0.0
Published
2023-10-06
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
CVSS Score
9.8
EPSS Score
0.005
Published
2023-01-10
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
CVSS Score
9.8
EPSS Score
0.004
Published
2023-01-10