Headline
RHSA-2022:6386: Red Hat Security Advisory: openvswitch2.17 security update
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-09-07
Updated:
2022-09-07
RHSA-2022:6386 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: openvswitch2.17 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.
Security Fix(es):
- dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Fast Datapath 9 x86_64
- Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9 ppc64le
- Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9 s390x
- Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9 aarch64
Fixes
- BZ - 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Enterprise Linux Fast Datapath 9
SRPM
openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm
SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d
x86_64
openvswitch2.17-2.17.0-32.3.el9fdp.x86_64.rpm
SHA-256: c077ca48ee28432db048084e49c728c9804b60c8eb4b93e8af1c8c137f5899cf
openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.x86_64.rpm
SHA-256: bad8dbaf86d61974010af7e9a2ab5a7ab9b9171fb76b539f40db8f43484c2ac7
openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.x86_64.rpm
SHA-256: c70e3015043544506ffe24025ca4269669f97d377e1f5a71cd52d5f2c79fb637
openvswitch2.17-devel-2.17.0-32.3.el9fdp.x86_64.rpm
SHA-256: 9de28897428834e28c6d053c617b80e829d862843d2a311e717f9651bb849ab4
openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.x86_64.rpm
SHA-256: 59e28b4d6b34291729b95a2a162776f833de8497008686b4c38cb67170cab2f8
openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm
SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53
python3-openvswitch2.17-2.17.0-32.3.el9fdp.x86_64.rpm
SHA-256: 6afbd261057be8ac115abc3e844a66635a89fd6e0d632a1c253cdd2d86a433d4
python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.x86_64.rpm
SHA-256: 13ecfdad046b88bb5f68a6b801d103a05bdc9f44e320c3baf32fb6c64c237b3c
Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9
SRPM
openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm
SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d
ppc64le
openvswitch2.17-2.17.0-32.3.el9fdp.ppc64le.rpm
SHA-256: 9576e1edc020a5f4c80e6a7b0b4830f70d57a38e3aeef895c24282db543d1271
openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.ppc64le.rpm
SHA-256: b4ec5b792ac5c71ee57deef5be9d148e24c4f7abff404fa3ae6c7fa9f407cf45
openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.ppc64le.rpm
SHA-256: fdc63f55686d36fab30fa7771589dad76f710669086e3bf31accb8ba7799d886
openvswitch2.17-devel-2.17.0-32.3.el9fdp.ppc64le.rpm
SHA-256: c9b8b2cd7c86db285c5f53ebd1b8d49b43a441facc914e47686c1ca249e09cb3
openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.ppc64le.rpm
SHA-256: 3eba2a017654b43c95e9f3a8d0d41144ddd0b2c2b6847a90a889767e67340a30
openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm
SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53
python3-openvswitch2.17-2.17.0-32.3.el9fdp.ppc64le.rpm
SHA-256: 464c5f8bbef7bda94ac33f8bd9520501025f9507ec3c1857525d89e57ffb850e
python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.ppc64le.rpm
SHA-256: 3e291f34960cddd10dba7da6c185b211b8383e0f2e4bfddf2ec93e707592d99f
Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9
SRPM
openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm
SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d
s390x
openvswitch2.17-2.17.0-32.3.el9fdp.s390x.rpm
SHA-256: b219b9dfc9e10c39c5c0e7beb483d295d8e18d078986ebfcc66f7c8561ba8389
openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.s390x.rpm
SHA-256: 18c2bcf381ef3399b9daf272912a5dc8e13d33d66c66bbac50cd4394225b9d5b
openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.s390x.rpm
SHA-256: 95327fe28448f5f7e271afbf41944a4e98d98981d85974f5c3d34fcf83ef13d6
openvswitch2.17-devel-2.17.0-32.3.el9fdp.s390x.rpm
SHA-256: eb7bf325caabf208f020f4ee2e3945dcde7ef53e9da629c3618f49d205d6183d
openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.s390x.rpm
SHA-256: c5052aadeec7d1ad8d1f4003798c4157e6ed290609fbb9346995ecb35c2c67cb
openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm
SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53
python3-openvswitch2.17-2.17.0-32.3.el9fdp.s390x.rpm
SHA-256: 529acad61145e04ddeca3d879f1ab6a3e8d6a28f598b19c98c5290143eec95fe
python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.s390x.rpm
SHA-256: f1294ff94c760874033cc72ba4cb27038b643894dab70dbbc2563a6292df801d
Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9
SRPM
openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm
SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d
aarch64
openvswitch2.17-2.17.0-32.3.el9fdp.aarch64.rpm
SHA-256: 1211ea1f735ad84f331bc3b5fcbca8ff34c118fb01a735b144dfee4fabd58451
openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.aarch64.rpm
SHA-256: 2866b8529f53c02030bf7921df6a82005c210c907f355fff6f6cdffa963a9f4c
openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.aarch64.rpm
SHA-256: fd340a6a61a89ed789b6cdc612910851843d9e218848c39379ce7d86466d55ab
openvswitch2.17-devel-2.17.0-32.3.el9fdp.aarch64.rpm
SHA-256: c82c0b970affe7895dc7234de6a1fed30593b0d5c68187143d12ef4155060d00
openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.aarch64.rpm
SHA-256: f1ef917d3e0d54bfda49441ec3a08f38025a0b671b05c057e753fb74f18f8e6a
openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm
SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53
python3-openvswitch2.17-2.17.0-32.3.el9fdp.aarch64.rpm
SHA-256: 576311f5bb48d817265ff17e15ecf3dac7b6cf18ad98a102d94fb39bae514e30
python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.aarch64.rpm
SHA-256: 0b538ce994e9d7551691b6289e2a28869e8bb9304ebe6d5b01764bf1a05c839d
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-0168-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0172-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
An update for dpdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3839: DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-28199: dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
Red Hat Security Advisory 2022-7268-01 - An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Issues addressed include a denial of service vulnerability.
An update for openvswitch2.11 is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...
Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.
Red Hat Security Advisory 2022-6385-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6386-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.