Headline
RHSA-2022:6384: Red Hat Security Advisory: openvswitch2.13 security update
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Related CVEs:
- CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Skip to navigation Skip to main content
Utilities
- Subscriptions
- Downloads
- Containers
- Support Cases
Infrastructure and Management
- Red Hat Enterprise Linux
- Red Hat Virtualization
- Red Hat Identity Management
- Red Hat Directory Server
- Red Hat Certificate System
- Red Hat Satellite
- Red Hat Subscription Management
- Red Hat Update Infrastructure
- Red Hat Insights
- Red Hat Ansible Automation Platform
Cloud Computing
- Red Hat OpenShift
- Red Hat CloudForms
- Red Hat OpenStack Platform
- Red Hat OpenShift Container Platform
- Red Hat OpenShift Data Science
- Red Hat OpenShift Online
- Red Hat OpenShift Dedicated
- Red Hat Advanced Cluster Security for Kubernetes
- Red Hat Advanced Cluster Management for Kubernetes
- Red Hat Quay
- Red Hat CodeReady Workspaces
- Red Hat OpenShift Service on AWS
Storage
- Red Hat Gluster Storage
- Red Hat Hyperconverged Infrastructure
- Red Hat Ceph Storage
- Red Hat OpenShift Data Foundation
Runtimes
- Red Hat Runtimes
- Red Hat JBoss Enterprise Application Platform
- Red Hat Data Grid
- Red Hat JBoss Web Server
- Red Hat Single Sign On
- Red Hat support for Spring Boot
- Red Hat build of Node.js
- Red Hat build of Thorntail
- Red Hat build of Eclipse Vert.x
- Red Hat build of OpenJDK
- Red Hat build of Quarkus
Integration and Automation
- Red Hat Process Automation
- Red Hat Process Automation Manager
- Red Hat Decision Manager
All Products
Issued:
2022-09-07
Updated:
2022-09-07
RHSA-2022:6384 - Security Advisory
- Overview
- Updated Packages
Synopsis
Important: openvswitch2.13 security update
Type/Severity
Security Advisory: Important
Red Hat Insights patch analysis
Identify and remediate systems affected by this advisory.
View affected systems
Topic
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Description
Open vSwitch provides standard network bridging functions and support for
the OpenFlow protocol for remote per-flow control of traffic.
Security Fix(es):
- dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Affected Products
- Red Hat Enterprise Linux Fast Datapath 8 x86_64
- Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8 ppc64le
- Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8 s390x
- Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8 aarch64
Fixes
- BZ - 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Enterprise Linux Fast Datapath 8
SRPM
openvswitch2.13-2.13.0-193.2.el8fdp.src.rpm
SHA-256: 28775b5ea41b12d634077ee6e9d76192e58808ce28e391b3266fbaf3c7a47a0b
x86_64
network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: 1f981d25c149c045428bd8619c5054aadf81002facafb97469fd122f2aefddc9
openvswitch2.13-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: a7581259533ccaad202d81024b63d703a6ba4d575caaab8e7f7d9d0911ed64b4
openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: b8d4b8a92287aded742d0ac146706a65692a5881187eaed65f65e6646cc58646
openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: 371c96a9a1c5ebd2c11d419ae744d10b6003e2132faa9d39e2f261cbedc99437
openvswitch2.13-devel-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: 87b478a3534dfc28cdecc4f0cd8579cbdd3066b1c78b70513542e5f94cb15d19
openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: b925558abcc15a13e345520b8e4911449bb3fd83b38124f7f94fcadc51295431
openvswitch2.13-test-2.13.0-193.2.el8fdp.noarch.rpm
SHA-256: 6a3e3a7de0990cbc3b546e6e25c3541cc265b22c3dec83b4fdbc6a8c25b40198
python3-openvswitch2.13-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: 90a1f422d45c47adc904c04fb9d71789f0ffc0357bdfbedc2cfce76b5e01cb72
python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.x86_64.rpm
SHA-256: 83345c2b2610b61c11de65ea046fa1a477229b9f60891715783c774615120369
Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 8
SRPM
openvswitch2.13-2.13.0-193.2.el8fdp.src.rpm
SHA-256: 28775b5ea41b12d634077ee6e9d76192e58808ce28e391b3266fbaf3c7a47a0b
ppc64le
network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: 7a110437b9290174be7ac18992ae8bde095fadc7bbcda464f20cf62219dbabbe
openvswitch2.13-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: 20f5c7451e5daed35eda02ad2c99a9fceb17a758d9cd058b26cc98242636a885
openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: dbedaaa00d21e60ac6a0d7681f700f357a5fcdf7902a95791993122c5c102038
openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: 671af2cf7ccd7c276571f8f229a7ceda54fa97222ac9571863109c8c697b75a5
openvswitch2.13-devel-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: 09f89563af675183bbc479ec860ba98a774d04625e953729deb3dd8b82fb49b5
openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: 9bb0d005bc87aa1a606e427b8d351301b01bdfe56a56c5a1459eecb469ec69c6
openvswitch2.13-test-2.13.0-193.2.el8fdp.noarch.rpm
SHA-256: 6a3e3a7de0990cbc3b546e6e25c3541cc265b22c3dec83b4fdbc6a8c25b40198
python3-openvswitch2.13-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: 6cfe71f93dfc630cc5e669b565a059e1a41897a3741ea9feabc89065422c310a
python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.ppc64le.rpm
SHA-256: 370bfe168418ab0f45892b165de727a7054f8cb0bb56f1ce225f247c6b9187ba
Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 8
SRPM
openvswitch2.13-2.13.0-193.2.el8fdp.src.rpm
SHA-256: 28775b5ea41b12d634077ee6e9d76192e58808ce28e391b3266fbaf3c7a47a0b
s390x
network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: d1585e9bd850f6e047f57ec6225804651c5179e3715f8e1066e1b347b8b4f5e6
openvswitch2.13-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: 318c9ac72b30277dc04847f184564cf9f710b70f3b2b6fb06e858cadb5c4f70e
openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: a7c932c4e0ae1d98eeb988174762c292114573ae4542f52bf16ce5e2bf8ecb88
openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: 22c67774c821b87fe5f58a6710fc198cea5766a92c16ac201b7a8d7d50c0e353
openvswitch2.13-devel-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: c7aa85b14d97011ca201d1383565cb1a909a4db92f72929e7c2670e869798f47
openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: bba0a8e11cbcc15a386c867a30e05ecc4cf3f066902a78c40551b13e942bb67c
openvswitch2.13-test-2.13.0-193.2.el8fdp.noarch.rpm
SHA-256: 6a3e3a7de0990cbc3b546e6e25c3541cc265b22c3dec83b4fdbc6a8c25b40198
python3-openvswitch2.13-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: a458143948ab60c18e398cde709f859010e5cbbc92f5226695cf0f7c8a5a3ffd
python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.s390x.rpm
SHA-256: e8629991ab8385d2385e076ab7cd138639079b2dd004323d2311f7ee6ad3af20
Red Hat Enterprise Linux Fast Datapath (for RHEL for ARM 64) 8
SRPM
openvswitch2.13-2.13.0-193.2.el8fdp.src.rpm
SHA-256: 28775b5ea41b12d634077ee6e9d76192e58808ce28e391b3266fbaf3c7a47a0b
aarch64
network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: cf82effe594cbf77b104999e8f567f9f293f08db518cade51341cb6ba5f4fe33
openvswitch2.13-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: eb38bcf7d219bba1b11e1004eb7042f4e774b0a008527c57cf6cd38fde5b4ef4
openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: 20c68c7e808abe367d53dfe37f503d35735e11b5fe2858adc1a91e1c615f118d
openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: 2c95270756c6ee38dac08427519594a6cf54bb90939f719ced3578c894977a8d
openvswitch2.13-devel-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: 34b100e6582d55790b3ffada0595a3a338fc13b09460604319747bdd3378aad5
openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: 19682398c26fd1fd681b367410f24eaa747c0cf0a7ef8f4c03e3ac92a146da42
openvswitch2.13-test-2.13.0-193.2.el8fdp.noarch.rpm
SHA-256: 6a3e3a7de0990cbc3b546e6e25c3541cc265b22c3dec83b4fdbc6a8c25b40198
python3-openvswitch2.13-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: 09d6374ec7b8c04c8ab6df5e3cb6b81b6fadd8ad153ae8fa121fdc1c8115017e
python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.aarch64.rpm
SHA-256: 35d933036d192c9e37ff001f97df818fe916e3ece66b458144bb56ec7d1c54ff
The Red Hat security contact is [email protected]. More contact details at https://access.redhat.com/security/team/contact/.
Related news
Red Hat Security Advisory 2023-0167-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0166-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2023-0172-01 - The dpdk packages provide the Data Plane Development Kit, which is a set of libraries and drivers for fast packet processing in the user space. Issues addressed include a denial of service vulnerability.
An update for dpdk is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 9.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 8.1 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 7 Extras. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for dpdk is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2021-3839: DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-28199: dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service
An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
Red Hat Security Advisory 2022-6850-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
An update for openvswitch2.11 is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for redhat-release-virtualization-host, redhat-virtualization-host, and redhat-virtualization-host-productimg is now available for Red Hat Virtualization 4 for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-1012: kernel: Small table perturb size in the TCP source port generation algorithm can lead to information leak * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs * CVE-2022-...
Ubuntu Security Notice 5608-1 - It was discovered that DPDK incorrectly handled certain Vhost headers. A remote attacker could possibly use this issue to cause a denial of service.
Red Hat Security Advisory 2022-6382-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6384-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6385-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6383-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
Red Hat Security Advisory 2022-6386-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Issues addressed include a denial of service vulnerability.
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.15 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original. Related CVEs: * CVE-2022-2132: dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs
A permissive list of allowed inputs flaw was found in DPDK. This issue allows a remote attacker to cause a denial of service triggered by sending a crafted Vhost header to DPDK.