-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 ===================================================================== Red Hat Security Advisory Synopsis: Important: Red Hat OpenStack Platform 13.0 (openvswitch2.11) security update Advisory ID: RHSA-2022:7268-01 Product: Red Hat OpenStack Platform Advisory URL: https://access.redhat.com/errata/RHSA-2022:7268 Issue date: 2022-11-01 CVE Names: CVE-2022-2132 ===================================================================== 1. Summary: An update for openvswitch2.11 is now available for Red Hat OpenStack Platform 13 (Queens). Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section. 2. Relevant releases/architectures: Red Hat OpenStack Platform 13.0 - ELS - noarch, ppc64le, x86_64 3. Description: Security Fix(es): * DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs (CVE-2022-2132) For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page listed in the References section. 4. Solution: For details on how to apply this update, refer to: https://access.redhat.com/articles/11258 5. Bugs fixed (https://bugzilla.redhat.com/): 2099475 - CVE-2022-2132 dpdk: DoS when a Vhost header crosses more than two descriptors and exhausts all mbufs 6. Package List: Red Hat OpenStack Platform 13.0 - ELS: Source: openvswitch2.11-2.11.3-96.2.el7fdp.src.rpm ppc64le: openvswitch2.11-2.11.3-96.2.el7fdp.ppc64le.rpm openvswitch2.11-debuginfo-2.11.3-96.2.el7fdp.ppc64le.rpm openvswitch2.11-devel-2.11.3-96.2.el7fdp.ppc64le.rpm python-openvswitch2.11-2.11.3-96.2.el7fdp.ppc64le.rpm x86_64: openvswitch2.11-2.11.3-96.2.el7fdp.x86_64.rpm openvswitch2.11-debuginfo-2.11.3-96.2.el7fdp.x86_64.rpm openvswitch2.11-devel-2.11.3-96.2.el7fdp.x86_64.rpm python-openvswitch2.11-2.11.3-96.2.el7fdp.x86_64.rpm Red Hat OpenStack Platform 13.0 - ELS: noarch: openvswitch2.11-test-2.11.3-96.2.el7fdp.noarch.rpm These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/ 7. References: https://access.redhat.com/security/cve/CVE-2022-2132 https://access.redhat.com/security/updates/classification/#important 8. Contact: The Red Hat security contact is . More contact details at https://access.redhat.com/security/team/contact/ Copyright 2022 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIVAwUBY2EXQ9zjgjWX9erEAQgXJA//a9ABzUVg5uKXRRKpGwT3bq5X6eE4BIc/ IIM1aeu8+eB5NuRkA3YN4ax3CiwRBRu7vG8a0xC1Ci3nyEGL3mXiWrgli/QGOV5P TFsVjQckJpqA14VxlI5DxUdXaE2US5ZxQY2SEyQAjYgZ6FYbLDqoDVAayDZ58GuC w5u8JxXqPaGMJJa1EhjTnUnyO6TT+4zSUAPGF+3wycbZnlMYBENOFRNVCDVeISPx 7m5Ag8PmwYpnQR2PijcYlylXJT10LYcU2AdfZ+5QsehgEMnqQpXC6d0BKbSyM5gc oFtrblUrq16iivSLISXmjbDmASxsnJsfG95Gg4CDvX3BBlscsaPMv3UfltJls41u GfVjOpMUuz3BLJbrt3q5qpnoZJHQ2xIQf1l6OMT6uV37gg98DI7bwVcz2vhddKWU 7v1cLVbxuKcEs8rK01tPlhVFedt0xHQj/xHukPJwF9GbbpUGXRb3rFOZIhqxaEFO 5bwjriEXodk8IZ1OOyit6We9Eyv5Wdeb7MHFzPYX9PLz6TQltgzK5HT3IcMTSmBC mBdXaO4e7FV5BcLgRXcWokbHIb525ighA1DEuFfLNfL6j8g8LfxEbO6slezFI/zt UMJolhIlTubyFxLE+EroENhaSg2BVAxV6DIL1ja7XXRsJTGVb/jQ7ybl/xhKncCp 2CQMgWLKVWw= =hMkz -----END PGP SIGNATURE----- -- RHSA-announce mailing list RHSA-announce@redhat.com https://listman.redhat.com/mailman/listinfo/rhsa-announce