Multiple versions of Open vSwitch are vulnerable to crafted LLDP packets causing a denial of service. Triggering the vulnerabilities requires LLDP processing to be enabled for a specific port. Open vSwitch versions prior to 2.4.0 are not vulnerable. https://github.com/openvswitch/ovs/pull/405
Created openvswitch tracking bugs for this issue: Affects: fedora-all [bug 2155379]
Hi, where is the bug for openvswitch3.0 on fdp-el9? Thank you
This issue has been addressed in the following products: Fast Datapath for Red Hat Enterprise Linux 9 Via RHSA-2023:0691 https://access.redhat.com/errata/RHSA-2023:0691
This issue has been addressed in the following products: Fast Datapath for Red Hat Enterprise Linux 8 Via RHSA-2023:0688 https://access.redhat.com/errata/RHSA-2023:0688
This issue has been addressed in the following products: Fast Datapath for Red Hat Enterprise Linux 8 Via RHSA-2023:0685 https://access.redhat.com/errata/RHSA-2023:0685
This issue has been addressed in the following products: Fast Datapath for Red Hat Enterprise Linux 8 Via RHSA-2023:0689 https://access.redhat.com/errata/RHSA-2023:0689
This issue has been addressed in the following products: Fast Datapath for Red Hat Enterprise Linux 8 Via RHSA-2023:0687 https://access.redhat.com/errata/RHSA-2023:0687
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2022-4337