CVE-2021-3905
N/A
N/A
Summary
A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.
Affected Software
| Vendor | Product | Version Range | Status |
|---|---|---|---|
| n/a | openvswitch (ovs) | Fixed in v2.17.0 | affected |
Weaknesses
- CWE-401: CWE-401 - Missing Release of Memory after Effective Lifetime
ADP Enrichment
CVE Program Container
Additional References
- https://bugzilla.redhat.com/show_bug.cgi?id=2019692
- https://access.redhat.com/security/cve/CVE-2021-3905
- https://ubuntu.com/security/CVE-2021-3905
- https://github.com/openvswitch/ovs-issues/issues/226
- https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349
- https://security.gentoo.org/glsa/202311-16
References
- https://bugzilla.redhat.com/show_bug.cgi?id=2019692
- https://access.redhat.com/security/cve/CVE-2021-3905
- https://ubuntu.com/security/CVE-2021-3905
- https://github.com/openvswitch/ovs-issues/issues/226
- https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349
- https://security.gentoo.org/glsa/202311-16
Feedback
Was this page helpful?
Glad to hear it! Please tell us how we can improve.
Sorry to hear that. Please tell us how we can improve.