Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:6386: Red Hat Security Advisory: openvswitch2.17 security update

An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-09-07

Updated:

2022-09-07

RHSA-2022:6386 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: openvswitch2.17 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

  • dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Fast Datapath 9 x86_64
  • Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9 ppc64le
  • Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9 s390x
  • Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9 aarch64

Fixes

  • BZ - 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

Red Hat Enterprise Linux Fast Datapath 9

SRPM

openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm

SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d

x86_64

openvswitch2.17-2.17.0-32.3.el9fdp.x86_64.rpm

SHA-256: c077ca48ee28432db048084e49c728c9804b60c8eb4b93e8af1c8c137f5899cf

openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.x86_64.rpm

SHA-256: bad8dbaf86d61974010af7e9a2ab5a7ab9b9171fb76b539f40db8f43484c2ac7

openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.x86_64.rpm

SHA-256: c70e3015043544506ffe24025ca4269669f97d377e1f5a71cd52d5f2c79fb637

openvswitch2.17-devel-2.17.0-32.3.el9fdp.x86_64.rpm

SHA-256: 9de28897428834e28c6d053c617b80e829d862843d2a311e717f9651bb849ab4

openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.x86_64.rpm

SHA-256: 59e28b4d6b34291729b95a2a162776f833de8497008686b4c38cb67170cab2f8

openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm

SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53

python3-openvswitch2.17-2.17.0-32.3.el9fdp.x86_64.rpm

SHA-256: 6afbd261057be8ac115abc3e844a66635a89fd6e0d632a1c253cdd2d86a433d4

python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.x86_64.rpm

SHA-256: 13ecfdad046b88bb5f68a6b801d103a05bdc9f44e320c3baf32fb6c64c237b3c

Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 9

SRPM

openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm

SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d

ppc64le

openvswitch2.17-2.17.0-32.3.el9fdp.ppc64le.rpm

SHA-256: 9576e1edc020a5f4c80e6a7b0b4830f70d57a38e3aeef895c24282db543d1271

openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.ppc64le.rpm

SHA-256: b4ec5b792ac5c71ee57deef5be9d148e24c4f7abff404fa3ae6c7fa9f407cf45

openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.ppc64le.rpm

SHA-256: fdc63f55686d36fab30fa7771589dad76f710669086e3bf31accb8ba7799d886

openvswitch2.17-devel-2.17.0-32.3.el9fdp.ppc64le.rpm

SHA-256: c9b8b2cd7c86db285c5f53ebd1b8d49b43a441facc914e47686c1ca249e09cb3

openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.ppc64le.rpm

SHA-256: 3eba2a017654b43c95e9f3a8d0d41144ddd0b2c2b6847a90a889767e67340a30

openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm

SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53

python3-openvswitch2.17-2.17.0-32.3.el9fdp.ppc64le.rpm

SHA-256: 464c5f8bbef7bda94ac33f8bd9520501025f9507ec3c1857525d89e57ffb850e

python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.ppc64le.rpm

SHA-256: 3e291f34960cddd10dba7da6c185b211b8383e0f2e4bfddf2ec93e707592d99f

Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 9

SRPM

openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm

SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d

s390x

openvswitch2.17-2.17.0-32.3.el9fdp.s390x.rpm

SHA-256: b219b9dfc9e10c39c5c0e7beb483d295d8e18d078986ebfcc66f7c8561ba8389

openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.s390x.rpm

SHA-256: 18c2bcf381ef3399b9daf272912a5dc8e13d33d66c66bbac50cd4394225b9d5b

openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.s390x.rpm

SHA-256: 95327fe28448f5f7e271afbf41944a4e98d98981d85974f5c3d34fcf83ef13d6

openvswitch2.17-devel-2.17.0-32.3.el9fdp.s390x.rpm

SHA-256: eb7bf325caabf208f020f4ee2e3945dcde7ef53e9da629c3618f49d205d6183d

openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.s390x.rpm

SHA-256: c5052aadeec7d1ad8d1f4003798c4157e6ed290609fbb9346995ecb35c2c67cb

openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm

SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53

python3-openvswitch2.17-2.17.0-32.3.el9fdp.s390x.rpm

SHA-256: 529acad61145e04ddeca3d879f1ab6a3e8d6a28f598b19c98c5290143eec95fe

python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.s390x.rpm

SHA-256: f1294ff94c760874033cc72ba4cb27038b643894dab70dbbc2563a6292df801d

Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 9

SRPM

openvswitch2.17-2.17.0-32.3.el9fdp.src.rpm

SHA-256: c97b4df586260fbc2f154df352af885f737d589b3afcb421957ed69d77ed770d

aarch64

openvswitch2.17-2.17.0-32.3.el9fdp.aarch64.rpm

SHA-256: 1211ea1f735ad84f331bc3b5fcbca8ff34c118fb01a735b144dfee4fabd58451

openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.aarch64.rpm

SHA-256: 2866b8529f53c02030bf7921df6a82005c210c907f355fff6f6cdffa963a9f4c

openvswitch2.17-debugsource-2.17.0-32.3.el9fdp.aarch64.rpm

SHA-256: fd340a6a61a89ed789b6cdc612910851843d9e218848c39379ce7d86466d55ab

openvswitch2.17-devel-2.17.0-32.3.el9fdp.aarch64.rpm

SHA-256: c82c0b970affe7895dc7234de6a1fed30593b0d5c68187143d12ef4155060d00

openvswitch2.17-ipsec-2.17.0-32.3.el9fdp.aarch64.rpm

SHA-256: f1ef917d3e0d54bfda49441ec3a08f38025a0b671b05c057e753fb74f18f8e6a

openvswitch2.17-test-2.17.0-32.3.el9fdp.noarch.rpm

SHA-256: 6e02cb5f1a3c815e557577119a0589b9aed4cf2c862626b5f1d87ad48f3c5d53

python3-openvswitch2.17-2.17.0-32.3.el9fdp.aarch64.rpm

SHA-256: 576311f5bb48d817265ff17e15ecf3dac7b6cf18ad98a102d94fb39bae514e30

python3-openvswitch2.17-debuginfo-2.17.0-32.3.el9fdp.aarch64.rpm

SHA-256: 0b538ce994e9d7551691b6289e2a28869e8bb9304ebe6d5b01764bf1a05c839d

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2023-0168-01

Red Hat Security Advisory 2023-0168-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0172-01

Red Hat Security Advisory 2023-0172-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

RHSA-2023:0171: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2023:0170: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2023:0166: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2022:8263: Red Hat Security Advisory: dpdk security and bug fix update

An update for dpdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3839: DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-28199: dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service

Red Hat Security Advisory 2022-7268-01

Red Hat Security Advisory 2022-7268-01 - An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Issues addressed include a denial of service vulnerability.

RHSA-2022:6850: Red Hat Security Advisory: openvswitch2.11 security update

An update for openvswitch2.11 is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

Red Hat Security Advisory 2022-6551-01

Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...

RHSA-2022:6551: Red Hat Security Advisory: Red Hat Virtualization security update

An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...

Ubuntu Security Notice USN-5608-1

Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2022-6385-01

Red Hat Security Advisory 2022-6385-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6386-01

Red Hat Security Advisory 2022-6386-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

RHSA-2022:6384: Red Hat Security Advisory: openvswitch2.13 security update

An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2022:6385: Red Hat Security Advisory: openvswitch2.15 security update

An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2022:6383: Red Hat Security Advisory: openvswitch2.17 security update

An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2022:6382: Red Hat Security Advisory: openvswitch2.16 security update

An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

CVE-2022-2132: Invalid Bug ID

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.