Headline
RHSA-2022:6385: Red Hat Security Advisory: openvswitch2.15 security update
An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-09-07
Updated:
2022-09-07
RHSA-2022:6385 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: openvswitch2.15 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.
Security Fix(es):
- dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Fast Datapath 8 x86_64
- Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8 ppc64le
- Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8 s390x
- Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8 aarch64
Fixes
- BZ - 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Enterprise Linux Fast Datapath 8
SRPM
openvswitch2.15-2.15.0-113.2.el8fdp.src.rpm
SHA-256: e7fcd55a39f3c87ff9ca72186495e44309d4b0ad3a00b3fd250f0e2d13e98f82
x86_64
network-scripts-openvswitch2.15-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: e8374c407e415c581fc0a24ab9170f653205ac4a4a655d74f30de948bbf8bcff
openvswitch2.15-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: 9a3cb293dd231c3b10fdcdef1ac5195db9cb84c891294f2c21a0bf5340fc9c39
openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: cf58ec69b5835d50d131491d1845586ae11a779081cf0c613acb0799debf7d9c
openvswitch2.15-debugsource-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: 86c7af16cf4a6f981ad3154f7874a756c448ac3d5582deaba1361206538b5169
openvswitch2.15-devel-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: 76ed9e846bde98256774b61811974954259f7739a9735b585f46865e8294e15e
openvswitch2.15-ipsec-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: c679f52cb134f62778f9d976076b9442109c5a1d5dfe929e5072b28119b26aea
openvswitch2.15-test-2.15.0-113.2.el8fdp.noarch.rpm
SHA-256: 684be1eaa426e95af383a3becc0653e4a0ae252ec2a603584d77a6a48d54b84a
python3-openvswitch2.15-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: 2e20e4e528ac177503c8ddcc64204178f0d82bcf3eba0183910941d5e5526ab9
python3-openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.x86_64.rpm
SHA-256: ef03e35ec942e1b9cbfd656929a0370295ba2aebc72e540848750e5fd1e9b4ac
Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8
SRPM
openvswitch2.15-2.15.0-113.2.el8fdp.src.rpm
SHA-256: e7fcd55a39f3c87ff9ca72186495e44309d4b0ad3a00b3fd250f0e2d13e98f82
ppc64le
network-scripts-openvswitch2.15-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: 43582c8dfe5445c472e541151cb621b0785a91feca10ffb1557281ffa565e87c
openvswitch2.15-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: c37282b653ae040ff9746f727ec28e576eb951f9b24af17d295cecd4db6e2e12
openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: 7ad76c28c4666f56e788e6a473fcd562fb435b6a5364a3a5088f92833cc30661
openvswitch2.15-debugsource-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: 567764b6ca1a3fe1e45df4dd0c957ad3ec07bdc2d40f2f8001a44c18ef38c955
openvswitch2.15-devel-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: 004ae686bce17b749f6555a1fa633b3a3512088ff2f90fd353ee107787888eff
openvswitch2.15-ipsec-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: 4a8f451d1f2565dee903e196b7f526a097e00d8d5c534f89d0826acae0a387ec
openvswitch2.15-test-2.15.0-113.2.el8fdp.noarch.rpm
SHA-256: 684be1eaa426e95af383a3becc0653e4a0ae252ec2a603584d77a6a48d54b84a
python3-openvswitch2.15-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: 24a8f437dc0ad2a86af5475d84f57822b3bd9b9b9f1557a1b7745a50ac804e7b
python3-openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.ppc64le.rpm
SHA-256: dcaf02f086bc1a296070d0dc69aa56ceb580cd0312910f3b1ad048a7b46b73eb
Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8
SRPM
openvswitch2.15-2.15.0-113.2.el8fdp.src.rpm
SHA-256: e7fcd55a39f3c87ff9ca72186495e44309d4b0ad3a00b3fd250f0e2d13e98f82
s390x
network-scripts-openvswitch2.15-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: 7b69d465f6ea28e9b75f14ed5197879b39a1fc43915fd38a781208324058583c
openvswitch2.15-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: b67005a2f81a7f946990b7cf0ee0ef86fcd0c4d30e5623020ce9befaa73ace16
openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: b39f0020699ed0975dd5ed9326c04ce7456a0f3e2123d5c475211a6ac8c62b41
openvswitch2.15-debugsource-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: 1ba59ba6b1b7992bbe73f3000fedd049941ff88778079d01591769a8a3a1eb73
openvswitch2.15-devel-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: 50502a27540e631dc6823399a48232735a667e590fb2d46844dd2bbc8671a438
openvswitch2.15-ipsec-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: e93f6163b9d9c627f859a00fd484141d57b13834abbc05d5ef0b2e0008598195
openvswitch2.15-test-2.15.0-113.2.el8fdp.noarch.rpm
SHA-256: 684be1eaa426e95af383a3becc0653e4a0ae252ec2a603584d77a6a48d54b84a
python3-openvswitch2.15-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: 03081adedba6f9556a5c68834dadd313559b696aa71c4b4d1dd7456b19c3080a
python3-openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.s390x.rpm
SHA-256: c4b0fe1b48922db9181b8966c821bef6669aa74543dd8cfffad435f5fd5a4b2a
Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8
SRPM
openvswitch2.15-2.15.0-113.2.el8fdp.src.rpm
SHA-256: e7fcd55a39f3c87ff9ca72186495e44309d4b0ad3a00b3fd250f0e2d13e98f82
aarch64
network-scripts-openvswitch2.15-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: dac2224726322d18469b3557ca90dd17b2536244bfb05925f7df1d27a7e3639e
openvswitch2.15-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: d7969636bc50601a6ca36931ae59ac2b8bfb7fcfd0073ac0c1b15e53de526aed
openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: 29bf5fa34d06b2ffcbe285011873815e696186b98dfb6e7483b7a07aff1ddc6c
openvswitch2.15-debugsource-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: a508b76bef654ad9bf3550f59f1deaea83a4ee195170bd3dc8c694acd080f854
openvswitch2.15-devel-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: 035915f944582c53256635c6fadc92ba8abdea47ffc19a2ba3d5c2b9eac13cea
openvswitch2.15-ipsec-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: b68a83fe0d8858ce104b99db3693f8340f28ee7b90846840afb89e5a28cf62ef
openvswitch2.15-test-2.15.0-113.2.el8fdp.noarch.rpm
SHA-256: 684be1eaa426e95af383a3becc0653e4a0ae252ec2a603584d77a6a48d54b84a
python3-openvswitch2.15-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: 3df75789faf7dc25c29e8b5f782e8475013e63cea8db7f062f2096fa86a0f3c6
python3-openvswitch2.15-debuginfo-2.15.0-113.2.el8fdp.aarch64.rpm
SHA-256: 2ad6dfb9819aa26a4c8a2306a653aed75ec0e2fe1c31c3f3fd46f14f90e786ca
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-0168-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0169-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
An update for dpdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Security Advisory 2022-6850-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
An update for openvswitch2.11 is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...
Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.
Red Hat Security Advisory 2022-6382-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6384-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6383-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6386-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.