Summary: | <net-misc/openvswitch-2.15.0: limitation in the OVS packet parsing in userspace leads to DoS (CVE-2020-35498) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | John Helmert III <ajak> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | prometheanfire, virtualization |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://mail.openvswitch.org/pipermail/ovs-announce/2021-February/000271.html | ||
Whiteboard: | B3 [glsa+ cve] | ||
Package list: | Runtime testing required: | --- |
Description
John Helmert III
2021-02-11 01:51:15 UTC
Ping The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=5e7539efe063efccea4bb469643ce76de1368e1c commit 5e7539efe063efccea4bb469643ce76de1368e1c Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2021-06-05 20:41:26 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2021-06-05 20:41:41 +0000 net-misc/openvswitch: 2.15.0 bump Bug: https://bugs.gentoo.org/769995 Package-Manager: Portage-3.0.18, Repoman-3.0.2 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> net-misc/openvswitch/Manifest | 1 + net-misc/openvswitch/openvswitch-2.15.0.ebuild | 144 +++++++++++++++++++++++++ 2 files changed, 145 insertions(+) The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=d9541eceef95f8758d466afd02eae7fd33555717 commit d9541eceef95f8758d466afd02eae7fd33555717 Author: Matthew Thode <prometheanfire@gentoo.org> AuthorDate: 2021-06-05 20:46:45 +0000 Commit: Matthew Thode <prometheanfire@gentoo.org> CommitDate: 2021-06-05 20:46:52 +0000 net-misc/openvswitch: 2.15.0 fast stable for cve Bug: https://bugs.gentoo.org/769995 Package-Manager: Portage-3.0.18, Repoman-3.0.2 Signed-off-by: Matthew Thode <prometheanfire@gentoo.org> net-misc/openvswitch/openvswitch-2.15.0.ebuild | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) Please cleanup when ready, though might be good to wait a couple days in case of any regressions. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. Package list is empty or all packages have requested keywords. The bug has been referenced in the following commit(s): https://gitweb.gentoo.org/data/glsa.git/commit/?id=6109db58da8356109819f2e31a15acb75bbd5b61 commit 6109db58da8356109819f2e31a15acb75bbd5b61 Author: GLSAMaker <glsamaker@gentoo.org> AuthorDate: 2023-11-26 10:06:58 +0000 Commit: Hans de Graaff <graaff@gentoo.org> CommitDate: 2023-11-26 10:07:30 +0000 [ GLSA 202311-16 ] Open vSwitch: Multiple Vulnerabilities Bug: https://bugs.gentoo.org/765346 Bug: https://bugs.gentoo.org/769995 Bug: https://bugs.gentoo.org/803107 Bug: https://bugs.gentoo.org/887561 Signed-off-by: GLSAMaker <glsamaker@gentoo.org> Signed-off-by: Hans de Graaff <graaff@gentoo.org> glsa-202311-16.xml | 51 +++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 51 insertions(+) |