CVE-2026-34956

CVSS v3.1

5.9

Medium

Vector

AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Name of the Vulnerable Software and Affected Versions Open vSwitch (affected versions not specified)

Description An issue exists in Open vSwitch related to invalid memory access within the conntrack FTP algorithm. Specifically, crafted FTP payloads can trigger invalid memory accesses, potentially leading to a denial of service and possible remote code execution. This impacts the userspace implementation of conntrack.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

DoS

RCE

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-120

Related Identifiers

CVE-2026-34956

OESA-2026-1871

OESA-2026-1872

OESA-2026-1960

OESA-2026-1961

OESA-2026-1962

OESA-2026-2063

OPENSUSE-SU-2026:10534-1

SUSE-SU-2026:1439-1

SUSE-SU-2026:1440-1

SUSE-SU-2026:1482-1

SUSE-SU-2026:21250-1

Affected Products

Openvswitch

CVE-2026-34956

Weakness Enumeration

Related Identifiers

Affected Products

References · 36