ovs@2.6.0.dev1 vulnerabilities

Open vSwitch library

Known vulnerabilities in the ovs package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Vulnerability	Vulnerable Version
C Denial of Service (DoS) `ovs` is Open vSwitch library. Affected versions of the package are vulnerable to Denial of Service (DoS). In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be triggered remotely. How to fix Denial of Service (DoS)? Upgrade `ovs` to version 2.7.2 or higher.	[,2.7.2)
C Denial of Service (DoS) `ovs` is Open vSwitch library. Affected versions of the package are vulnerable to Denial of Service (DoS). In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. How to fix Denial of Service (DoS)? Upgrade `ovs` to version 2.7.1 or higher.	[,2.7.1)
C Denial of Service (DoS) `ovs` is Open vSwitch library. Affected versions of the package are vulnerable to Denial of Service (DoS). In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`. How to fix Denial of Service (DoS)? Upgrade `ovs` to version 2.7.2 or higher.	[,2.7.2)