869365 – (CVE-2019-25076) net-misc/openvswitch: DoS via crafted packet

Bug 869365 (CVE-2019-25076) - net-misc/openvswitch: DoS via crafted packet

Summary: net-misc/openvswitch: DoS via crafted packet

Status:	CONFIRMED

Alias:	CVE-2019-25076

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B3 [??]
Keywords:	PullRequest

Depends on:
Blocks:

Reported:	2022-09-09 15:47 UTC by John Helmert III
Modified:	2023-12-29 14:16 UTC (History)
CC List:	2 users (show)

See Also:	https://github.com/gentoo/gentoo/pull/34529
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description John Helmert III archtester

2022-09-09 15:47:17 UTC

CVE-2019-25076 (https://sites.google.com/view/tuple-space-explosion):
https://dl.acm.org/citation.cfm?doid=3359989.3365431
https://arxiv.org/abs/2011.09107
https://www.youtube.com/watch?v=DSC3m-Bww64
https://www.youtube.com/watch?v=5cHpzVK0D28

The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.

Fixed version isn't apparent to me