Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found 2 articles for you...
98
security advisorymoderatesecurity updateCentOS: CESA-2023-1094-02 Low: kernel5.10 Security Update
An update for openvswitch2.17 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openvswitch2.17 security update Advisory ID: RHSA-2023:1769-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2023:1769 Issue date: 2023-04-13 CVE Names: CVE-2023-1668 ==================================================================== 1. Summary: An update for openvswitch2.17 is now available in Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 9 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * openvswitch: ip proto 0 triggers incorrect handling (CVE-2023-1668) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. Bug Fix(es): * [23.C RHEL-9] Fast Datapath Release (BZ#2177686) * [CT] Inner header of ICMP related traffic does not get DNATed (BZ#2178203) 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2137666 -CVE-2023-1668 openvswitch: ip proto 0 triggers incorrect handling 2177686 - [23.C RHEL-9] Fast Datapath Release 2178203 - [CT] Inner header of ICMP related traffic does not get DNATed 6. Package List: Fast Datapath for Red Hat Enterprise Linux 9: Source: openvswitch2.17-2.17.0-77.el9fdp.src.rpm aarch64: openvswitch2.17-2.17.0-77.el9fdp.aarch64.rpm openvswitch2.17-debuginfo-2.17.0-77.el9fdp.aarch64.rpm openvswitch2.17-debugsource-2.17.0-77.el9fdp.aarch64.rpm openvswitch2.17-devel-2.17.0-77.el9fdp.aarch64.rpm openvswitch2.17-ipsec-2.17.0-77.el9fdp.aarch64.rpm python3-openvswitch2.17-2.17.0-77.el9fdp.aarch64.rpm python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.aarch64.rpm noarch: openvswitch2.17-test-2.17.0-77.el9fdp.noarch.rpm ppc64le: openvswitch2.17-2.17.0-77.el9fdp.ppc64le.rpm openvswitch2.17-debuginfo-2.17.0-77.el9fdp.ppc64le.rpm openvswitch2.17-debugsource-2.17.0-77.el9fdp.ppc64le.rpm openvswitch2.17-devel-2.17.0-77.el9fdp.ppc64le.rpm openvswitch2.17-ipsec-2.17.0-77.el9fdp.ppc64le.rpm python3-openvswitch2.17-2.17.0-77.el9fdp.ppc64le.rpm python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.ppc64le.rpm s390x: openvswitch2.17-2.17.0-77.el9fdp.s390x.rpm openvswitch2.17-debuginfo-2.17.0-77.el9fdp.s390x.rpm openvswitch2.17-debugsource-2.17.0-77.el9fdp.s390x.rpm openvswitch2.17-devel-2.17.0-77.el9fdp.s390x.rpm openvswitch2.17-ipsec-2.17.0-77.el9fdp.s390x.rpm python3-openvswitch2.17-2.17.0-77.el9fdp.s390x.rpm python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.s390x.rpm x86_64: openvswitch2.17-2.17.0-77.el9fdp.x86_64.rpm openvswitch2.17-debuginfo-2.17.0-77.el9fdp.x86_64.rpm openvswitch2.17-debugsource-2.17.0-77.el9fdp.x86_64.rpm openvswitch2.17-devel-2.17.0-77.el9fdp.x86_64.rpm openvswitch2.17-ipsec-2.17.0-77.el9fdp.x86_64.rpm python3-openvswitch2.17-2.17.0-77.el9fdp.x86_64.rpm python3-openvswitch2.17-debuginfo-2.17.0-77.el9fdp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7.References: https://access.redhat.com/security/cve/CVE-2023-1668 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBZDfaINzjgjWX9erEAQgdjQ//RB88e003zD0P5VKlgcd8xQcxdHy8WkKp BksrNOZnjGEeUw3qyqjQaADC8SlmvEWCg7Vh3wxZvAE30nOQOHLZ3iZufvxHAxi3 0MSyKGolC2W7jCtgEA3TMVu3yx/Pb5sh02iRh32Bp4q7B76blUt+MqR/6APyAHFP EOxCrGL4Uif1rC96U1tlexErOmHRdE/hSso/mw5NtP6E5kt27qiNJEsQC4ep3Csi 61e6+T/dgH/cHso3t5JNX9zdijrSqJmXfc9G3gGxlfkYgUJo7su04Rpx757ufGi2 sMKR6cEJJKB7kfyhGFys8txsJhsXG5sAMuLDowHEPn/TBtRq734EFIL+A3ksMUTR RmBDUqgycibn3uHkG3MOG9/JhJbCp6xA2B8I74ygWezjvbnLqILHvOzWO8PgXypV wIwlGBdtcICL2ORDelPznaCf/SltjFrOg0cOxo1IPIMakHYRsEuocyEnzpRH7IVl 05x1i964/ur4B6j5m6qVJa9aX3eADHl2Tzkc9ykeYJ/Wv/W+LNksOTuxwRknGxn5 MmMrMO87eF7uxALARIlo6UjggmT38A39cy/rdrlmT0BUHafLGe8sz7vwhklRwoAw GoEsPaDmN4hotvh94Unf89SwSXKKp1S8XG1+DIl091Rg1nkcSudBoC3k4PmYRSY+ 7qP7ZWcYyvk=xchJ -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Apr 13, 2023
Red Hat
98
security advisorymoderatenetwork securityRedHat 9: RHSA-2023-0691 Moderate: Openvswitch2.17 Security Issues
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openvswitch2.17 security, bug fix and enhancement update Advisory ID: RHSA-2023:0691-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2023:0691 Issue date: 2023-02-09 CVE Names: CVE-2022-4337 CVE-2022-4338 ==================================================================== 1. Summary: An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 9 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * openvswitch: Out-of-Bounds Read in Organization Specific TLV (CVE-2022-4337) * openvswitch: Integer Underflow in Organization Specific TLV (CVE-2022-4338) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2155378 - CVE-2022-4337openvswitch: Out-of-Bounds Read in Organization Specific TLV 2155381 - CVE-2022-4338 openvswitch: Integer Underflow in Organization Specific TLV 2159419 - [ovs2.11][RHEL7.7] PF/VF Port statistics get over-run in OVS offload datapath 2162035 - [23.A RHEL-9] Fast Datapath Release 6. Package List: Fast Datapath for Red Hat Enterprise Linux 9: Source: openvswitch2.17-2.17.0-62.el9fdp.src.rpm aarch64: openvswitch2.17-2.17.0-62.el9fdp.aarch64.rpm openvswitch2.17-debuginfo-2.17.0-62.el9fdp.aarch64.rpm openvswitch2.17-debugsource-2.17.0-62.el9fdp.aarch64.rpm openvswitch2.17-devel-2.17.0-62.el9fdp.aarch64.rpm openvswitch2.17-ipsec-2.17.0-62.el9fdp.aarch64.rpm python3-openvswitch2.17-2.17.0-62.el9fdp.aarch64.rpm python3-openvswitch2.17-debuginfo-2.17.0-62.el9fdp.aarch64.rpm noarch: openvswitch2.17-test-2.17.0-62.el9fdp.noarch.rpm ppc64le: openvswitch2.17-2.17.0-62.el9fdp.ppc64le.rpm openvswitch2.17-debuginfo-2.17.0-62.el9fdp.ppc64le.rpm openvswitch2.17-debugsource-2.17.0-62.el9fdp.ppc64le.rpm openvswitch2.17-devel-2.17.0-62.el9fdp.ppc64le.rpm openvswitch2.17-ipsec-2.17.0-62.el9fdp.ppc64le.rpm python3-openvswitch2.17-2.17.0-62.el9fdp.ppc64le.rpm python3-openvswitch2.17-debuginfo-2.17.0-62.el9fdp.ppc64le.rpm s390x: openvswitch2.17-2.17.0-62.el9fdp.s390x.rpm openvswitch2.17-debuginfo-2.17.0-62.el9fdp.s390x.rpm openvswitch2.17-debugsource-2.17.0-62.el9fdp.s390x.rpm openvswitch2.17-devel-2.17.0-62.el9fdp.s390x.rpm openvswitch2.17-ipsec-2.17.0-62.el9fdp.s390x.rpm python3-openvswitch2.17-2.17.0-62.el9fdp.s390x.rpm python3-openvswitch2.17-debuginfo-2.17.0-62.el9fdp.s390x.rpm x86_64: openvswitch2.17-2.17.0-62.el9fdp.x86_64.rpm openvswitch2.17-debuginfo-2.17.0-62.el9fdp.x86_64.rpm openvswitch2.17-debugsource-2.17.0-62.el9fdp.x86_64.rpm openvswitch2.17-devel-2.17.0-62.el9fdp.x86_64.rpm openvswitch2.17-ipsec-2.17.0-62.el9fdp.x86_64.rpm python3-openvswitch2.17-2.17.0-62.el9fdp.x86_64.rpm python3-openvswitch2.17-debuginfo-2.17.0-62.el9fdp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details onhow to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-4337 https://access.redhat.com/security/cve/CVE-2022-4338 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY+RnytzjgjWX9erEAQh83hAAn7wZtp4GczoBt9pm1Cbl8ug0NFzax2Ve D1VedORejT43jl84X2tHGsMx95heFU0eCmIMD88Szqj9Vx3Yi3IZPX1htRNVb2mC 4u27n+uAaIGFVkNcx1aWfKO2qitYmCCSsg2zQenJqhe+Pt4gUmvRy2R7feiyW91Q u7xo3kHyaOof9J+87WWq+xxmEXp6gAOl7/pzClew38cq/f7bUmHiMZE4o+nlM6rJ jhCvDQSr4PVaHBqiHsh1dH4npuXqkBzlqi0uG2qgU4sAhfEMhmG0eI52q7TzUm4w ASCz3c6aOYLQq4e0CXrB4+tHf2tN1SJCA4YBjhvFnPUbidxfdAOqvImj3dAJAvvc Oc93W74Zb1zIxHBkRWeVNzOEKQT8WOHrAzMbWEYObndTvKcvv6xn582dIbwgT4oy Z62tl6VHDTbemWkN+BcTAIllIqyamhBNv9VgzUpIeIk9TGj5Mh7qDn2dL9pJv//o n4D9FUfal2elVLjFqlJ23m0nU9S6EYNGv8FisfUA32sFu2HxRRmDoC7AoBPxUzQj U5o8RIEPVnwWfjvuKC9LymDKRU4AQV11GIEGq6zEvZYP2A8j/oDpfEmTmg5NhUeI Z8QlezHTOyMfGjsFfkz+8MzKuwabA7phwvYk/MRRE81Pr7cpDebKHy37NfAhaEp9 w9uYO6IHLig=B0kT -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 09, 2023
Red Hat
98
security advisorymoderatesecurity updateRed Hat Enterprise Linux: RHSA-2023-0689-01 Moderate: Openvswitch Issues
An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openvswitch2.16 security, bug fix and enhancement update Advisory ID: RHSA-2023:0689-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2023:0689 Issue date: 2023-02-09 CVE Names: CVE-2022-4337 CVE-2022-4338 ==================================================================== 1. Summary: An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * openvswitch: Out-of-Bounds Read in Organization Specific TLV (CVE-2022-4337) * openvswitch: Integer Underflow in Organization Specific TLV (CVE-2022-4338) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2155378 - CVE-2022-4337openvswitch: Out-of-Bounds Read in Organization Specific TLV 2155381 - CVE-2022-4338 openvswitch: Integer Underflow in Organization Specific TLV 2162031 - [23.A RHEL-8] Fast Datapath Release 6. Package List: Fast Datapath for Red Hat Enterprise Linux8: Source: openvswitch2.16-2.16.0-111.el8fdp.src.rpm aarch64: network-scripts-openvswitch2.16-2.16.0-111.el8fdp.aarch64.rpm openvswitch2.16-2.16.0-111.el8fdp.aarch64.rpm openvswitch2.16-debuginfo-2.16.0-111.el8fdp.aarch64.rpm openvswitch2.16-debugsource-2.16.0-111.el8fdp.aarch64.rpm openvswitch2.16-devel-2.16.0-111.el8fdp.aarch64.rpm openvswitch2.16-ipsec-2.16.0-111.el8fdp.aarch64.rpm python3-openvswitch2.16-2.16.0-111.el8fdp.aarch64.rpm python3-openvswitch2.16-debuginfo-2.16.0-111.el8fdp.aarch64.rpm noarch: openvswitch2.16-test-2.16.0-111.el8fdp.noarch.rpm ppc64le: network-scripts-openvswitch2.16-2.16.0-111.el8fdp.ppc64le.rpm openvswitch2.16-2.16.0-111.el8fdp.ppc64le.rpm openvswitch2.16-debuginfo-2.16.0-111.el8fdp.ppc64le.rpm openvswitch2.16-debugsource-2.16.0-111.el8fdp.ppc64le.rpm openvswitch2.16-devel-2.16.0-111.el8fdp.ppc64le.rpm openvswitch2.16-ipsec-2.16.0-111.el8fdp.ppc64le.rpm python3-openvswitch2.16-2.16.0-111.el8fdp.ppc64le.rpm python3-openvswitch2.16-debuginfo-2.16.0-111.el8fdp.ppc64le.rpm s390x: network-scripts-openvswitch2.16-2.16.0-111.el8fdp.s390x.rpm openvswitch2.16-2.16.0-111.el8fdp.s390x.rpm openvswitch2.16-debuginfo-2.16.0-111.el8fdp.s390x.rpm openvswitch2.16-debugsource-2.16.0-111.el8fdp.s390x.rpm openvswitch2.16-devel-2.16.0-111.el8fdp.s390x.rpm openvswitch2.16-ipsec-2.16.0-111.el8fdp.s390x.rpm python3-openvswitch2.16-2.16.0-111.el8fdp.s390x.rpm python3-openvswitch2.16-debuginfo-2.16.0-111.el8fdp.s390x.rpm x86_64: network-scripts-openvswitch2.16-2.16.0-111.el8fdp.x86_64.rpm openvswitch2.16-2.16.0-111.el8fdp.x86_64.rpm openvswitch2.16-debuginfo-2.16.0-111.el8fdp.x86_64.rpm openvswitch2.16-debugsource-2.16.0-111.el8fdp.x86_64.rpm openvswitch2.16-devel-2.16.0-111.el8fdp.x86_64.rpm openvswitch2.16-ipsec-2.16.0-111.el8fdp.x86_64.rpm python3-openvswitch2.16-2.16.0-111.el8fdp.x86_64.rpm python3-openvswitch2.16-debuginfo-2.16.0-111.el8fdp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-4337 https://access.redhat.com/security/cve/CVE-2022-4338 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2023 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY+RntdzjgjWX9erEAQigPw/+LVeq7BITKn7Jgi+Lq5JaFqtJj4vcN2PK LdPyRhgumkTbpLzCXCXjVC4UXbOB9lFiISgwaGZdRkfDsaWM7yJ6b86ax5a3hmMD /bXg3ycW99v6haa/hxdk1gw9U7Z1FOWWoO/4NAy7l07/fTKK7+gIdZ+0m7ZxbvYE 4qv/yYPEce/XMk3ANoaEDz+mEwxsVuw34jmiwROGXmITgT9mcZgL45RuCfF1Cduc KJkdPX+PTU5kkXYXrF199kL3trL300hl6UkX85x+4Pd8wRcQdO5//W5gqX6Ug0TH PW8dFEl/S0IhnxWAk09/db8ycZE6mZO9RweiNJiBPGXteM7iK3ScYEnvBdCu1I/x hK5Z1WABIQ0Dkn1/vVynqOdphFFElNkOCRkDWnJCwOr5ZaBS6ps2OaHa6JGgq497 oJupugEny/Ioq10bh8pYYCqPZE+MbF3Zt5gvW6H3yYNpPk5fM6Z65YSd5Iyi7O3W xNYV5XTqiQnbOh9oC9cbHThxu0J1ws+jqnZBDOB9zfBKhWufYPHT2RowovdXhiO8 flObDGv5tDLD4O2RETiR63ubtWkOgaYXUzSFEM+fRXo+pTyjhV8Iv5mzjZKm13Co jRaytOsbaK2g055ZLJXIPiijy6JJ4XR7+m4Ba7JUV1gO4/pz3lp6cGTdXmaOWym0 QYgmRWSGEjY=sVoq -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Feb 09, 2023
Red Hat
98
security advisorymoderatered hat enterpriseRed Hat Enterprise Linux 8: RHSA-2022-6503 Update for Openvswitch 2.17 DoS
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openvswitch2.17 security update Advisory ID: RHSA-2022:6503-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2022:6503 Issue date: 2022-09-13 CVE Names: CVE-2022-28199 ==================================================================== 1. Summary: An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 9 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * dpdk: error recovery in mlx5 driver not handled properly, allowing for denial of service (CVE-2022-28199) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2123549 - CVE-2022-28199 dpdk: error recovery in mlx5 driver not handled properly, allowing for denial ofservice 6. Package List: Fast Datapath for Red Hat Enterprise Linux 9: Source: openvswitch2.17-2.17.0-32.4.el9fdp.src.rpm aarch64: openvswitch2.17-2.17.0-32.4.el9fdp.aarch64.rpm openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.aarch64.rpm openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.aarch64.rpm openvswitch2.17-devel-2.17.0-32.4.el9fdp.aarch64.rpm openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.aarch64.rpm python3-openvswitch2.17-2.17.0-32.4.el9fdp.aarch64.rpm python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.aarch64.rpm noarch: openvswitch2.17-test-2.17.0-32.4.el9fdp.noarch.rpm ppc64le: openvswitch2.17-2.17.0-32.4.el9fdp.ppc64le.rpm openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.ppc64le.rpm openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.ppc64le.rpm openvswitch2.17-devel-2.17.0-32.4.el9fdp.ppc64le.rpm openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.ppc64le.rpm python3-openvswitch2.17-2.17.0-32.4.el9fdp.ppc64le.rpm python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.ppc64le.rpm s390x: openvswitch2.17-2.17.0-32.4.el9fdp.s390x.rpm openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.s390x.rpm openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.s390x.rpm openvswitch2.17-devel-2.17.0-32.4.el9fdp.s390x.rpm openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.s390x.rpm python3-openvswitch2.17-2.17.0-32.4.el9fdp.s390x.rpm python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.s390x.rpm x86_64: openvswitch2.17-2.17.0-32.4.el9fdp.x86_64.rpm openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.x86_64.rpm openvswitch2.17-debugsource-2.17.0-32.4.el9fdp.x86_64.rpm openvswitch2.17-devel-2.17.0-32.4.el9fdp.x86_64.rpm openvswitch2.17-ipsec-2.17.0-32.4.el9fdp.x86_64.rpm python3-openvswitch2.17-2.17.0-32.4.el9fdp.x86_64.rpm python3-openvswitch2.17-debuginfo-2.17.0-32.4.el9fdp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7.References: https://access.redhat.com/security/cve/CVE-2022-28199 https://access.redhat.com/security/updates/classification/#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYyEqnNzjgjWX9erEAQiQlhAAo0WuIomRRgTRFhRrnXzmxJhJlfWbMT34 6D8XvqIxhp+FzwfqqBWPCyBb/94gsjvElOr0KJHAF0hLUB/FDstxDWAZym+QgUQW kMoTq4rExnP0cI88AKiPPsG3wBVgKMBWX+ehD2es63fUAvo7KK4F8e8yvyGtj1fn PbDX88MUkrap5VF8tup5ETIQB8vg68jevhYeJQagEBZfP1QXyNKSXbQZXQtY4N0r k6vSuW9D4aAo/PPL0difuWZhRdmiht/+KiUH5X3I+mg4C0XN27sdEPeerP9fcBgH IX2XCpUSUhVmuFg04ReVuAZrhnYteODC0VEKPnpnKJYnMpByQ1pvRIwZsF7Qfb7V gwbLSzngqW9bCWXVpPkLVouOiw7TCU2I/cZJevNind0q5dTwPsORhATn9tmOacxe fEwcgYXJXPnehX5RyoJ00DwgjAtxXokM/1NG7+CyXagmALNyy4jl+EGcR1/Oc0R+ 1zXl1RM486yjHqjwHuOmhkeYSGP2vmMzrPV+TkvC2cOBeElklFKwOBTTiMwCAeTv BMLJit1alU2VDe72l86Rd4GhbXCi97NEqdg1/OtAISZ5rFZW+BmwLxNhBTbIgHZy GMAgQoG/oZZrJ1NrTrqbuwB8i0XwWMfpRJ5RMTftI6laE+1k7AELCx4SVwp3M4u0 KxCcYkjNZrw=azTE -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 13, 2022
Red Hat
98
security advisoryred hatimportantRedHat Enterprise Linux 8: RHSA-2022-6384 Important: DoS Mitigation
An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: openvswitch2.13 security update Advisory ID: RHSA-2022:6384-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2022:6384 Issue date: 2022-09-07 CVE Names: CVE-2022-2132 ==================================================================== 1. Summary: An update for openvswitch2.13 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs 6.Package List: Fast Datapath for Red Hat Enterprise Linux 8: Source: openvswitch2.13-2.13.0-193.2.el8fdp.src.rpm aarch64: network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.aarch64.rpm openvswitch2.13-2.13.0-193.2.el8fdp.aarch64.rpm openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.aarch64.rpm openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.aarch64.rpm openvswitch2.13-devel-2.13.0-193.2.el8fdp.aarch64.rpm openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.aarch64.rpm python3-openvswitch2.13-2.13.0-193.2.el8fdp.aarch64.rpm python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.aarch64.rpm noarch: openvswitch2.13-test-2.13.0-193.2.el8fdp.noarch.rpm ppc64le: network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.ppc64le.rpm openvswitch2.13-2.13.0-193.2.el8fdp.ppc64le.rpm openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.ppc64le.rpm openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.ppc64le.rpm openvswitch2.13-devel-2.13.0-193.2.el8fdp.ppc64le.rpm openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.ppc64le.rpm python3-openvswitch2.13-2.13.0-193.2.el8fdp.ppc64le.rpm python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.ppc64le.rpm s390x: network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.s390x.rpm openvswitch2.13-2.13.0-193.2.el8fdp.s390x.rpm openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.s390x.rpm openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.s390x.rpm openvswitch2.13-devel-2.13.0-193.2.el8fdp.s390x.rpm openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.s390x.rpm python3-openvswitch2.13-2.13.0-193.2.el8fdp.s390x.rpm python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.s390x.rpm x86_64: network-scripts-openvswitch2.13-2.13.0-193.2.el8fdp.x86_64.rpm openvswitch2.13-2.13.0-193.2.el8fdp.x86_64.rpm openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.x86_64.rpm openvswitch2.13-debugsource-2.13.0-193.2.el8fdp.x86_64.rpm openvswitch2.13-devel-2.13.0-193.2.el8fdp.x86_64.rpm openvswitch2.13-ipsec-2.13.0-193.2.el8fdp.x86_64.rpm python3-openvswitch2.13-2.13.0-193.2.el8fdp.x86_64.rpm python3-openvswitch2.13-debuginfo-2.13.0-193.2.el8fdp.x86_64.rpm These packages areGPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2132 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYxkbB9zjgjWX9erEAQjPHg/+PDJ9axqHdZUhMRQ6jqDdkU+Y2M+5UA+T /0ZrmJCgnS0IsbEdqhqsBtBK31C8ts2brhQaghN6g/uMAfBrOw6tJUmSrLN2UBFS h42uQfPiTc7Sd4+SxGAxEpK1wowgHiczEcn/eWbAkakD5v1/HeTgBc4gwelbVe/1 haGHZt0DNi4jrTZvBIxL/g7ubtQKJzsnhDOqr4fugbzjIWSOkPekzbmHbJ3Qg1RS Wj6+qqrT+rUluXF7Ezq7w5Imjht6R2uC1WugA3wiJPlXVxuwKtLTSA2yB79g12GG K2Dd1ql9tFDTLuGoZdQLjWKFEbq21N9E0IRXjooCdgsyVDymk5TIomqxH2Wzi5yl XFH2lV6foiQbjTRufVGxwnQnHYSsDNXPRpO+AMo8+DnWmXeoVCUpsuVJn3YEc2bt SrzMQX5iD0cejSdvrqIv62zp76EoF7KIkKHzYoZdAya4dCgfp3EUqf7mqPNfShen ul1ZbRzupaxr0Lio4GRGdWctQ/45DN/hJqYtMlSmZ1seqerg0gwbpjLxAQyH3RZ0 xKj7XklG4YUpTshNBx/jWCFaMGSIeMrCDvVdz2ajyq7ZdlSpDWuQ5UogMW5COrQk xKNUzLnf+2rNkvCi1ceF5bRlkOEpDX/ODyITPYRw6fcFhYLnBMrCm+wNRznMeoZH 2jbF6N4bd9o=SX/S -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 07, 2022
•Important
Red Hat
98
security advisorysecurity updatered hatRHEL 8: RHSA-2022:6382-01 Security Update for Openvswitch DoS Risk
An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: openvswitch2.16 security update Advisory ID: RHSA-2022:6382-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2022:6382 Issue date: 2022-09-07 CVE Names: CVE-2022-2132 ==================================================================== 1. Summary: An update for openvswitch2.16 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs 6.Package List: Fast Datapath for Red Hat Enterprise Linux 8: Source: openvswitch2.16-2.16.0-89.2.el8fdp.src.rpm aarch64: network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.aarch64.rpm openvswitch2.16-2.16.0-89.2.el8fdp.aarch64.rpm openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.aarch64.rpm openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.aarch64.rpm openvswitch2.16-devel-2.16.0-89.2.el8fdp.aarch64.rpm openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.aarch64.rpm python3-openvswitch2.16-2.16.0-89.2.el8fdp.aarch64.rpm python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.aarch64.rpm noarch: openvswitch2.16-test-2.16.0-89.2.el8fdp.noarch.rpm ppc64le: network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.ppc64le.rpm openvswitch2.16-2.16.0-89.2.el8fdp.ppc64le.rpm openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.ppc64le.rpm openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.ppc64le.rpm openvswitch2.16-devel-2.16.0-89.2.el8fdp.ppc64le.rpm openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.ppc64le.rpm python3-openvswitch2.16-2.16.0-89.2.el8fdp.ppc64le.rpm python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.ppc64le.rpm s390x: network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.s390x.rpm openvswitch2.16-2.16.0-89.2.el8fdp.s390x.rpm openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.s390x.rpm openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.s390x.rpm openvswitch2.16-devel-2.16.0-89.2.el8fdp.s390x.rpm openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.s390x.rpm python3-openvswitch2.16-2.16.0-89.2.el8fdp.s390x.rpm python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.s390x.rpm x86_64: network-scripts-openvswitch2.16-2.16.0-89.2.el8fdp.x86_64.rpm openvswitch2.16-2.16.0-89.2.el8fdp.x86_64.rpm openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.x86_64.rpm openvswitch2.16-debugsource-2.16.0-89.2.el8fdp.x86_64.rpm openvswitch2.16-devel-2.16.0-89.2.el8fdp.x86_64.rpm openvswitch2.16-ipsec-2.16.0-89.2.el8fdp.x86_64.rpm python3-openvswitch2.16-2.16.0-89.2.el8fdp.x86_64.rpm python3-openvswitch2.16-debuginfo-2.16.0-89.2.el8fdp.x86_64.rpm These packages are GPG signed by Red Hat forsecurity. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2132 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYxka+NzjgjWX9erEAQhTWg//ZPpREfBlDaksTzYR9JPLbqDhZE5Kf2QX lK1odhifDCEQ3kkc9NlROyk8/FZ0faE7Pf+ER2YZRf8CzLTZi9Sfd78mzcn4Pn0W nTg64jHLQ0Z+ykrR/sGiQVsY80+1O7vLT+RJDvJQeNGiiyqbvMvQjPtWJ8zi1Y9s VPsjJ5E4dqEdt2Mw7zUYUivudq0R1hRy/9NFFH5ohHTawI82Dx9ifIPSV+duyQEP TfhFDinXaZoX0nXZpQVNVRwaa0syOBRJfgLhbdg3e66eDsHbDCAjiaFXBTdeyCSw rZ/UOjmh0r/3nMmStgrcsB3l66BOZSxS3VtvMz7PalZBIS+p6new43T3WCYefJx8 9cmY9cLBYKZ70L2ZOqnyxXewangokgdXUARhRk6RP+CRZcqCYFXdM1HoFuheRN5R 4qv0oRfPzHUSnGm/u5YzOu+/cSanSBBRow7iR24meISQXF4+aEpS+WeTD+R2kIIR D5WJXBzd1G9pvoUT7zbGUnKDttTSH5tyn6FtWkvF55x2Kdk83FHaDbu5uHROdP9x qtM+g28Xnbslxk1XR6weVmm9WAiNL7BFe04kmMJvQLi4t6UhFvsuzGF6HSz29v+b q04tIpBPDz37TTOA2p8g0yhd6jH2NtvSXZ2QZn1zrknlH7e2v9PE/VCoGLNSNBT2 TgXDB4W1J7A=KfE9 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 07, 2022
•Important
Red Hat
98
security advisorydenial of servicecritical issueRed Hat Enterprise Linux 8 RHSA-2022:6383-01 Critical Openvswitch2.17 DoS
An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score,. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Important: openvswitch2.17 security update Advisory ID: RHSA-2022:6383-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2022:6383 Issue date: 2022-09-07 CVE Names: CVE-2022-2132 ==================================================================== 1. Summary: An update for openvswitch2.17 is now available for Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs 6.Package List: Fast Datapath for Red Hat Enterprise Linux 8: Source: openvswitch2.17-2.17.0-37.3.el8fdp.src.rpm aarch64: network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.aarch64.rpm openvswitch2.17-2.17.0-37.3.el8fdp.aarch64.rpm openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.aarch64.rpm openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.aarch64.rpm openvswitch2.17-devel-2.17.0-37.3.el8fdp.aarch64.rpm openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.aarch64.rpm python3-openvswitch2.17-2.17.0-37.3.el8fdp.aarch64.rpm python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.aarch64.rpm noarch: openvswitch2.17-test-2.17.0-37.3.el8fdp.noarch.rpm ppc64le: network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.ppc64le.rpm openvswitch2.17-2.17.0-37.3.el8fdp.ppc64le.rpm openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.ppc64le.rpm openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.ppc64le.rpm openvswitch2.17-devel-2.17.0-37.3.el8fdp.ppc64le.rpm openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.ppc64le.rpm python3-openvswitch2.17-2.17.0-37.3.el8fdp.ppc64le.rpm python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.ppc64le.rpm s390x: network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.s390x.rpm openvswitch2.17-2.17.0-37.3.el8fdp.s390x.rpm openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.s390x.rpm openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.s390x.rpm openvswitch2.17-devel-2.17.0-37.3.el8fdp.s390x.rpm openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.s390x.rpm python3-openvswitch2.17-2.17.0-37.3.el8fdp.s390x.rpm python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.s390x.rpm x86_64: network-scripts-openvswitch2.17-2.17.0-37.3.el8fdp.x86_64.rpm openvswitch2.17-2.17.0-37.3.el8fdp.x86_64.rpm openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.x86_64.rpm openvswitch2.17-debugsource-2.17.0-37.3.el8fdp.x86_64.rpm openvswitch2.17-devel-2.17.0-37.3.el8fdp.x86_64.rpm openvswitch2.17-ipsec-2.17.0-37.3.el8fdp.x86_64.rpm python3-openvswitch2.17-2.17.0-37.3.el8fdp.x86_64.rpm python3-openvswitch2.17-debuginfo-2.17.0-37.3.el8fdp.x86_64.rpm These packages are GPG signed by Red Hat forsecurity. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2022-2132 https://access.redhat.com/security/updates/classification#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYxka89zjgjWX9erEAQgvEg/6AtXZcLy3gaN0PZXr2xNu9k5ZCs5xbCU5 E9iNj5N2wYMoNaVkilaymHDeNmuk4t+rinRO4iw98Rcb4nUmiMKNYheaTSKCYX+y 3YlR4gvtdcA/YoE2gKzwtlAnZybwvTzoUarZ99iav57LtU+s3pJl2E+qOu9KWeiA qcwCLb5dNhww8k2BEvOysORJ8WZuh8EB93OgSzDdlHJCKwY8PXG1qDE4CM6vOfQZ 9OQRVGtUJzOTLQ1W279VK3tToMSXCzyE/r7suhQ/iSTrbz6EKzuCRJwc/8d+w1M1 WnRArB742nRIZMZhy+m01sUz9YfqqrqxwwV+TjPOlFzZPecfKPfw6oPXAjRwm9JX diNidLEa9193tLFhHKOQscILk9j1MTTKEiWYxuLsmumr8nZLvIvWgyDPklZNvXyu igk5nKfQbQFrYHH7v2e9kcoMavuTsGlqwoNw34/haxMmNw8fAo85/yuUYBpO6wpY eTZQWWV/RBBz6FqLU4fP7Ny9GCt/2TC/fY0sV3v9pEV+R7QYQ89Av3csrivKwwmB 106jXxOfgbG3wuIR2vEtSpuXo0ngRtzrmUOcQj+zNRJVIFvZDSiWKIIFimahkjd3 t1EYK35RURUGS/JPK/uqiRlIo7a7IqsYNfc+5U/deCVDI7p3XReD07ESlrFrJkA+ lP0oGmYRgNc=QB5v -----END PGP SIGNATURE----- -- RHSA-announce mailing list
Sep 07, 2022
•Important
Red Hat
98
security advisorymoderatered hatRed Hat 8: RHSA-2022:4786-01 Moderate: Openvswitch2.13 DoS Threat
An update for openvswitch2.13 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ==================================================================== Red Hat Security Advisory Synopsis: Moderate: openvswitch2.13 security update Advisory ID: RHSA-2022:4786-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2022:4786 Issue date: 2022-05-27 CVE Names: CVE-2021-3839 CVE-2022-0669 ==================================================================== 1. Summary: An update for openvswitch2.13 is now available in Fast Datapath for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Fast Datapath for Red Hat Enterprise Linux 8 - aarch64, noarch, ppc64le, s390x, x86_64 3. Description: Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix(es): * openvswitch2.13: DPDK: Out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash (CVE-2021-3839) * openvswitch2.13: DPDK: Sending vhost-user-inflight type messages could lead to DoS (CVE-2022-0669) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section. 4. Solution: For details on how to apply this update, which includes the changes described in this advisory, refer to: https://access.redhat.com/articles/11258 Users of openvswitch2.13 are advised toupgrade to these updated packages, which fix these bugs. 5. Bugs fixed (https://bugzilla.redhat.com/): 2025882 - CVE-2021-3839 DPDK: out-of-bounds read/write in vhost_user_set_inflight_fd() may lead to crash 2055793 - CVE-2022-0669 dpdk: sending vhost-user-inflight type messages could lead to DoS 2080270 - [22.D RHEL-8] Fast Datapath Release 6. Package List: Fast Datapath for Red Hat Enterprise Linux8: Source: openvswitch2.13-2.13.0-180.el8fdp.src.rpm aarch64: network-scripts-openvswitch2.13-2.13.0-180.el8fdp.aarch64.rpm openvswitch2.13-2.13.0-180.el8fdp.aarch64.rpm openvswitch2.13-debuginfo-2.13.0-180.el8fdp.aarch64.rpm openvswitch2.13-debugsource-2.13.0-180.el8fdp.aarch64.rpm openvswitch2.13-devel-2.13.0-180.el8fdp.aarch64.rpm openvswitch2.13-ipsec-2.13.0-180.el8fdp.aarch64.rpm python3-openvswitch2.13-2.13.0-180.el8fdp.aarch64.rpm python3-openvswitch2.13-debuginfo-2.13.0-180.el8fdp.aarch64.rpm noarch: openvswitch2.13-test-2.13.0-180.el8fdp.noarch.rpm ppc64le: network-scripts-openvswitch2.13-2.13.0-180.el8fdp.ppc64le.rpm openvswitch2.13-2.13.0-180.el8fdp.ppc64le.rpm openvswitch2.13-debuginfo-2.13.0-180.el8fdp.ppc64le.rpm openvswitch2.13-debugsource-2.13.0-180.el8fdp.ppc64le.rpm openvswitch2.13-devel-2.13.0-180.el8fdp.ppc64le.rpm openvswitch2.13-ipsec-2.13.0-180.el8fdp.ppc64le.rpm python3-openvswitch2.13-2.13.0-180.el8fdp.ppc64le.rpm python3-openvswitch2.13-debuginfo-2.13.0-180.el8fdp.ppc64le.rpm s390x: network-scripts-openvswitch2.13-2.13.0-180.el8fdp.s390x.rpm openvswitch2.13-2.13.0-180.el8fdp.s390x.rpm openvswitch2.13-debuginfo-2.13.0-180.el8fdp.s390x.rpm openvswitch2.13-debugsource-2.13.0-180.el8fdp.s390x.rpm openvswitch2.13-devel-2.13.0-180.el8fdp.s390x.rpm openvswitch2.13-ipsec-2.13.0-180.el8fdp.s390x.rpm python3-openvswitch2.13-2.13.0-180.el8fdp.s390x.rpm python3-openvswitch2.13-debuginfo-2.13.0-180.el8fdp.s390x.rpm x86_64: network-scripts-openvswitch2.13-2.13.0-180.el8fdp.x86_64.rpm openvswitch2.13-2.13.0-180.el8fdp.x86_64.rpm openvswitch2.13-debuginfo-2.13.0-180.el8fdp.x86_64.rpm openvswitch2.13-debugsource-2.13.0-180.el8fdp.x86_64.rpm openvswitch2.13-devel-2.13.0-180.el8fdp.x86_64.rpm openvswitch2.13-ipsec-2.13.0-180.el8fdp.x86_64.rpm python3-openvswitch2.13-2.13.0-180.el8fdp.x86_64.rpm python3-openvswitch2.13-debuginfo-2.13.0-180.el8fdp.x86_64.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are availablefrom https://access.redhat.com/security/team/key 7. References: https://access.redhat.com/security/cve/CVE-2021-3839 https://access.redhat.com/security/cve/CVE-2022-0669 https://access.redhat.com/security/updates/classification#moderate 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBYpEx9NzjgjWX9erEAQgFgw//QNl4NS1Qblilf1f2UpJ6mRPDaLx8vJaQ 6YOsTFKWHIieRO4Upjr+VyyhHQgMUgaW9EOOk6k40Ls48dVj3BT1snDbnbsXlW0S u2/RN1hako1Bhu1T7PSO1m+VKo/lWEcismj+oZzEemMraZHw5ZG31hTWpZLu/eXm gumXdXJuqUwEfJU9y2kSmPJnfqkVkNZkCOdGuJbKOzwEcztgmozAXmqVnmXa8W/c 21N20Gt8xxwhljXeYhOXKQyalR5hjPWRo6BmJzY1i5I1mAvxIW/wtjw/4DbJuu7W EIH7hmbzcXZqblmGJbunB8GKOhubkqTg4OJfdWa1hiENmBjJZ+nHBoQ4c7J0cZBP 2+HEahf20Gocg9Fr1N1tt2PQpcnWZbUT5KmF7FjzAY5kQ6TwvZuyM2T4E7CFxFp1 VRi5SWISLYI5If17mLvDWG11eD5ZVX5neFcbqa86RloYIvur5uIw/0PKtFhjJ/gk w70YjAHyvfRys7Ah1JC6KojCA17Rp2JO652CRciz/Fb45HXTI4EWAnDmZCRHt5sP B1CeeoIwQMXT4QssSyKDGfA2rfwAIrugUIQD58itVsuEVJd372QT46CAtwcCxDgo dDAL/EuifHMgvHbPpWhwFbpqPVBuG89vGNru15NnCGmsvGmJObwe2/Xe+X8JS5tf OOwA14K2pv4=Pjp9 -----END PGP SIGNATURE----- -- RHSA-announce mailing list
May 27, 2022
Red Hat
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!