Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2023:0687: Red Hat Security Advisory: openvswitch2.15 security, bug fix and enhancement update

An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-4337: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a denial of service.
  • CVE-2022-4338: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow.
Red Hat Security Data
#vulnerability#web#linux#red_hat#dos#nodejs#js#java#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • OpenShift Dev Spaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

発行日:

2023-02-09

更新日:

2023-02-09

RHSA-2023:0687 - Security Advisory

  • 概要
  • 更新パッケージ

概要

Moderate: openvswitch2.15 security, bug fix and enhancement update

タイプ/重大度

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

トピック

An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

説明

Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

  • openvswitch: Out-of-Bounds Read in Organization Specific TLV (CVE-2022-4337)
  • openvswitch: Integer Underflow in Organization Specific TLV (CVE-2022-4338)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

影響を受ける製品

  • Red Hat Enterprise Linux Fast Datapath 8 x86_64
  • Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8 ppc64le
  • Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8 s390x
  • Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8 aarch64

修正

  • BZ - 2060552 - Userspace datapath drops the encapsulated packet with inner vlan if sent to the access port
  • BZ - 2155378 - CVE-2022-4337 openvswitch: Out-of-Bounds Read in Organization Specific TLV
  • BZ - 2155381 - CVE-2022-4338 openvswitch: Integer Underflow in Organization Specific TLV
  • BZ - 2162030 - [23.A RHEL-8] Fast Datapath Release

参考資料

  • https://access.redhat.com/security/updates/classification/#moderate

Red Hat Enterprise Linux Fast Datapath 8

SRPM

openvswitch2.15-2.15.0-133.el8fdp.src.rpm

SHA-256: 5995148990613349029241f70199ef7d2cc7540ac18e88bd64d8c38bda8e8170

x86_64

network-scripts-openvswitch2.15-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: 8429905c5c0414028d8173b3b796ea6575eb25379e1863e17e67e2836e8af4f5

openvswitch2.15-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: db7d5060dafe35cf77af86317b0dd2db47b98e81902eff4d1e54a088f2419a52

openvswitch2.15-debuginfo-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: d6a60aa8c43c121cfe8222f86728e05883b27e869e861c9390ab12474ec82cdf

openvswitch2.15-debugsource-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: e93f7f28c23f6200d7a884c601b1cd46518d1b963c7dfbf3dc88351179a43e4c

openvswitch2.15-devel-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: 18afa031deb5b640120f6cb69daf5081174ab9eacc584ad7595446be9455a8a2

openvswitch2.15-ipsec-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: 8d6ddb21f8a8b16476c0ce7c5449d30fa31b9c90cf437a8331d9a4d891ce9092

openvswitch2.15-test-2.15.0-133.el8fdp.noarch.rpm

SHA-256: 0e33913159c9fb1b9aec294a9e9310c989329227f971f761f2b8fbc671dad6e7

python3-openvswitch2.15-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: f5b94ed046134eb302cb75ea103b3c439c6f08ac3a010b01686a6e20f3e71be1

python3-openvswitch2.15-debuginfo-2.15.0-133.el8fdp.x86_64.rpm

SHA-256: af4da352034762ba26dcfa11173854011040447449ad56c03a02cdd308e778bd

Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8

SRPM

openvswitch2.15-2.15.0-133.el8fdp.src.rpm

SHA-256: 5995148990613349029241f70199ef7d2cc7540ac18e88bd64d8c38bda8e8170

ppc64le

network-scripts-openvswitch2.15-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: e9492328cabb5743a9b45bd418738f42b21f8ce0948ff68f15c2521455cd4da0

openvswitch2.15-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: 27d03004f5741fa7be5c3dd6ff2fbbea5ebe7237ffc5bfda550984ad96f82ad1

openvswitch2.15-debuginfo-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: 1e118b75de544ab51887428e2887f16f23b51ce5282d98c60c32e04868c323cb

openvswitch2.15-debugsource-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: 237ab865171f6659e56960cd1b99bc7f0041fcf6c859132bc625926569c7aca1

openvswitch2.15-devel-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: 145a49762d6bb8fdfd44575b58b0848239a05a9fcdc39d84d3ec34f03dc74c50

openvswitch2.15-ipsec-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: ef3bf05784f592cc0902a4e80156b4408a4d5d867469116870c637b09db486ac

openvswitch2.15-test-2.15.0-133.el8fdp.noarch.rpm

SHA-256: 0e33913159c9fb1b9aec294a9e9310c989329227f971f761f2b8fbc671dad6e7

python3-openvswitch2.15-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: 25f91c01bc0d80bc25f73503845267f8eec505010558694ee649732a28db0e7d

python3-openvswitch2.15-debuginfo-2.15.0-133.el8fdp.ppc64le.rpm

SHA-256: 440fb8f7d626e1038ab358666e42249971b818e606e9ce6ca09d970c2a96f489

Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8

SRPM

openvswitch2.15-2.15.0-133.el8fdp.src.rpm

SHA-256: 5995148990613349029241f70199ef7d2cc7540ac18e88bd64d8c38bda8e8170

s390x

network-scripts-openvswitch2.15-2.15.0-133.el8fdp.s390x.rpm

SHA-256: 169965fc24047d5976a9aade7da942fbfd98606b3ec1691d209634ae4dc24347

openvswitch2.15-2.15.0-133.el8fdp.s390x.rpm

SHA-256: b423e61852a2e091337b5f534b948828621f98341c4a3b3396583aaa9e56967d

openvswitch2.15-debuginfo-2.15.0-133.el8fdp.s390x.rpm

SHA-256: 6b2505536938db80d0d2923a71e95cd09c3be281983fe05dcf4ea99fe0071011

openvswitch2.15-debugsource-2.15.0-133.el8fdp.s390x.rpm

SHA-256: 46c7dfa1e773cb0d47632e79f390c4f365a3f8bdb2e823ea5c18df5751b7d2a4

openvswitch2.15-devel-2.15.0-133.el8fdp.s390x.rpm

SHA-256: 3f5557a26ef3f38c6891148521d253950e564d0694650bf818c96a4129f1b9ab

openvswitch2.15-ipsec-2.15.0-133.el8fdp.s390x.rpm

SHA-256: 5d24920e5bad67c59c503b475412bf84593fc3c14f8ea22d7e065fcdc1f59383

openvswitch2.15-test-2.15.0-133.el8fdp.noarch.rpm

SHA-256: 0e33913159c9fb1b9aec294a9e9310c989329227f971f761f2b8fbc671dad6e7

python3-openvswitch2.15-2.15.0-133.el8fdp.s390x.rpm

SHA-256: ac5155473172a1cbb82b883507111840d99cce22709eef8d71206e9812d631db

python3-openvswitch2.15-debuginfo-2.15.0-133.el8fdp.s390x.rpm

SHA-256: 094dd87a0448890e00d07758f82dc4ae68c7a7d2973083e316c37d1f15a6426d

Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8

SRPM

openvswitch2.15-2.15.0-133.el8fdp.src.rpm

SHA-256: 5995148990613349029241f70199ef7d2cc7540ac18e88bd64d8c38bda8e8170

aarch64

network-scripts-openvswitch2.15-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: 40fb04491005a1c321908f9ec7e1a51ecaa01bff0a41b1b1b6ccdcc50d47940e

openvswitch2.15-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: 5ffbce9890c61f63db3cb0a568b11142a4021e2044314f4c32bdbd6d469e59f7

openvswitch2.15-debuginfo-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: affed2612ef256a0330f1cf55aad67a607c2afaef7afc8118b1272566fbf0221

openvswitch2.15-debugsource-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: e560ffd10629f9db71914dc2cf8a571673a67326eeeca71c1157fdfd9dcc5d3e

openvswitch2.15-devel-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: 2eb923a548818f2cd9da6f5b5f2887bbd292283f000c529063f46b6027f66075

openvswitch2.15-ipsec-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: a7be0226bee182ea39871569f70feafe6cde350f6fae5b600602eab1577a7f95

openvswitch2.15-test-2.15.0-133.el8fdp.noarch.rpm

SHA-256: 0e33913159c9fb1b9aec294a9e9310c989329227f971f761f2b8fbc671dad6e7

python3-openvswitch2.15-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: 73c71ca7f96610cc5f1e02faffad1614defbd684088c9bb6ff9f76298187178a

python3-openvswitch2.15-debuginfo-2.15.0-133.el8fdp.aarch64.rpm

SHA-256: 3cce7b02d81ab9aaa0999ffae4f1c4c20862b09901546a3bc4955b74a597ac43

Red Hat のセキュリティーに関する連絡先は [email protected] です。 連絡先の詳細は https://access.redhat.com/security/team/contact/ をご覧ください。

Related news

Gentoo Linux Security Advisory 202311-16

Gentoo Linux Security Advisory 202311-16 - Multiple denial of service vulnerabilities have been found in Open vSwitch. Versions greater than or equal to 2.17.6 are affected.

RHSA-2023:0899: Red Hat Security Advisory: OpenShift Container Platform 4.10.53 bug fix and security update

Red Hat OpenShift Container Platform release 4.10.53 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.10. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeri...

Red Hat Security Advisory 2023-0778-01

Red Hat Security Advisory 2023-0778-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments. This advisory contains the container images for Red Hat OpenShift Container Platform 4.9.56.

RHSA-2023:0778: Red Hat Security Advisory: OpenShift Container Platform 4.9.56 security update

Red Hat OpenShift Container Platform release 4.9.56 is now available with updates to packages and images that fix several bugs and add enhancements. This release includes a security update for Red Hat OpenShift Container Platform 4.9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-3064: A flaw was found in go-yaml. This issue causes the consumption of excessive amounts of CPU or memory when attempting to parse a large or maliciously crafted YAML document.

RHSA-2023:0774: Red Hat Security Advisory: OpenShift Container Platform 4.11.28 security update

Red Hat OpenShift Container Platform release 4.11.28 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-4238: A flaw was found in goutils where randomly generated alphanumeric strings contain significantly less entropy than expected. Both the `RandomAlphaNumeric` and `CryptoRandomAlphaNumeric` functions always return strings containing at least one digit from 0 to 9. This issu...

Red Hat Security Advisory 2023-0769-01

Red Hat Security Advisory 2023-0769-01 - Red Hat OpenShift Container Platform is Red Hat's cloud computing Kubernetes application platform solution designed for on-premise or private cloud deployments.

RHSA-2023:0769: Red Hat Security Advisory: OpenShift Container Platform 4.12.4 security update

Red Hat OpenShift Container Platform release 4.12.4 is now available with updates to packages and images that fix several bugs and add enhancements. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-41717: A flaw was found in the net/http library of the golang package. This flaw allows an attacker to cause excessive memory growth in a Go server accepting HTTP/2 requests. HTTP/2 server connections contain a cache of HTTP header keys sent by the client. While the total numb...

Red Hat Security Advisory 2023-0691-01

Red Hat Security Advisory 2023-0691-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

Red Hat Security Advisory 2023-0685-01

Red Hat Security Advisory 2023-0685-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

Red Hat Security Advisory 2023-0688-01

Red Hat Security Advisory 2023-0688-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

Red Hat Security Advisory 2023-0689-01

Red Hat Security Advisory 2023-0689-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

Red Hat Security Advisory 2023-0687-01

Red Hat Security Advisory 2023-0687-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include an out of bounds read vulnerability.

RHSA-2023:0689: Red Hat Security Advisory: openvswitch2.16 security, bug fix and enhancement update

An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4337: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a denial of service. * CVE-2022-4338: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow.

RHSA-2023:0688: Red Hat Security Advisory: openvswitch2.17 security, bug fix and enhancement update

An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4337: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a denial of service. * CVE-2022-4338: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow.

RHSA-2023:0691: Red Hat Security Advisory: openvswitch2.17 security, bug fix and enhancement update

An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-4337: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a denial of service. * CVE-2022-4338: A flaw was found in the OpenvSwitch package. If LLDP processing is enabled for a specific port, crafted LLDP packets could cause a data underflow.

Debian Security Advisory 5319-1

Debian Linux Security Advisory 5319-1 - Two vulnerabilities were discovered in the LLPD implementation of Open vSwitch, software-based Ethernet virtual switch, which could result in denial of service.

Debian Security Advisory 5319-1

Debian Linux Security Advisory 5319-1 - Two vulnerabilities were discovered in the LLPD implementation of Open vSwitch, software-based Ethernet virtual switch, which could result in denial of service.