Bugzilla – Bug 1192289
VUL-0: CVE-2021-3905: openvswitch: External triggered memory leak in Open vSwitch while processing fragmented packets
Last modified: 2021-11-05 08:14:59 UTC
A vulnerability was found in Openvswitch where a memory leak exists during userspace ip fragmentation processing which causes OpenvSwitch to leak packet buffers.
Commit introducing the vulnerability 
Upstream fix commit 
The commit introducing the bug is a patch for another recent bug that has no CVE assigned, and that is absent from every codestreams. Therefore, none of the SLE codestreams are affected.
openSUSE is also not affected.
Okay, can this be closed then?
Closing, see comment 2 and comment 1. In case we are supposed to do something, please let us know.
And of course: Thanks Thomas for the analysis!
Sorry for the late answer Petr. I asked to the project maintainers if the bug patched by  was security relevant, and the answer is no. So closing was fine!
I rather meant: comment 1 and comment 2 indicates that no our code stream is affected.