First published: Thu Dec 17 2020(Updated: )
A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.
Credit: secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
debian/openvswitch | <=2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12+deb10u2<=2.10.0+2018.08.28+git.8ca7c82b7d+ds1-12<=2.15.0~git20210104.def6eb1ea+dfsg1-4<=2.10.6+ds1-0+deb10u1 | |
Openvswitch Openvswitch | >=2.5.0<2.5.12 | |
Openvswitch Openvswitch | >=2.6.0<2.6.10 | |
Openvswitch Openvswitch | >=2.7.0<2.7.13 | |
Openvswitch Openvswitch | >=2.8.0<2.8.11 | |
Openvswitch Openvswitch | >=2.9.0<2.9.9 | |
Openvswitch Openvswitch | >=2.10.0<2.10.7 | |
Openvswitch Openvswitch | >=2.11.0<2.11.6 | |
Openvswitch Openvswitch | >=2.12.0<2.12.3 | |
Openvswitch Openvswitch | >=2.13.0<2.13.3 | |
Openvswitch Openvswitch | >=2.14.0<2.14.2 | |
Debian Debian Linux | =9.0 | |
Debian Debian Linux | =10.0 | |
Fedoraproject Fedora | =33 | |
redhat/openvswitch2.11 | <0:2.11.3-86.el7fd | 0:2.11.3-86.el7fd |
redhat/openvswitch2.13 | <0:2.13.0-81.el7fd | 0:2.13.0-81.el7fd |
redhat/openvswitch | <0:2.9.9-1.el7fd | 0:2.9.9-1.el7fd |
redhat/openvswitch2.13 | <0:2.13.0-79.5.el8fd | 0:2.13.0-79.5.el8fd |
redhat/openvswitch2.11 | <0:2.11.3-83.el8fd | 0:2.11.3-83.el8fd |
redhat/ovn2.11 | <0:2.11.1-57.el7fd | 0:2.11.1-57.el7fd |
debian/openvswitch | 2.10.7+ds1-0+deb10u1 2.10.7+ds1-0+deb10u4 2.15.0+ds1-2+deb11u4 3.1.0-2 3.2.2~git20231029-2 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
(Appears in the following advisories)
The vulnerability ID for this openvswitch vulnerability is CVE-2020-35498.
The severity of CVE-2020-35498 is high (7.5).
The affected software for CVE-2020-35498 is openvswitch.
A malicious user can exploit CVE-2020-35498 by sending a specially crafted packet to the openvswitch, causing a denial of service.
Yes, there is a remedy for CVE-2020-35498. The recommended remedy is to update openvswitch to version 2.5.12 or higher.