DEBIAN-CVE-2022-32166

DEBIAN-CVE-2022-32166 PUBLISHED CVSS 6.099999904632568 MEDIUM

In ovs versions v0.90.0 through v2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of “minimasks” function could lead access to an unmapped region of memory. This vulnerability is capable of crashing the software, memory modification, and possible remote execution.

Risk Scores

CVSS v3.1

6.099999904632568

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Affected Products

Vendor	Product	Versions
Debian:13	openvswitch	0, 0, 0
Debian:11	openvswitch	0, 0, 0
Debian:14	openvswitch	0, 0, 0
Debian:12	openvswitch	0, 0, 0

Timeline

Sep 28, 2022 CVE Published
Apr 28, 2026 CVE Updated

References

https://security-tracker.debian.org/tracker/CVE-2022-32166 advisory

Open in Interactive Console →