PT-2022-4152 · Linux+9 · Openvswitch+9

Tej Rathi

·

Published

2021-02-16

·

Updated

2025-12-08

·

CVE-2022-2639

CVSS v3.1

7.8

High

VectorAV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Name of the Vulnerable Software and Affected Versions Linux kernel openvswitch (affected versions not specified)
Description The issue is related to an integer coercion error in the openvswitch kernel module, specifically in the reserve sfa size() function. This error can lead to an out-of-bounds write access when a sufficiently large number of actions are performed while copying and reserving memory for a new action of a new flow. The function does not return -EMSGSIZE as expected, potentially allowing a local user to crash the system or escalate their privileges.
Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Exploit

Memory Corruption

Integer Underflow

Found an issue in the description? Have something to add? Feel free to write us 👾
dbugs@ptsecurity.com

Weakness Enumeration

CWE-787CWE-192CWE-191CWE-681

Related Identifiers

ALSA-2021_0558
ALSA-2021_1578
ALSA-2021_2714
ALSA-2021_3057
ALSA-2021_3447
ALSA-2021_3548
ALSA-2021_4056
ALSA-2021_4356
ALSA-2021_4647
ALSA-2021_5227
ALSA-2022:7444
ALSA-2022:7683
ALSA-2022:7933
ALSA-2022:8267
ALSA-2022_0188
ALSA-2022_0267
ALSA-2022_0825
ALSA-2022_1550
ALSA-2022_1988
ALSA-2022_5249
ALSA-2022_5267
ALSA-2022_5316
ALSA-2022_5344
ALSA-2022_5564
ALSA-2022_5565
ALSA-2022_6002
ALSA-2022_6003
ALSA-2022_6437
ALSA-2022_6460
ALSA-2022_6582
ALSA-2022_6610
ALSA-2022_7110
ALSA-2022_7134
ALSA-2022_7318
ALSA-2022_7319
ALSA-2023_0101
ALSA-2023_0114
ALSA-2023_0300
ALSA-2023_0334
ALSA-2023_0832
ALSA-2023_0854
ALSA-2023_0951
ALSA-2023_0979
ALSA-2023_1469
ALSA-2023_1470
ALSA-2023_1566
ALSA-2023_1584
ALSA-2023_1691
ALSA-2023_1703
ALSA-2023_4377
ALSA-2023_4378
ALSA-2023_4517
ALSA-2023_4541
ALSA-2023_7077
ALSA-2023_7549
ALSA-2024_0897
ALSA-2024_1607
ALSA-2024_2394
ALSA-2024_2950
ALSA-2024_3138
ALSA-2024_5101
ALSA-2024_5102
ALSA-2024_5928
ALSA-2024_6997
ALSA-2024_7000
ALSA-2024_7001
ALSA-2024_8162
ALSA-2024_8856
ALSA-2024_8870
ALSA-2025_12746
ALSA-2025_12752
ALSA-2025_12753
ALSA-2025_15471
ALSA-2025_15472
ALSA-2025_15661
ALSA-2025_16880
ALSA-2025_22387
ALSA-2025_22388
ALSA-2025_22405
ALSA-2025_22800
ALSA-2025_22801
ALSA-2025_8333
ALT-PU-2022-1797
ALT-PU-2022-1810
ALT-PU-2022-1823
ALT-PU-2022-1824
ALT-PU-2022-1826
ALT-PU-2022-1830
ALT-PU-2022-1833
ALT-PU-2022-1853
ALT-PU-2022-1873
ALT-PU-2022-1880
ALT-PU-2022-1881
ALT-PU-2022-1907
ALT-PU-2022-2052
ALT-PU-2022-2152
ALT-PU-2022-2155
ALT-PU-2022-2344
ALT-PU-2023-4894
BDU:2022-04995
CESA-2022_7444
CESA-2022_7683
CVE-2022-2639
ELSA-2022-10065
ELSA-2022-7683
ELSA-2022-8267
OESA-2022-1824
OESA-2024-1384
OPENSUSE-SU-2022_2875-1
OPENSUSE-SU-2022_3288-1
OPENSUSE-SU-2022_3293-1
OPENSUSE-SU-2022_3408-1
OPENSUSE-SU-2022_3609-1
OPENSUSE-SU-2022_4617-1
RHSA-2022:7444
RHSA-2022:7683
RHSA-2022:7933
RHSA-2022:8267
RHSA-2022:8765
RHSA-2022:8767
RHSA-2022:8768
RHSA-2022:8809
RHSA-2022:8831
RHSA-2022:8940
RHSA-2022:8941
RHSA-2022:8973
RHSA-2022:8974
RHSA-2022:8989
RHSA-2022:9082
RHSA-2022_7444
RHSA-2022_7683
RHSA-2022_7933
RHSA-2022_8267
RHSA-2023:0058
RHSA-2023:0059
RLSA-2022:7444
RLSA-2022:7683
RLSA-2022_7444
RLSA-2022_7683
SUSE-SU-2022:2875-1
SUSE-SU-2022:2875-2
SUSE-SU-2022:2892-1
SUSE-SU-2022:2892-2
SUSE-SU-2022:2910-1
SUSE-SU-2022:3265-1
SUSE-SU-2022:3274-1
SUSE-SU-2022:3282-1
SUSE-SU-2022:3288-1
SUSE-SU-2022:3291-1
SUSE-SU-2022:3293-1
SUSE-SU-2022:3408-1
SUSE-SU-2022:3450-1
SUSE-SU-2022:3609-1
SUSE-SU-2022:4617-1
SUSE-SU-2022_2892-1
SUSE-SU-2022_3265-1
SUSE-SU-2022_3274-1
SUSE-SU-2022_3282-1
USN-5650-1

Affected Products

Alt Linux
Almalinux
Astra Linux
Centos
Red Hat
Red Os
Rocky Linux
Suse
Ubuntu
Openvswitch