CVE-2019-25076

EUVD-2019-11518
The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x through 2.17.2 and 3.0.0 allows remote attackers to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.8 MEDIUM
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L
Base Score
CVSS 3.x
EPSS Score
Percentile: 71%
Affected Products (NVD)
VendorProductVersion
openvswitchopenvswitch
2.0.0 ≤
𝑥
≤ 2.17.2
openvswitchopenvswitch
3.0.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openvswitch
bookworm
no-dsa
bookworm (security)
vulnerable
bullseye
no-dsa
bullseye (security)
vulnerable
buster
no-dsa
sid
vulnerable
trixie
vulnerable
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openvswitch
bionic
deferred
focal
deferred
jammy
deferred
kinetic
ignored
lunar
ignored
mantic
ignored
noble
deferred
trusty
ignored
xenial
deferred
References
https://arxiv.org/abs/2011.09107
https://dl.acm.org/citation.cfm?doid=3359989.3365431
https://sites.google.com/view/tuple-space-explosion
https://www.youtube.com/watch?v=5cHpzVK0D28
https://www.youtube.com/watch?v=DSC3m-Bww64
https://arxiv.org/abs/2011.09107
https://dl.acm.org/citation.cfm?doid=3359989.3365431
https://sites.google.com/view/tuple-space-explosion
https://www.youtube.com/watch?v=5cHpzVK0D28
https://www.youtube.com/watch?v=DSC3m-Bww64