SUSE Package Hub - SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-1795

Update Info

SUSE-SLE-Module-Packagehub-Subpackages-15-SP4-2023-1795

Security update for openvswitch

Type: security

Severity: moderate

Issued: 2023-04-07

Description:

This update for openvswitch fixes the following issues:

- CVE-2021-36980: Fixed a use-after-free issue during the decoding of
  a RAW_ENCAP action (bsc#1188524).
- CVE-2022-32166: Fixed a out of bounds read in minimask_equal() (bsc#1203865).

References

CVE: CVE-2022-32166
CVE: CVE-2021-36980
Bugzilla: 1203865 VUL-0: CVE-2022-32166: openvswitch: out of bounds read in minimask_equal()
Bugzilla: 1188524 VUL-0: CVE-2021-36980: openvswitch: use-after-free in decode_NXAST_RAW_ENCAP

Packages

dpdk-18.11.9-150100.4.23.1

openvswitch-2.11.5-150100.3.18.2