Security
Headlines
HeadlinesLatestCVEs

Headline

RHSA-2022:6382: Red Hat Security Advisory: openvswitch2.16 security update

An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.

Related CVEs:

  • CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Security Data
#vulnerability#web#linux#red_hat#nodejs#js#java#kubernetes#aws#ibm

Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager

All Products

Issued:

2022-09-07

Updated:

2022-09-07

RHSA-2022:6382 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Important: openvswitch2.16 security update

Type/Severity

Security Advisory: Important

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8.

Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

  • dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Affected Products

  • Red Hat Enterprise Linux Fast Datapath 8 x86_64
  • Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8 ppc64le
  • Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8 s390x
  • Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8 aarch64

Fixes

  • BZ - 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

Red Hat Enterprise Linux Fast Datapath 8

SRPM

openvswitch2.16-2.16.0-89.2.el8fdp.src.rpm

SHA-256: 98b8c2842d8961e15a8cdde3b7619c38cf93f865b55b0eb9f75d94d941ecb153

x86_64

network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: b5ffe113b13f4c12b4689b8de94f3eb244008e94411a0b48a45594dfe2ef8924

openvswitch2.16-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: 3e0603f465622734935aed426808272422b4d86163d504f3f30096cc650ca81a

openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: e454ae564ee686ed0050f280c81962461b052b964b9bb03a0f3e47d0f9dc5720

openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: 60e67e012322fe72d3e06ceb8e1880b37d9ce7b58a2a8203b9e0e0046b0b95be

openvswitch2.16-devel-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: ba2312bd6d5724ec396d0f0a188a35a38fdddb7d7740ec04dad8fa470ba72143

openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: 6c630292c0299f88f0005df5fbd43b3a340e4b7b048379f0556a25da08d1248e

openvswitch2.16-test-2.16.0-89.2.el8fdp.noarch.rpm

SHA-256: c00b451bb3c1ec0d949063e337a5f39a336bd047c2c85e91ac827a35655e0a23

python3-openvswitch2.16-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: d84d6adbe416c5f3e7b2b1b55687cc1cf00461a2fc71e53da76d85cac3d2a7af

python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.x86_64.rpm

SHA-256: a7aa26b3b331962c11e226f6300345fda2a458bed84c1b80d8ab5545b6ce584e

Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8

SRPM

openvswitch2.16-2.16.0-89.2.el8fdp.src.rpm

SHA-256: 98b8c2842d8961e15a8cdde3b7619c38cf93f865b55b0eb9f75d94d941ecb153

ppc64le

network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: 2b6880160ceaa95beded6fe313ce81b7d03557d14a0560d18006adc280378f81

openvswitch2.16-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: a816b08a613baab77c69a38e990fecf50aa28f4390f2f1424218298f0221f04c

openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: b94f7a3b046c1d28407eb4e0a8cd49e2c897a53b7b3237dbc14f88e527cb0f3e

openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: dd19906d328e84cd60795ebfc5269d0d542ed0809017f459684fd3ab734e6da9

openvswitch2.16-devel-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: b4038405fa0b3d8e3923e8eb6c0b990f850d90b9e01ac7a667551cc62a2acf32

openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: f463d77c2dc7ab2247bf13b74086f0b008991a2fa73c437e0065cbb96f70cfb7

openvswitch2.16-test-2.16.0-89.2.el8fdp.noarch.rpm

SHA-256: c00b451bb3c1ec0d949063e337a5f39a336bd047c2c85e91ac827a35655e0a23

python3-openvswitch2.16-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: d9af7355b3f87a652f3afb0dbcf45399aad6748049287c22519b3786e999c7ec

python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.ppc64le.rpm

SHA-256: 282b0ec74b931e96f325cd403bb81e21f00b337cd62a12ffff6aa35d15909426

Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8

SRPM

openvswitch2.16-2.16.0-89.2.el8fdp.src.rpm

SHA-256: 98b8c2842d8961e15a8cdde3b7619c38cf93f865b55b0eb9f75d94d941ecb153

s390x

network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: 5815098c1b2633a6f1da3c157d55191fee60638a90d26b0fb58302b896783449

openvswitch2.16-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: bd4d3e62c71e03223ce74e4855fd757e389aaa9fc0961d079fa1a258c67e8868

openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: 541306f014b33c1433168848ca14bb3887ca858c0b9cd471f84271c7a26fe146

openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: 6eb8e5f37c286a7be0986ec540a8e8a16475a14f0672262a3ea950c9b94ddb17

openvswitch2.16-devel-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: 6ae0e830cc5e864fa7ae6c02c11695b195b3d12b5b863f4c8b3cd4e7644ce855

openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: c9900cde443fb7f31760822d447c3929f0128582fbd228cf4813cd6f9c373830

openvswitch2.16-test-2.16.0-89.2.el8fdp.noarch.rpm

SHA-256: c00b451bb3c1ec0d949063e337a5f39a336bd047c2c85e91ac827a35655e0a23

python3-openvswitch2.16-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: 5712480c974ad8944eacf73781ff20e348629a9b4fdebce16f8189fa918e8b19

python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.s390x.rpm

SHA-256: f272d663ceebce365183bc49d46f196dd09e2e8989bab2001b9a52ba0bee018c

Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8

SRPM

openvswitch2.16-2.16.0-89.2.el8fdp.src.rpm

SHA-256: 98b8c2842d8961e15a8cdde3b7619c38cf93f865b55b0eb9f75d94d941ecb153

aarch64

network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: fba257536cf268f5611f9625f709f82c1ae768b8269e535a77ca014330f2e9b0

openvswitch2.16-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: 443d7c211cfe897ceea51f14900f1c757aed183fe14ed438262b236fb74cbea5

openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: 893c76a484fe7e5b43a9af18c3edc5e5ea77da38b8e2907f05064616148a333e

openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: a3c915a8856c450c17568b6fdd6968f437e819ee2868755eed059401cfcbf647

openvswitch2.16-devel-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: d4652fd263e2e2098686550e04fe2f005f1065e23c212026d00a45b6f0d170ea

openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: e2f5bd272aeb1487e60323b49a3a0b627ee2ff34577430f31fa6c142fb974277

openvswitch2.16-test-2.16.0-89.2.el8fdp.noarch.rpm

SHA-256: c00b451bb3c1ec0d949063e337a5f39a336bd047c2c85e91ac827a35655e0a23

python3-openvswitch2.16-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: 5ad0bfbc0075939c037e96f088527ee12bbf823ae43abe0368813ee70afbe2f3

python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.aarch64.rpm

SHA-256: 55d736f6a376121e1e26d589b8c2cbccda79ebbcd72a13ae846a556683266259

The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.

Related news

Red Hat Security Advisory 2023-0168-01

Red Hat Security Advisory 2023-0168-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2023-0172-01

Red Hat Security Advisory 2023-0172-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.

RHSA-2023:0171: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2023:0170: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2023:0166: Red Hat Security Advisory: dpdk security update

An update for dpdk is now available for Red Hat Enterprise Linux 8.2 Advanced Update Support, Red Hat Enterprise Linux 8.2 Telecommunications Update Service, and Red Hat Enterprise Linux 8.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2022:7268: Red Hat Security Advisory: Red Hat OpenStack Platform 13.0 (openvswitch2.11) security update

An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

Red Hat Security Advisory 2022-6850-01

Red Hat Security Advisory 2022-6850-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6551-01

Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...

RHSA-2022:6551: Red Hat Security Advisory: Red Hat Virtualization security update

An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...

Ubuntu Security Notice USN-5608-1

Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.

Red Hat Security Advisory 2022-6382-01

Red Hat Security Advisory 2022-6382-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6384-01

Red Hat Security Advisory 2022-6384-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6385-01

Red Hat Security Advisory 2022-6385-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6383-01

Red Hat Security Advisory 2022-6383-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

Red Hat Security Advisory 2022-6386-01

Red Hat Security Advisory 2022-6386-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.

RHSA-2022:6384: Red Hat Security Advisory: openvswitch2.13 security update

An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2022:6386: Red Hat Security Advisory: openvswitch2.17 security update

An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

RHSA-2022:6385: Red Hat Security Advisory: openvswitch2.15 security update

An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs

CVE-2022-2132: Invalid Bug ID

A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.