This update for openvswitch fixes the following issues:
* CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may
lead to denial of service (bsc#1255435)
## Patch Instructions:
To install this SUSE update use the SUSE recommended installation methods like
YaST online_update or "zypper patch".
Alternatively you can run the command listed for your product:
* openSUSE Leap 15.4
zypper in -t patch SUSE-2026-660=1
* openSUSE Leap 15.4 (aarch64 ppc64le s390x x86_64 i586)
* openvswitch-test-2.14.2-150400.24.29.1
* ovn-docker-20.06.2-150400.24.29.1
* ovn-central-debuginfo-20.06.2-150400.24.29.1
* openvswitch-2.14.2-150400.24.29.1
* openvswitch-vtep-debuginfo-2.14.2-150400.24.29.1
* openvswitch-pki-2.14.2-150400.24.29.1
* ovn-20.06.2-150400.24.29.1
* python3-ovs-2.14.2-150400.24.29.1
* libopenvswitch-2_14-0-debuginfo-2.14.2-150400.24.29.1
* libovn-20_06-0-20.06.2-150400.24.29.1
* libopenvswitch-2_14-0-2.14.2-150400.24.29.1
* openvswitch-test-debuginfo-2.14.2-150400.24.29.1
* ovn-vtep-20.06.2-150400.24.29.1
* openvswitch-debuginfo-2.14.2-150400.24.29.1
* ovn-vtep-debuginfo-20.06.2-150400.24.29.1
* openvswitch-devel-2.14.2-150400.24.29.1
* ovn-host-20.06.2-150400.24.29.1
* ovn-devel-20.06.2-150400.24.29.1
* openvswitch-ipsec-2.14.2-150400.24.29.1
* openvswitch-debugsource-2.14.2-150400.24.29.1
* libovn-20_06-0-debuginfo-20.06.2-150400.24.29.1
* openvswitch-vtep-2.14.2-150400.24.29.1
* ovn-central-20.06.2-150400.24.29.1
*...
Read the Full Advisory* bsc#1255435
## References:
* https://www.suse.com/security/cve/CVE-2024-2182.html
* https://bugzilla.suse.com/show_bug.cgi?id=1255435
Get the latest Linux and open source security news straight to your inbox.