{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"state": "PUBLISHED", "cveId": "CVE-2021-3905", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "dateUpdated": "2024-08-03T17:09:09.615Z", "dateReserved": "2021-10-26T00:00:00", "datePublished": "2022-08-23T00:00:00"}, "containers": {"cna": {"providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2023-11-26T11:06:13.552890"}, "descriptions": [{"lang": "en", "value": "A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments."}], "affected": [{"vendor": "n/a", "product": "openvswitch (ovs)", "versions": [{"version": "Fixed in v2.17.0", "status": "affected"}]}], "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019692"}, {"url": "https://access.redhat.com/security/cve/CVE-2021-3905"}, {"url": "https://ubuntu.com/security/CVE-2021-3905"}, {"url": "https://github.com/openvswitch/ovs-issues/issues/226"}, {"url": "https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349"}, {"name": "GLSA-202311-16", "tags": ["vendor-advisory"], "url": "https://security.gentoo.org/glsa/202311-16"}], "problemTypes": [{"descriptions": [{"type": "CWE", "lang": "en", "description": "CWE-401 - Missing Release of Memory after Effective Lifetime", "cweId": "CWE-401"}]}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-03T17:09:09.615Z"}, "title": "CVE Program Container", "references": [{"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019692", "tags": ["x_transferred"]}, {"url": "https://access.redhat.com/security/cve/CVE-2021-3905", "tags": ["x_transferred"]}, {"url": "https://ubuntu.com/security/CVE-2021-3905", "tags": ["x_transferred"]}, {"url": "https://github.com/openvswitch/ovs-issues/issues/226", "tags": ["x_transferred"]}, {"url": "https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349", "tags": ["x_transferred"]}, {"name": "GLSA-202311-16", "tags": ["vendor-advisory", "x_transferred"], "url": "https://security.gentoo.org/glsa/202311-16"}]}]}}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "59369EE4-B970-4222-AA4E-276928B1016B", "versionEndExcluding": "2.17.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:enterprise_linux_fast_datapath:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "559A4609-EC7E-40CD-9165-5DA68CBCEE9B", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:enterprise_linux_fast_datapath:8.0:*:*:*:*:*:*:*", "matchCriteriaId": "BAE5723C-165D-4427-A8DF-82662A2E7A9F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:21.10:*:*:*:*:*:*:*", "matchCriteriaId": "AAE4D2D0-CEEB-416F-8BC5-A7987DF56190", "vulnerable": true}, {"criteria": "cpe:2.3:o:fedoraproject:fedora:35:*:*:*:*:*:*:*", "matchCriteriaId": "80E516C0-98A4-4ADE-B69F-66A772E2BAAA", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments."}, {"lang": "es", "value": "Se ha encontrado una p\u00e9rdida de memoria en Open vSwitch (OVS) durante el procesamiento de la fragmentaci\u00f3n IP en el espacio de usuario. Un atacante podr\u00eda usar este fallo para agotar potencialmente la memoria disponible al seguir enviando fragmentos de paquetes."}], "id": "CVE-2021-3905", "lastModified": "2024-11-21T06:22:44.723", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2022-08-23T16:15:10.177", "references": [{"source": "secalert@redhat.com", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2021-3905"}, {"source": "secalert@redhat.com", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019692"}, {"source": "secalert@redhat.com", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/openvswitch/ovs-issues/issues/226"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/202311-16"}, {"source": "secalert@redhat.com", "tags": ["Patch", "Third Party Advisory"], "url": "https://ubuntu.com/security/CVE-2021-3905"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/security/cve/CVE-2021-3905"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019692"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Exploit", "Issue Tracking", "Patch", "Third Party Advisory"], "url": "https://github.com/openvswitch/ovs-issues/issues/226"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/openvswitch/ovs/commit/803ed12e31b0377c37d7aa8c94b3b92f2081e349"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://security.gentoo.org/glsa/202311-16"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Patch", "Third Party Advisory"], "url": "https://ubuntu.com/security/CVE-2021-3905"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-401"}], "source": "secalert@redhat.com", "type": "Secondary"}, {"description": [{"lang": "en", "value": "CWE-401"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHBA-2022:0051", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package": "openvswitch2.13-0:2.13.0-139.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2022-01-10T00:00:00Z"}, {"advisory": "RHBA-2022:0052", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package": "openvswitch2.15-0:2.15.0-55.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2022-01-10T00:00:00Z"}, {"advisory": "RHBA-2022:5792", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package": "openvswitch2.16-0:2.16.0-86.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2022-08-01T00:00:00Z"}], "bugzilla": {"description": "openvswitch: External triggered memory leak in Open vSwitch while processing fragmented packets", "id": "2019692", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2019692"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-401", "details": ["A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments.", "A memory leak was found in Open vSwitch (OVS) during userspace IP fragmentation processing. An attacker could use this flaw to potentially exhaust available memory by keeping sending packet fragments."], "name": "CVE-2021-3905", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Will not fix", "package_name": "openvswitch2.13", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "openvswitch", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openvswitch2.13", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openvswitch2.15", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Will not fix", "package_name": "openvswitch2.16", "product_name": "Red Hat OpenShift Container Platform 4"}, {"cpe": "cpe:/a:redhat:openstack:10", "fix_state": "Not affected", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 10 (Newton)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:13", "fix_state": "Not affected", "package_name": "rhosp-openvswitch", "product_name": "Red Hat OpenStack Platform 13 (Queens)"}, {"cpe": "cpe:/a:redhat:openstack:16.1", "fix_state": "Not affected", "package_name": "rhosp-openvswitch", "product_name": "Red Hat OpenStack Platform 16.1"}, {"cpe": "cpe:/a:redhat:openstack:16.2", "fix_state": "Not affected", "package_name": "rhosp-openvswitch", "product_name": "Red Hat OpenStack Platform 16.2"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Red Hat Virtualization 4"}], "public_date": "2021-09-29T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2021-3905\nhttps://nvd.nist.gov/vuln/detail/CVE-2021-3905"], "statement": "Red Hat Enterprise Linux 7 provides the `openvswitch` package only through the unsupported Optional repository. Customers are advised to install Open vSwitch (OVS) from RHEL Fast Datapath instead.\nRed Hat OpenStack Platform deployments are not affected because they use OVS/OVN directly from the Fast Datapath channel. Any updates will be distributed through that channel.", "threat_severity": "Moderate", "upstream_fix": "openvswitch 2.12"}