Bug 2130577 (CVE-2022-32166)
Summary: | CVE-2022-32166 openvswitch: Heap buffer over-read in flow.c | ||
---|---|---|---|
Product: | [Other] Security Response | Reporter: | Pedro Sampaio <psampaio> |
Component: | vulnerability | Assignee: | Nobody <nobody> |
Status: | NEW --- | QA Contact: | |
Severity: | high | Docs Contact: | |
Priority: | high | ||
Version: | unspecified | CC: | aconole, amusil, apevec, chrisw, ctrautma, echaudro, eglynn, fleitner, jburrell, jhsiao, jjoyce, lhh, mburns, mgarciac, michal.skrivanek, mperina, ovs-qe, ovs-team, ralongi, rhos-maint, rkhan, spower, tgraf, tredaelli, zhijianli88 |
Target Milestone: | --- | Keywords: | Security |
Target Release: | --- | ||
Hardware: | All | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | openvswitch 2.5.0 | Doc Type: | If docs needed, set a value |
Doc Text: |
A flaw was found in OpenVSwitch. Versions 0.90.0 through 2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and remote execution.
|
Story Points: | --- |
Clone Of: | Environment: | ||
Last Closed: | Type: | --- | |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: | |||
Bug Depends On: | 2130578, 2132865 | ||
Bug Blocks: | 2130579 |
Description
Pedro Sampaio
2022-09-28 13:47:50 UTC
Created openvswitch tracking bugs for this issue: Affects: fedora-all [bug 2130578] (In reply to Pedro Sampaio from comment #0) > In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer > over-read in flow.c. An unsafe comparison of “minimasks” function could lead > access to an unmapped region of memory. This vulnerability is capable of > crashing the software, memory modification, and possible remote execution. > > References: > > https://github.com/cloudbase/ovs/commit/ > 2ed6505555cdcb46f9b1f0329d1491b75290fc73 I looked into ovs 2.0.0 and 2.4.0, it's believed this vulnerability does not impact these 2 versions. |