Launchpad.net

CVE 2020-35498

A vulnerability was found in openvswitch. A limitation in the implementation of userspace packet parsing can allow a malicious user to send a specially crafted packet causing the resulting megaflow in the kernel to be too wide, potentially causing a denial of service. The highest threat from this vulnerability is to system availability.

Related bugs and status

CVE-2020-35498 (Candidate) is related to these bugs:

Bug #1836713: upgrade of openvswitch packages resets alternative binaries to auto

		In	Importance	Status
1836713	upgrade of openvswitch packages resets alternative binaries to auto	openvswitch (Ubuntu)	High	Fix Released
1836713	upgrade of openvswitch packages resets alternative binaries to auto	openvswitch (Ubuntu Bionic)	High	Fix Released
1836713	upgrade of openvswitch packages resets alternative binaries to auto	openvswitch (Ubuntu Eoan)	High	Fix Released
1836713	upgrade of openvswitch packages resets alternative binaries to auto	openvswitch (Ubuntu Disco)	High	Won't Fix
1836713	upgrade of openvswitch packages resets alternative binaries to auto	Ubuntu Cloud Archive	Undecided	Fix Released
1836713	upgrade of openvswitch packages resets alternative binaries to auto	Ubuntu Cloud Archive train	Undecided	Fix Released
1836713	upgrade of openvswitch packages resets alternative binaries to auto	Ubuntu Cloud Archive queens	Undecided	Fix Released
1836713	upgrade of openvswitch packages resets alternative binaries to auto	Ubuntu Cloud Archive stein	Undecided	Fix Released

Bug #1907686: ovn: instance unable to retrieve metadata

		In	Importance	Status
1907686	ovn: instance unable to retrieve metadata	charm-ovn-chassis	Undecided	Invalid
1907686	ovn: instance unable to retrieve metadata	neutron	Undecided	Invalid
1907686	ovn: instance unable to retrieve metadata	openvswitch (Ubuntu)	High	Fix Released
1907686	ovn: instance unable to retrieve metadata	openvswitch (Ubuntu Hirsute)	High	Fix Released
1907686	ovn: instance unable to retrieve metadata	openvswitch (Ubuntu Groovy)	High	Fix Released
1907686	ovn: instance unable to retrieve metadata	openvswitch (Ubuntu Focal)	High	Fix Released
1907686	ovn: instance unable to retrieve metadata	Ubuntu Cloud Archive	Undecided	Fix Released
1907686	ovn: instance unable to retrieve metadata	Ubuntu Cloud Archive ussuri	Undecided	Fix Released
1907686	ovn: instance unable to retrieve metadata	Ubuntu Cloud Archive victoria	Undecided	Won't Fix
1907686	ovn: instance unable to retrieve metadata	Ubuntu Cloud Archive wallaby	Undecided	Fix Released

Bug #1912201: [SRU] openvswitch 2.9.8

		In	Importance	Status
1912201	[SRU] openvswitch 2.9.8	Ubuntu Cloud Archive	Undecided	Invalid
1912201	[SRU] openvswitch 2.9.8	Ubuntu Cloud Archive queens	Medium	Fix Released
1912201	[SRU] openvswitch 2.9.8	openvswitch (Ubuntu)	Undecided	Fix Released
1912201	[SRU] openvswitch 2.9.8	openvswitch (Ubuntu Bionic)	Medium	Fix Released

Bug #1915829: FQDN / hostname recorded in OVSDB is unreliable

		In	Importance	Status
1915829	FQDN / hostname recorded in OVSDB is unreliable	openvswitch (Ubuntu)	High	Fix Released
1915829	FQDN / hostname recorded in OVSDB is unreliable	openvswitch (Ubuntu Focal)	High	Fix Released
1915829	FQDN / hostname recorded in OVSDB is unreliable	openvswitch (Ubuntu Groovy)	High	Fix Released
1915829	FQDN / hostname recorded in OVSDB is unreliable	openvswitch (Ubuntu Hirsute)	High	Fix Released
1915829	FQDN / hostname recorded in OVSDB is unreliable	Ubuntu Cloud Archive	High	Fix Released
1915829	FQDN / hostname recorded in OVSDB is unreliable	Ubuntu Cloud Archive ussuri	High	Fix Released
1915829	FQDN / hostname recorded in OVSDB is unreliable	Ubuntu Cloud Archive wallaby	High	Fix Released
1915829	FQDN / hostname recorded in OVSDB is unreliable	Ubuntu Cloud Archive victoria	High	Invalid

Bug #1920141: [SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x

		In	Importance	Status
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	openvswitch (Ubuntu)	Undecided	Invalid
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	openvswitch (Ubuntu Groovy)	High	Fix Released
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	openvswitch (Ubuntu Focal)	High	Fix Released
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	dpdk (Ubuntu)	Undecided	Fix Released
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	dpdk (Ubuntu Focal)	High	Fix Released
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	dpdk (Ubuntu Groovy)	High	Fix Released
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	Ubuntu Cloud Archive	Undecided	Invalid
1920141	[SRU] openvswitch 2.13.3 / linking changes in DPDK 19.11.x	Ubuntu Cloud Archive ussuri	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2020-35498

Related bugs and status

Related bugs

References