[Git][security-tracker-team/security-tracker][master] Update information for CVE-2022-433{7,8}/openvswitch
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Thu Dec 29 13:01:12 GMT 2022
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
76631ff0 by Salvatore Bonaccorso at 2022-12-29T14:00:02+01:00
Update information for CVE-2022-433{7,8}/openvswitch
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -5712,11 +5712,17 @@ CVE-2022-4338 [Integer Underflow in Organization Specific TLV]
- openvswitch <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2022/12/20/2
NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html
+ NOTE: https://github.com/openvswitch/ovs/pull/405
+ NOTE: Introduced by: https://github.com/openvswitch/ovs/commit/be53a5c447c3ed77ef2d4e1e09ea63de576b90e8 (v2.4.0)
+ NOTE: Fixed by: https://github.com/openvswitch/ovs/commit/7490f281f09a8455c48e19b0cf1b99ab758ee4f4
CVE-2022-4337 [Out-of-Bounds Read in Organization Specific TLV]
RESERVED
- openvswitch <unfixed>
NOTE: https://www.openwall.com/lists/oss-security/2022/12/20/2
NOTE: https://mail.openvswitch.org/pipermail/ovs-dev/2022-December/400596.html
+ NOTE: https://github.com/openvswitch/ovs/pull/405
+ NOTE: Introduced by: https://github.com/openvswitch/ovs/commit/be53a5c447c3ed77ef2d4e1e09ea63de576b90e8 (v2.4.0)
+ NOTE: Fixed by: https://github.com/openvswitch/ovs/commit/7490f281f09a8455c48e19b0cf1b99ab758ee4f4
CVE-2022-4336 (In BAOTA linux panel there exists a stored xss vulnerability attackers ...)
NOT-FOR-US: BAOTA linux panel
CVE-2022-4335
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76631ff0230a978bbb1a33868e03d97665b9702c
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/76631ff0230a978bbb1a33868e03d97665b9702c
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20221229/17a546e8/attachment.htm>
More information about the debian-security-tracker-commits
mailing list