Mend Vulnerability Database
What is a CVE vulnerability ID? What is a WS vulnerability ID? What is an MSC vulnerability ID?New vulnerability? Tell us about it!
We found results for “”
Date: September 28, 2022
OverviewIn ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c
DetailsIn ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c.
An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory.
This vulnerability is capable of crashing the software, memory modification, and possible remote execution.
Affected EnvironmentsOvs versions v0.90.0 through v2.5.0
PreventionUpgrade to ovs version v2.5.1
Good to know:
|Attack Vector (AV):||Network|
|Attack Complexity (AC):||Low|
|Privileges Required (PR):||Low|
|User Interaction (UI):||None|