CVE-2022-32166

See a problem?
Please try reporting it to the source first.

Source

https://nvd.nist.gov/vuln/detail/CVE-2022-32166

Import Source

https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-32166.json

JSON Data

https://api.osv.dev/v1/vulns/CVE-2022-32166

Related

Published

2022-09-28T10:15:09Z

Modified

2024-09-18T03:21:23.228925Z

Summary

[none]

Details

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

References

Affected packages

Debian:11 / openvswitch

Package

Name: openvswitch
Purl: pkg:deb/debian/openvswitch?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.13.0+dfsg1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:12 / openvswitch

Package

Name: openvswitch
Purl: pkg:deb/debian/openvswitch?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.13.0+dfsg1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Debian:13 / openvswitch

Package

Name: openvswitch
Purl: pkg:deb/debian/openvswitch?arch=source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.13.0+dfsg1-1

Ecosystem specific

{
    "urgency": "not yet assigned"
}

Git / github.com/cloudbase/ovs

Affected ranges

Type: GIT
Repo: https://github.com/cloudbase/ovs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Fixed

2ed6505555cdcb46f9b1f0329d1491b75290fc73

Type: GIT
Repo: https://github.com/openvswitch/ovs
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

22d4614ddf83988a3771fb379ea029e663b4455a

Affected versions

v0.*

v0.90.0

v0.90.1

v0.90.2

v0.90.3

v0.90.4

v0.90.6

v0.90.7

v0.99.0

v0.99.1

v0.99.2

v1.*

v1.0.0

v1.0.1

v1.1.0pre1

v1.1.0pre2

v2.*

v2.5.0