CVE-2020-35498: Multiple versions of Open vSwitch are vulnerable to potential problems like denial of service attacks, in which crafted network packets could cause the packet lookup to ignore network header fields from layers 3 and 4. Both kernel and userspace datapaths are affected, including DPDK enabled Open vSwitch (OVS-DPDK) as an example of the latter. The crafted network packet is an ordinary IPv4 or IPv6 packet with Ethernet padding length above 255 bytes. This causes the packet sanity check to abort parsing header fields after layer 2. When that situation happens, the classifier will use an unexpected set of header fields. This could cause the packet lookup to either match on unintended flows or return the default table miss action 'drop'. As a consequence, the datapath can be instructed to match on an incorrect range of packets with an action to drop them, for example. Further legit traffic could hit the cached flow preventing it to expire extending the situation. Patch (in 2.14.2): https://github.com/openvswitch/ovs/commit/59b588604b89e85b463984ba08a99badb4fcba15 Please bump.
Ping
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e7539efe063efccea4bb469643ce76de1368e1c commit 5e7539efe063efccea4bb469643ce76de1368e1c Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2021-06-05 20:41:26 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2021-06-05 20:41:41 +0000 net-misc/openvswitch: 2.15.0 bump Bug: https://bugs.gentoo.org/769995 Package-Manager: Portage-3.0.18, Repoman-3.0.2 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> net-misc/openvswitch/Manifest | 1 + net-misc/openvswitch/openvswitch-2.15.0.ebuild | 144 +++++++++++++++++++++++++ 2 files changed, 145 insertions(+)
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9541eceef95f8758d466afd02eae7fd33555717 commit d9541eceef95f8758d466afd02eae7fd33555717 Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2021-06-05 20:46:45 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2021-06-05 20:46:52 +0000 net-misc/openvswitch: 2.15.0 fast stable for cve Bug: https://bugs.gentoo.org/769995 Package-Manager: Portage-3.0.18, Repoman-3.0.2 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> net-misc/openvswitch/openvswitch-2.15.0.ebuild | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-)
Please cleanup when ready, though might be good to wait a couple days in case of any regressions.
Package list is empty or all packages have requested keywords.
The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=6109db58da8356109819f2e31a15acb75bbd5b61 commit 6109db58da8356109819f2e31a15acb75bbd5b61 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-11-26 10:06:58 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-11-26 10:07:30 +0000 [ GLSA 202311-16 ] Open vSwitch: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/765346 Bug: https://bugs.gentoo.org/769995 Bug: https://bugs.gentoo.org/803107 Bug: https://bugs.gentoo.org/887561 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202311-16.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+)
