CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS
Percentile
15.5%
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.
[
{
"product": "openvswitch",
"vendor": "n/a",
"versions": [
{
"version": "3.1.0",
"status": "unaffected"
}
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.10",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.11",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.12",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.13",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.11",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.12",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.13",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.15",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.16",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.17",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 8",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch3.1",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:8::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch2.17",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch3.0",
"defaultStatus": "unknown",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch3.1",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Fast Datapath for RHEL 9",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch3.2",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:9::fastdatapath"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat Enterprise Linux 7",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch",
"defaultStatus": "affected",
"cpes": [
"cpe:/o:redhat:enterprise_linux:7"
]
},
{
"vendor": "Red Hat",
"product": "Red Hat OpenShift Container Platform 3.11",
"collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
"packageName": "openvswitch-ovn-kubernetes",
"defaultStatus": "unaffected",
"cpes": [
"cpe:/a:redhat:openshift:3.11"
]
},
{
"product": "OpenStack RDO",
"vendor": "RDO",
"collectionURL": "https://repos.fedorapeople.org/repos/openstack/",
"packageName": "rdo-openvswitch",
"defaultStatus": "affected"
},
{
"product": "Fedora",
"vendor": "Fedora",
"collectionURL": "https://packages.fedoraproject.org/",
"packageName": "openvswitch",
"defaultStatus": "affected"
}
]