USN-5890-1

See a problem?
Source
https://ubuntu.com/security/notices/USN-5890-1
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/USN-5890-1.json
JSON Data
https://api.osv.dev/v1/vulns/USN-5890-1
Related
Published
2023-02-27T12:24:28.911939Z
Modified
2023-02-27T12:24:28.911939Z
Summary
openvswitch vulnerabilities
Details

Qian Chen discovered that Open vSwitch incorrectly handled certain Organization Specific TLVs. A remote attacker could use this issue to cause Open vSwitch to crash, resulting in a denial of service, or possibly execute arbitrary code.

References

Affected packages

Ubuntu:22.04:LTS / openvswitch

Package

Name
openvswitch

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.17.3-0ubuntu0.22.04.2

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "python3-openvswitch": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-testcontroller": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-source": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-switch-dpdk": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-ipsec": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-vtep": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-switch": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-test": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-common": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-doc": "2.17.3-0ubuntu0.22.04.2",
            "openvswitch-pki": "2.17.3-0ubuntu0.22.04.2"
        }
    ]
}

Ubuntu:18.04:LTS / openvswitch

Package

Name
openvswitch

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.9.8-0ubuntu0.18.04.4

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "openvswitch-testcontroller": "2.9.8-0ubuntu0.18.04.4",
            "ovn-common": "2.9.8-0ubuntu0.18.04.4",
            "openvswitch-switch-dpdk": "2.9.8-0ubuntu0.18.04.4",
            "ovn-central": "2.9.8-0ubuntu0.18.04.4",
            "openvswitch-test": "2.9.8-0ubuntu0.18.04.4",
            "openvswitch-switch": "2.9.8-0ubuntu0.18.04.4",
            "ovn-controller-vtep": "2.9.8-0ubuntu0.18.04.4",
            "ovn-docker": "2.9.8-0ubuntu0.18.04.4",
            "openvswitch-pki": "2.9.8-0ubuntu0.18.04.4",
            "python3-openvswitch": "2.9.8-0ubuntu0.18.04.4",
            "python-openvswitch": "2.9.8-0ubuntu0.18.04.4",
            "ovn-host": "2.9.8-0ubuntu0.18.04.4",
            "openvswitch-vtep": "2.9.8-0ubuntu0.18.04.4",
            "openvswitch-common": "2.9.8-0ubuntu0.18.04.4",
            "openvswitch-doc": "2.9.8-0ubuntu0.18.04.4"
        }
    ]
}

Ubuntu:20.04:LTS / openvswitch

Package

Name
openvswitch

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.13.8-0ubuntu1.1

Ecosystem specific

{
    "availability": "No subscription needed",
    "binaries": [
        {
            "python3-openvswitch": "2.13.8-0ubuntu1.1",
            "openvswitch-testcontroller": "2.13.8-0ubuntu1.1",
            "openvswitch-source": "2.13.8-0ubuntu1.1",
            "openvswitch-switch-dpdk": "2.13.8-0ubuntu1.1",
            "openvswitch-test": "2.13.8-0ubuntu1.1",
            "openvswitch-vtep": "2.13.8-0ubuntu1.1",
            "openvswitch-switch": "2.13.8-0ubuntu1.1",
            "openvswitch-common": "2.13.8-0ubuntu1.1",
            "openvswitch-doc": "2.13.8-0ubuntu1.1",
            "openvswitch-pki": "2.13.8-0ubuntu1.1"
        }
    ]
}