Open vswitch
This hub aggregates every CVE we track for Open vswitch, a product in the networking infrastructure space. Use it to gauge the current risk picture and drill into individual advisories.
14
CVEs tracked
2
Critical
7
High
0
In CISA KEV
Severity distribution
HIGH7MEDIUM5CRITICAL2
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 14 most recently published vulnerabilities affecting Open vswitch.
- CVE-2024-2182Ovn: insufficient validation of bfd packets may lead to denial of service6.5
- CVE-2023-3966Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet7.5
- CVE-2024-22563openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.7.5
- CVE-2023-5366Openvswitch don't match packets on nd_target field7.1
- CVE-2023-3153Service monitor mac flow is not rate limited5.3
- CVE-2023-1668A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kern...8.2
- CVE-2022-4338An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.9.8
- CVE-2022-4337An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.9.8
- CVE-2022-32166ovs - buffer over-read6.1
- CVE-2021-36980Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.5.5
- CVE-2020-27827A flaw was found in multiple versions of OpenvSwitch. Specially crafted LLDP packets can cause memory to be lost when allocating data to handle specific optional TLVs, potentially causing a denial ...7.5
- CVE-2020-35498A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow...7.5
- CVE-2018-17206An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.4.9
- CVE-2018-17205An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofprot...7.5
Product normalization is registry-driven with AI assist and human review. How it works