{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2020-35498", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-04T17:02:08.207Z", "dateReserved": "2020-12-17T00:00:00", "datePublished": "2021-02-11T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-11-26T11:06:21.498104"}, "descriptions": [{"lang": "en", "value": "A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability."}], "affected": [{"vendor": "n/a", "product": "openvswitch", "versions": [{"version": "openvswitch 2.5.12, openvswitch 2.6.10, openvswitch 2.7.13, openvswitch 2.8.11, openvswitch 2.9.9, openvswitch 2.10.7, openvswitch 2.11.6, openvswitch 2.12.3, openvswitch 2.13.3, openvswitch 2.14.2", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908845"}, {"url": "https://www.openwall.com/lists/oss-security/2021/02/10/4"}, {"name": "DSA-4852", "tags": ["vendor-advisory"], "url": "https://www.debian.org/security/2021/dsa-4852"}, {"name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", "tags": ["mailing-list"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"}, {"name": "FEDORA-2021-fba11d37ee", "tags": ["vendor-advisory"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/"}, {"name": "GLSA-202311-16", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202311-16"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-400", "cweId": "CWE-400"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-04T17:02:08.207Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908845", "tags": ["x_transferred"]}, {"url": "https://www.openwall.com/lists/oss-security/2021/02/10/4", "tags": ["x_transferred"]}, {"name": "DSA-4852", "tags": ["vendor-advisory", "x_transferred"], "url": "https://www.debian.org/security/2021/dsa-4852"}, {"name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", "tags": ["mailing-list", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"}, {"name": "FEDORA-2021-fba11d37ee", "tags": ["vendor-advisory", "x_transferred"], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/"}, {"name": "GLSA-202311-16", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202311-16"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "F4AAAA44-4650-4BE6-B705-767720A51BFA", "versionEndExcluding": "2.5.12", "versionStartIncluding": "2.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "E78C71DF-5303-4887-A958-AA8974559F4B", "versionEndExcluding": "2.6.10", "versionStartIncluding": "2.6.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "F43F9591-492D-42E1-B241-86A19538348C", "versionEndExcluding": "2.7.13", "versionStartIncluding": "2.7.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "7D17633D-6F1B-4482-98D0-F4D87F7E79F1", "versionEndExcluding": "2.8.11", "versionStartIncluding": "2.8.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "4F9E06B0-A849-40E0-BA5E-4B94D51E34AC", "versionEndExcluding": "2.9.9", "versionStartIncluding": "2.9.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "B7D812F1-C079-45D5-BB34-2599993B9E15", "versionEndExcluding": "2.10.7", "versionStartIncluding": "2.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "1B7DFA70-32AD-4739-9020-C32C22A2677E", "versionEndExcluding": "2.11.6", "versionStartIncluding": "2.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "B6189A6A-85C4-469E-A1CA-8506ADD26CF6", "versionEndExcluding": "2.12.3", "versionStartIncluding": "2.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "62204DE2-CD28-46B5-AE9A-42F2ADB9CC65", "versionEndExcluding": "2.13.3", "versionStartIncluding": "2.13.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "170C778E-64B7-484A-9497-9BF6C137B364", "versionEndExcluding": "2.14.2", "versionStartIncluding": "2.14.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}, {"criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*", "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:fedoraproject:fedora:33:*:*:*:*:*:*:*", "matchCriteriaId": "E460AA51-FCDA-46B9-AE97-E6676AA5E194", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability."}, {"lang": "es", "value": "Se encontr\u00f3 una vulnerabilidad en openvswitch. Una limitaci\u00f3n en la implementaci\u00f3n del an\u00e1lisis de paquetes del espacio de usuario puede permitir a un usuario malicioso env\u00ede un paquete especialmente dise\u00f1ado, lo que hace que el megaflujo resultante en el kernel sea demasiado amplio, causando potencialmente una denegaci\u00f3n de servicio. La mayor amenaza de esta vulnerabilidad es la disponibilidad del sistema"}], "id": "CVE-2020-35498", "lastModified": "2023-11-26T11:15:07.937", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "HIGH", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "COMPLETE", "baseScore": 7.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:C", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 6.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2021-02-11T18:15:15.677", "references": [{"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908845"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"}, {"source": "secalert@redhat.com", "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/UJ4DXFJWMZ325ECZXPZOSK7BOEDJZHPR/"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/202311-16"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://www.debian.org/security/2021/dsa-4852"}, {"source": "secalert@redhat.com", "tags": ["Mailing List", "Patch", "Third Party Advisory"], "url": "https://www.openwall.com/lists/oss-security/2021/02/10/4"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-400"}], "source": "secalert@redhat.com", "type": "Primary"}]}

{"acknowledgement": "Red Hat would like to thank Joakim Hindersson <joakim.hindersson@elastx.se> for reporting this issue.", "affected_release": [{"advisory": "RHSA-2021:0834", "cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "impact": "moderate", "package": "openvswitch2.11-0:2.11.3-86.el7fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 7", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:0835", "cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "impact": "moderate", "package": "openvswitch2.13-0:2.13.0-81.el7fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 7", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:2077", "cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "impact": "moderate", "package": "openvswitch-0:2.9.9-1.el7fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 7", "release_date": "2021-05-20T00:00:00Z"}, {"advisory": "RHSA-2021:0497", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "impact": "moderate", "package": "openvswitch2.13-0:2.13.0-79.5.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2021-02-11T00:00:00Z"}, {"advisory": "RHSA-2021:0837", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "impact": "moderate", "package": "openvswitch2.11-0:2.11.3-83.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2021-03-15T00:00:00Z"}, {"advisory": "RHSA-2021:2456", "cpe": "cpe:/a:redhat:openstack:13::el7", "impact": "moderate", "package": "openvswitch2.11-0:2.11.3-86.el7fdp", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2021-06-16T00:00:00Z"}, {"advisory": "RHSA-2021:2077", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "moderate", "package": "openvswitch-0:2.9.9-1.el7fdp", "product_name": "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2021-05-20T00:00:00Z"}, {"advisory": "RHSA-2021:1050", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "moderate", "package": "openvswitch2.11-0:2.11.3-86.el7fdp", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2021-03-31T00:00:00Z"}, {"advisory": "RHSA-2021:1050", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "impact": "moderate", "package": "ovn2.11-0:2.11.1-57.el7fdp", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2021-03-31T00:00:00Z"}], "bugzilla": {"description": "openvswitch: limitation in the OVS packet parsing in userspace leads to DoS", "id": "1908845", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1908845"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-400", "details": ["A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.", "A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability."], "name": "CVE-2020-35498", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "openvswitch2.10", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "impact": "moderate", "package_name": "openvswitch2.13", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Not affected", "package_name": "openvswitch2.15", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Out of support scope", "impact": "moderate", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}], "public_date": "2021-02-10T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2020-35498\nhttps://nvd.nist.gov/vuln/detail/CVE-2020-35498\nhttps://www.openwall.com/lists/oss-security/2021/02/10/4"], "statement": "Red Hat OpenStack Platform 13's openvswitch package will receive it's fixes from Fast Datapath.", "threat_severity": "Important", "upstream_fix": "openvswitch 2.5.12, openvswitch 2.6.10, openvswitch 2.7.13, openvswitch 2.8.11, openvswitch 2.9.9, openvswitch 2.10.7, openvswitch 2.11.6, openvswitch 2.12.3, openvswitch 2.13.3, openvswitch 2.14.2"}