CVE-2022-2529

Name of the Vulnerable Software and Affected Versions sflow decode package versions prior to 3.4.4

Description The issue is related to insufficient packet sanitization in the sflow decode package, which can lead to a denial of service attack. Attackers can craft malformed packets, causing the process to consume large amounts of memory and resulting in a denial of service.

Recommendations For versions prior to 3.4.4, update to version 3.4.4 to resolve the issue. As a temporary workaround, consider restricting public access to the goflow collector to minimize the risk of exploitation.