Bug 1192289 - (CVE-2021-3905) VUL-0: CVE-2021-3905: openvswitch: External triggered memory leak in Open vSwitch while processing fragmented packets
VUL-0: CVE-2021-3905: openvswitch: External triggered memory leak in Open vSw...
Classification: Novell Products
Product: SUSE Security Incidents
Classification: Novell Products
Component: Incidents
Other Other
: P3 - Medium : Normal
: ---
Assigned To: package coldpool
Security Team bot
Depends on:
  Show dependency treegraph
Reported: 2021-11-03 10:50 UTC by Thomas Leroy
Modified: 2021-11-05 08:14 UTC (History)
3 users (show)

See Also:
Found By: Security Response Team
Services Priority:
Business Priority:
Blocker: ---
Marketing QA Status: ---
IT Deployment: ---


Note You need to log in before you can comment on or make changes to this bug.
Description Thomas Leroy 2021-11-03 10:50:13 UTC

A vulnerability was found in Openvswitch where a memory leak exists during userspace ip fragmentation processing which causes OpenvSwitch to leak packet buffers.

Commit introducing the vulnerability [0]
Upstream fix commit [1]

[0] https://github.com/openvswitch/ovs/commit/640d4db788eda96bb904abcfc7de2327107bafe1
[1] https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349


Comment 1 Thomas Leroy 2021-11-03 14:02:50 UTC
The commit introducing the bug is a patch for another recent bug that has no CVE assigned, and that is absent from every codestreams. Therefore, none of the SLE codestreams are affected.
Comment 2 Thomas Leroy 2021-11-03 15:00:21 UTC
openSUSE is also not affected.
Comment 3 Petr Gajdos 2021-11-03 15:59:52 UTC
Okay, can this be closed then?
Comment 4 Petr Gajdos 2021-11-04 11:23:43 UTC
Closing, see comment 2 and comment 1. In case we are supposed to do something, please let us know.
Comment 5 Petr Gajdos 2021-11-04 11:39:57 UTC
And of course: Thanks Thomas for the analysis!
Comment 6 Thomas Leroy 2021-11-04 16:13:50 UTC
Sorry for the late answer Petr. I asked to the project maintainers if the bug patched by [0] was security relevant, and the answer is no. So closing was fine!
Comment 7 Petr Gajdos 2021-11-05 08:14:59 UTC
I rather meant: comment 1 and comment 2 indicates that no our code stream is affected.