CVE-2019-25076

The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 45%
VendorProductVersion
openvswitchopenvswitch
2.0.0 ≤
𝑥
≤ 2.17.2
openvswitchopenvswitch
3.0.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openvswitch
bullseye (security)
vulnerable
bullseye
no-dsa
bookworm
no-dsa
buster
no-dsa
bookworm (security)
vulnerable
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openvswitch
noble
deferred
mantic
ignored
lunar
ignored
kinetic
ignored
jammy
deferred
focal
deferred
bionic
deferred
xenial
deferred
trusty
ignored
References
https://arxiv.org/abs/2011.09107
https://dl.acm.org/citation.cfm?doid=3359989.3365431
https://sites.google.com/view/tuple-space-explosion
https://www.youtube.com/watch?v=5cHpzVK0D28
https://www.youtube.com/watch?v=DSC3m-Bww64
https://arxiv.org/abs/2011.09107
https://dl.acm.org/citation.cfm?doid=3359989.3365431
https://sites.google.com/view/tuple-space-explosion
https://www.youtube.com/watch?v=5cHpzVK0D28
https://www.youtube.com/watch?v=DSC3m-Bww64