Headline
RHSA-2022:6383: Red Hat Security Advisory: openvswitch2.17 security update
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-09-07
Updated:
2022-09-07
RHSA-2022:6383 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: openvswitch2.17 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.
Security Fix(es):
- dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Fast Datapath 8 x86_64
- Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8 ppc64le
- Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8 s390x
- Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8 aarch64
Fixes
- BZ - 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Enterprise Linux Fast Datapath 8
SRPM
openvswitch2.17-2.17.0-37.3.el8fdp.src.rpm
SHA-256: af8864a136dde8da44d0bd406342b6e52d48e1d8000caeccdbd1887e715d1cef
x86_64
network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: c35d4cadf7a40acf49986bb8c0be7f7dc813da8e7f00f6e791c7d05df51ab6d3
openvswitch2.17-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: 7040a475a5f112849071ddc3890c3f9d477a00e8ba7089c488e832011e555a5f
openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: 5e09ebfe92ee539ffff622b077d3d1d93c1b721b6ee968ab0a1be3e997931751
openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: 6e18ce0650ac45bf11378ac38e343a32870148d1fa75062492fb0a19086674cf
openvswitch2.17-devel-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: 75552f49196b240b55bb73c7c8ae0a5e2d96dd11424a8eddf943a657b1cd4b2f
openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: 3c21cbef05b8396b0b0687a7d26444ad5d5676602ccaaca04658f0432e446070
openvswitch2.17-test-2.17.0-37.3.el8fdp.noarch.rpm
SHA-256: adc772c772af65f57cfdf8dd907e0e7d808bd7e08c2bb844a38a9842bfef4941
python3-openvswitch2.17-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: 4ce1389974aeb3adf36886d832f7e9d912d91f425163a9614c5f1008ecbcd743
python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.x86_64.rpm
SHA-256: 3f98f35edbc632f98678018860435dd42a5ad99af577fa8bc932dfa58e5bab12
Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8
SRPM
openvswitch2.17-2.17.0-37.3.el8fdp.src.rpm
SHA-256: af8864a136dde8da44d0bd406342b6e52d48e1d8000caeccdbd1887e715d1cef
ppc64le
network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: c3c0df419281712fd64093fb76499fd491f7c4a76d77e9dc9b116eb48c775b98
openvswitch2.17-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: f18e6d5fb9509ffd746f040b0411f8e56cc0aae7492c7f652782c8f5fad8e5f5
openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: 909168a52f260730aa915955ba9c6b92e506d26732123c330913f175c023956a
openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: 7745350da3645b6ecdc7c7f40cf3efddcd6ea523c2161e632a115940cbe01317
openvswitch2.17-devel-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: 9c9fd3f43e59c652818a38cdfd82ec215f8370ff305fe7a3835b2db68d5e05b4
openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: 1170a1fc61f3f8d6c258072f01d670f2a91ded62a86fb0be245bdc81746dce78
openvswitch2.17-test-2.17.0-37.3.el8fdp.noarch.rpm
SHA-256: adc772c772af65f57cfdf8dd907e0e7d808bd7e08c2bb844a38a9842bfef4941
python3-openvswitch2.17-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: e66645bfb639665ae7ac8f672f396f7168a9f6cf366c9f4b6a2ad49b47333805
python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.ppc64le.rpm
SHA-256: 48052961c71f227103e425575c3b36694fb4fa7c3fdc4846f6015ae8553054ba
Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8
SRPM
openvswitch2.17-2.17.0-37.3.el8fdp.src.rpm
SHA-256: af8864a136dde8da44d0bd406342b6e52d48e1d8000caeccdbd1887e715d1cef
s390x
network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: fc93ab766cc6a3a2801ebbede28b4aabc7396ba2ffc42d752bf29158d4868bc0
openvswitch2.17-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: 5ae2fb8ded17ec9944fb6d878c446730f90cd5475e8fb52cf81de3ca7d6b368a
openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: 1d810bb7e662764e93dc933ac16b2158f60e29f978cfd835d5ddc27413c324f1
openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: a0fcd12f68dc7c8b4daee32b519759a0139cf80f6e07a2ece7681ccdf76562d9
openvswitch2.17-devel-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: cc6ad1ee5a60638c656c47ed382d6aff8f2192a8d67f3230513ff68381bfc0cd
openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: 12b16a8eb8aeb6380e56dddc35d9ad3306e9fd5e2af5a2647a3a7135b8db5d44
openvswitch2.17-test-2.17.0-37.3.el8fdp.noarch.rpm
SHA-256: adc772c772af65f57cfdf8dd907e0e7d808bd7e08c2bb844a38a9842bfef4941
python3-openvswitch2.17-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: 6dd154f87454f92e0b34f01d1155e2a68608f42c0b70673ef9989e3fbd712191
python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.s390x.rpm
SHA-256: fe070af63649a3d1970555eec0ec7be0f1877bb461e4268e04f993037de221c8
Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8
SRPM
openvswitch2.17-2.17.0-37.3.el8fdp.src.rpm
SHA-256: af8864a136dde8da44d0bd406342b6e52d48e1d8000caeccdbd1887e715d1cef
aarch64
network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 65c6e3e7d1c43144983ff398faaccb94d163cc344e09703438603525914bf69d
openvswitch2.17-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 95d8b9cc41997ee3883c271c68aaf833ccb840a5c278f893e1857444272fd340
openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 4eecf7f8b5a1de3b460f4230651e86ddd9f0713222f07b03a35b174ff90a906a
openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 1baf5b485fe20538fe54425b6bf55c7daec0c4c5f54ea15fccff2d3a51ba725f
openvswitch2.17-devel-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 4e9413885c2488b3068d3281e800050950950e8c08e7966d2a7281b1f1bbf23a
openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 1fdf75e23fdb98ef549ec506635ee451b208efff30749141bdcd290697a45c16
openvswitch2.17-test-2.17.0-37.3.el8fdp.noarch.rpm
SHA-256: adc772c772af65f57cfdf8dd907e0e7d808bd7e08c2bb844a38a9842bfef4941
python3-openvswitch2.17-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 4f2426b9f2b0168ff6d8a9365a2d28c7a9f31458b12723fda9cfb2fee7a0a543
python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.aarch64.rpm
SHA-256: 2203310e0a5d239506f65652b4548079254434257b4092517fe11ef1ad53e2ee
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-0167-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0170-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0169-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
An update for dpdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3839: DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-28199: dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
Red Hat Security Advisory 2022-7268-01 - An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6850-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6551-01 - The redhat-virtualization-host packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. The ovirt-node-ng packages provide the Red Hat Virtualization Host. These packages include redhat-release-virtualization-host, ovirt-node, and rhev-hypervisor. Red Hat Virtualization Hosts are installed using a special build of Red Hat Enterprise Linux with only the packages required to host virtual machines. RHVH features a Cockpit user interface for monitoring the host's resources and performing administrative tasks. Issues addressed include denial of service, information leakage, privilege escalation, and use-after...
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...
Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.
Red Hat Security Advisory 2022-6382-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6384-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6385-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6383-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6386-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.