Published: 08/09/2022 Updated: 13/09/2022

CVSS v3 Base Score: 5.8 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 0

The TSS (Tuple Space Search) algorithm in Open vSwitch 2.x up to and including 2.17.2 and 3.0.0 allows remote malicious users to cause a denial of service (delays of legitimate traffic) via crafted packet data that requires excessive evaluation time within the packet classification algorithm for the MegaFlow cache, aka a Tuple Space Explosion (TSE) attack.

Vulnerable Product	Search on Vulmon	Subscribe to Product
openvswitch openvswitch 3.0.0
openvswitch openvswitch

Debian Bug report logs - #1021740 openvswitch: CVE-2019-25076 Package: src:openvswitch; Maintainer for src:openvswitch is Debian OpenStack <team+openstack@trackerdebianorg>; Reported by: Moritz Mühlenhoff <jmm@inutilorg> Date: Thu, 13 Oct 2022 19:21:04 UTC Severity: important Tags: security, upstream Reply ...

NVD-CWE-noinfo https://arxiv.org/abs/2011.09107 https://www.youtube.com/watch?v=DSC3m-Bww64 https://www.youtube.com/watch?v=5cHpzVK0D28 https://sites.google.com/view/tuple-space-explosion https://dl.acm.org/citation.cfm?doid=3359989.3365431 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1021740 https://nvd.nist.gov

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2019-25076

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect