Description
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
References (5)
Core 5
Core References
Patch, Third Party Advisory
https://github.com/openvswitch/ovs/pull/405
Mailing List, Patch, Vendor Advisory
https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html
Mailing List, Third Party Advisory
https://www.openwall.com/lists/oss-security/2022/12/21/4
Third Party Advisory vendor-advisory
https://www.debian.org/security/2023/dsa-5319
Third Party Advisory vendor-advisory
https://security.gentoo.org/glsa/202311-16
Scores
CVSS v3
9.8
EPSS
0.0047
EPSS Percentile
64.7%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Details
CWE
CWE-125
Status
published
Products (2)
debian/debian_linux
11.0
openvswitch/openvswitch
< 2.13.10
Published
Jan 10, 2023
Tracked Since
Feb 18, 2026