UBUNTU-CVE-2022-32166
- Source
- https://ubuntu.com/security/CVE-2022-32166
- Import Source
- https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2022/UBUNTU-CVE-2022-32166.json
- JSON Data
- https://api.osv.dev/v1/vulns/UBUNTU-CVE-2022-32166
- Related
- Published
- 2022-09-28T10:15:00Z
- Modified
- 2025-06-02T17:16:26Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- 6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
- References
Affected packages
Ubuntu:Pro:16.04:LTS / openvswitch
Package
- Name
- openvswitch
- Purl
- pkg:deb/ubuntu/openvswitch@2.5.9-0ubuntu0.16.04.3+esm1?arch=source&distro=esm-infra/xenial
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.5.9-0ubuntu0.16.04.3+esm1
Affected versions
2.*
2.4.0-0ubuntu4
2.4.0-0ubuntu5
2.5.0~git20160129.46a88d9-0ubuntu1
2.5.0~git20160219.522aca6-0ubuntu1
2.5.0~git20160219.522aca6-0ubuntu2
2.5.0~git20160219.522aca6-0ubuntu3
2.5.0-0ubuntu1
2.5.2-0ubuntu0.16.04.1
2.5.2-0ubuntu0.16.04.2
2.5.2-0ubuntu0.16.04.3
2.5.4-0ubuntu0.16.04.1
2.5.5-0ubuntu0.16.04.1
2.5.5-0ubuntu0.16.04.2
2.5.9-0ubuntu0.16.04.2
2.5.9-0ubuntu0.16.04.3
Ecosystem specific
{
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-common"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-common-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-dbg"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-ipsec"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-ipsec-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-pki"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-switch"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-switch-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-switch-dpdk"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-switch-dpdk-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-test"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-testcontroller"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-testcontroller-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-vtep"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "openvswitch-vtep-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-central"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-central-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-common"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-common-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-docker"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-docker-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-host"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "ovn-host-dbgsym"
},
{
"binary_version": "2.5.9-0ubuntu0.16.04.3+esm1",
"binary_name": "python-openvswitch"
}
],
"availability": "Available with Ubuntu Pro (Infra-only): https://ubuntu.com/pro"
}
Ubuntu:18.04:LTS / openvswitch
Package
- Name
- openvswitch
- Purl
- pkg:deb/ubuntu/openvswitch@2.9.8-0ubuntu0.18.04.3?arch=source&distro=bionic
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.9.8-0ubuntu0.18.04.3
Affected versions
2.*
2.8.0-0ubuntu2
2.8.1-0ubuntu2
2.8.1-0ubuntu3
2.9.0~git20180205.5a39582ca-0ubuntu1
2.9.0-0ubuntu1
2.9.2-0ubuntu0.18.04.2
2.9.2-0ubuntu0.18.04.3
2.9.5-0ubuntu0.18.04.1
2.9.7-0ubuntu0.18.04.2
2.9.8-0ubuntu0.18.04.2
Ecosystem specific
{
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-common"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-dbg"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-doc"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-pki"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-switch"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-switch-dpdk"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-test"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-testcontroller"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "openvswitch-vtep"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "ovn-central"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "ovn-common"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "ovn-controller-vtep"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "ovn-docker"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "ovn-host"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "python-openvswitch"
},
{
"binary_version": "2.9.8-0ubuntu0.18.04.3",
"binary_name": "python3-openvswitch"
}
],
"availability": "No subscription required"
}
Ubuntu:20.04:LTS / openvswitch
Package
- Name
- openvswitch
- Purl
- pkg:deb/ubuntu/openvswitch@2.13.8-0ubuntu1?arch=source&distro=focal
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.13.8-0ubuntu1
Affected versions
2.*
2.12.0-0ubuntu1
2.12.0-0ubuntu2
2.12.1~git20191107.7accd1302-0ubuntu1
2.12.90~git20200107.af683565b-0ubuntu1
2.12.90~git20200107.af683565b-0ubuntu2
2.12.90~git20200107.af683565b-0ubuntu3
2.13.0~git20200127.dbdf66c29-0ubuntu2
2.13.0~git20200212.15ae9db33-0ubuntu1
2.13.0~git20200212.15ae9db33-0ubuntu2
2.13.0-0ubuntu1
2.13.1-0ubuntu0.20.04.1
2.13.1-0ubuntu0.20.04.3
2.13.1-0ubuntu0.20.04.4
2.13.3-0ubuntu0.20.04.1
2.13.3-0ubuntu0.20.04.2
2.13.5-0ubuntu1
Ecosystem specific
{
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-common"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-dbg"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-doc"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-pki"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-source"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-switch"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-switch-dpdk"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-test"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-testcontroller"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "openvswitch-vtep"
},
{
"binary_version": "2.13.8-0ubuntu1",
"binary_name": "python3-openvswitch"
}
],
"availability": "No subscription required"
}
Ubuntu:22.04:LTS / openvswitch
Package
- Name
- openvswitch
- Purl
- pkg:deb/ubuntu/openvswitch@2.17.2-0ubuntu0.22.04.1?arch=source&distro=jammy
Affected ranges
- Type
- ECOSYSTEM
- Events
-
Introduced0Unknown introduced version / All previous versions are affectedFixed2.17.2-0ubuntu0.22.04.1
Affected versions
2.*
2.16.0-0ubuntu2
2.16.0-0ubuntu3
2.16.0-0ubuntu4
2.17.0~git20220105.0d1ffb7-0ubuntu1
2.17.0~git20220118.1b9fd88-0ubuntu1
2.17.0~git20220121.109d024-0ubuntu1
2.17.0-0ubuntu1
Ecosystem specific
{
"ubuntu_priority": "medium",
"binaries": [
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-common"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-dbg"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-doc"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-ipsec"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-pki"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-source"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-switch"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-switch-dpdk"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-test"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-testcontroller"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "openvswitch-vtep"
},
{
"binary_version": "2.17.2-0ubuntu0.22.04.1",
"binary_name": "python3-openvswitch"
}
],
"availability": "No subscription required"
}