Skip to navigation Skip to main content

Utilities

  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
Red Hat Customer Portal
  • Subscriptions
  • Downloads
  • Containers
  • Support Cases
  • Products & Services

    Products

    Support

    • Production Support
    • Development Support
    • Product Life Cycles

    Services

    • Consulting
    • Technical Account Management
    • Training & Certifications

    Documentation

    • Red Hat Enterprise Linux
    • Red Hat JBoss Enterprise Application Platform
    • Red Hat OpenStack Platform
    • Red Hat OpenShift Container Platform
    All Documentation

    Ecosystem Catalog

    • Red Hat Partner Ecosystem
    • Partner Resources
  • Tools

    Tools

    • Troubleshoot a product issue
    • Packages
    • Errata

    Customer Portal Labs

    • Configuration
    • Deployment
    • Security
    • Troubleshoot
    All labs

    Red Hat Insights

    Increase visibility into IT operations to detect and resolve technical issues before they impact your business.

    Learn More
    Go to Insights
  • Security

    Red Hat Product Security Center

    Engage with our Red Hat Product Security team, access security updates, and ensure your environments are not exposed to any known security vulnerabilities.

    Product Security Center

    Security Updates

    • Security Advisories
    • Red Hat CVE Database
    • Security Labs

    Keep your systems secure with Red Hat's specialized responses to security vulnerabilities.

    View Responses

    Resources

    • Security Blog
    • Security Measurement
    • Severity Ratings
    • Backporting Policies
    • Product Signing (GPG) Keys
  • Community

    Customer Portal Community

    • Discussions
    • Private Groups
    Community Activity

    Customer Events

    • Red Hat Convergence
    • Red Hat Summit

    Stories

    • Red Hat Subscription Value
    • You Asked. We Acted.
    • Open Source Communities
Or troubleshoot an issue.

Select Your Language

  • English
  • 한국어
  • 日本語
  • 中文 (中国)

Infrastructure and Management

  • Red Hat Enterprise Linux
  • Red Hat Virtualization
  • Red Hat Identity Management
  • Red Hat Directory Server
  • Red Hat Certificate System
  • Red Hat Satellite
  • Red Hat Subscription Management
  • Red Hat Update Infrastructure
  • Red Hat Insights
  • Red Hat Ansible Automation Platform

Cloud Computing

  • Red Hat OpenShift
  • Red Hat CloudForms
  • Red Hat OpenStack Platform
  • Red Hat OpenShift Container Platform
  • Red Hat OpenShift Data Science
  • Red Hat OpenShift Online
  • Red Hat OpenShift Dedicated
  • Red Hat Advanced Cluster Security for Kubernetes
  • Red Hat Advanced Cluster Management for Kubernetes
  • Red Hat Quay
  • Red Hat CodeReady Workspaces
  • Red Hat OpenShift Service on AWS

Storage

  • Red Hat Gluster Storage
  • Red Hat Hyperconverged Infrastructure
  • Red Hat Ceph Storage
  • Red Hat OpenShift Data Foundation

Runtimes

  • Red Hat Runtimes
  • Red Hat JBoss Enterprise Application Platform
  • Red Hat Data Grid
  • Red Hat JBoss Web Server
  • Red Hat Single Sign On
  • Red Hat support for Spring Boot
  • Red Hat build of Node.js
  • Red Hat build of Thorntail
  • Red Hat build of Eclipse Vert.x
  • Red Hat build of OpenJDK
  • Red Hat build of Quarkus

Integration and Automation

  • Red Hat Integration
  • Red Hat Fuse
  • Red Hat AMQ
  • Red Hat 3scale API Management
  • Red Hat JBoss Data Virtualization
  • Red Hat Process Automation
  • Red Hat Process Automation Manager
  • Red Hat Decision Manager
All Products
Red Hat Product Errata RHSA-2020:2298 - Security Advisory
Issued:
2020-05-26
Updated:
2020-05-26

RHSA-2020:2298 - Security Advisory

  • Overview
  • Updated Packages

Synopsis

Moderate: openvswitch security, bug fix and enhancement update

Type/Severity

Security Advisory: Moderate

Red Hat Insights patch analysis

Identify and remediate systems affected by this advisory.

View affected systems

Topic

An update for openvswitch is now available in Fast Datapath for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Description

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

  • dpdk: librte_vhost Interger overflow in vhost_user_set_log_base() (CVE-2020-10722)
  • dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair() (CVE-2020-10723)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Bug Fix(es):

  • OVS causing high pings and latency inside guest VM when an active DPDK port fails (BZ#1822198)
  • SEGV after recirculation in batch processing in vswitchd 2.9.0 (BZ#1826886)

Solution

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Affected Products

  • Red Hat Enterprise Linux Fast Datapath 7 x86_64
  • Red Hat Virtualization - Extended Update Support 4.2 for RHEL 7.6 x86_64
  • Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7 ppc64le
  • Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 7 s390x

Fixes

  • BZ - 1822198 - OVS causing high pings and latency inside guest VM when an active DPDK port fails
  • BZ - 1826886 - SEGV after recirculation in batch processing in vswitchd 2.9.0
  • BZ - 1828867 - CVE-2020-10722 dpdk: librte_vhost Interger overflow in vhost_user_set_log_base()
  • BZ - 1828874 - CVE-2020-10723 dpdk: librte_vhost Integer truncation in vhost_user_check_and_alloc_queue_pair()

CVEs

  • CVE-2020-10722
  • CVE-2020-10723

References

  • https://access.redhat.com/security/updates/classification/#moderate
Note: More recent versions of these packages may be available. Click a package name for more details.

Red Hat Enterprise Linux Fast Datapath 7

SRPM
openvswitch-2.9.0-130.el7fdp.src.rpm SHA-256: 32bee9af036303fcba5ec929fbeb682c2c0620bf0db6634592a4970f0bd52dd1
x86_64
openvswitch-2.9.0-130.el7fdp.x86_64.rpm SHA-256: c15c5f0ad1b7c61df19e2759be11852b0053f4c176a08842800cb47fe1e336cb
openvswitch-debuginfo-2.9.0-130.el7fdp.x86_64.rpm SHA-256: f739e4b4f66759e69cd97cb4c2b7336b49a8663e8e7d37c3489e91d5e7186cd2
openvswitch-devel-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 62f000c3dacca54d3fd7d2ab0f36824adcade71ffabb4c2a63f8be57af42a56b
openvswitch-ovn-central-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 8584e994ff8230bdcdffff4bd46a4015fc4280bdd7cac8a61b530696ee875c4b
openvswitch-ovn-common-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 431a5b708a9536d070940558423474e1e6dcb6f00262b76b68b108e93f08283b
openvswitch-ovn-host-2.9.0-130.el7fdp.x86_64.rpm SHA-256: e75d53e03f790fd811f5a8cf03e47e05232952c633a0d7f61207e41359a61623
openvswitch-ovn-vtep-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 713caa476ece58074b58ee5954f1ae337f37f2530e16ba9e71bb215db48e194e
openvswitch-test-2.9.0-130.el7fdp.noarch.rpm SHA-256: de79d26fb8614bd2608125ce7e5dd0146dee2e5e5c98ca46ecd11c1ee531a3ea
python-openvswitch-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 66b9aef348b5607ef966d52cf1e7605850044bb8a3fc4f5a5fa5592782c3300f

Red Hat Virtualization - Extended Update Support 4.2 for RHEL 7.6

SRPM
openvswitch-2.9.0-130.el7fdp.src.rpm SHA-256: 32bee9af036303fcba5ec929fbeb682c2c0620bf0db6634592a4970f0bd52dd1
x86_64
openvswitch-2.9.0-130.el7fdp.x86_64.rpm SHA-256: c15c5f0ad1b7c61df19e2759be11852b0053f4c176a08842800cb47fe1e336cb
openvswitch-debuginfo-2.9.0-130.el7fdp.x86_64.rpm SHA-256: f739e4b4f66759e69cd97cb4c2b7336b49a8663e8e7d37c3489e91d5e7186cd2
openvswitch-devel-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 62f000c3dacca54d3fd7d2ab0f36824adcade71ffabb4c2a63f8be57af42a56b
openvswitch-ovn-common-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 431a5b708a9536d070940558423474e1e6dcb6f00262b76b68b108e93f08283b
openvswitch-ovn-host-2.9.0-130.el7fdp.x86_64.rpm SHA-256: e75d53e03f790fd811f5a8cf03e47e05232952c633a0d7f61207e41359a61623
python-openvswitch-2.9.0-130.el7fdp.x86_64.rpm SHA-256: 66b9aef348b5607ef966d52cf1e7605850044bb8a3fc4f5a5fa5592782c3300f

Red Hat Enterprise Linux Fast Datapath (for RHEL Server for IBM Power LE) 7

SRPM
openvswitch-2.9.0-130.el7fdp.src.rpm SHA-256: 32bee9af036303fcba5ec929fbeb682c2c0620bf0db6634592a4970f0bd52dd1
ppc64le
openvswitch-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: ca2d102b53a5ef91e1a9807910e6d9edcd19852bc343583adf6806accb862f3a
openvswitch-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: ca2d102b53a5ef91e1a9807910e6d9edcd19852bc343583adf6806accb862f3a
openvswitch-debuginfo-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: a1a9233014184d914f07f807c0924c7d20b8edbcfbff344ad167a5e40a65ee15
openvswitch-debuginfo-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: a1a9233014184d914f07f807c0924c7d20b8edbcfbff344ad167a5e40a65ee15
openvswitch-devel-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: 92874ffb6e989f18db52bdf0a7ae0536115a771643581cb77f323dcb3733f88d
openvswitch-devel-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: 92874ffb6e989f18db52bdf0a7ae0536115a771643581cb77f323dcb3733f88d
openvswitch-ovn-central-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: d9e0300fcbe117812af4b9810807ab9511964d28880f303cf5093482be934e0f
openvswitch-ovn-central-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: d9e0300fcbe117812af4b9810807ab9511964d28880f303cf5093482be934e0f
openvswitch-ovn-common-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: eb28256f3c0881fe9af5b4f895ccdfde51987d91815bb381f43a41284a3f4ddf
openvswitch-ovn-common-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: eb28256f3c0881fe9af5b4f895ccdfde51987d91815bb381f43a41284a3f4ddf
openvswitch-ovn-host-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: 98bec638d79b35447b38b3d1360b2d2bef093b4e3c7ffbb4544f02fd8e5dde7a
openvswitch-ovn-host-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: 98bec638d79b35447b38b3d1360b2d2bef093b4e3c7ffbb4544f02fd8e5dde7a
openvswitch-ovn-vtep-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: 9daef6d819b02d34a5b4e479a8d9623104641015f89565e0571373d85f225464
openvswitch-ovn-vtep-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: 9daef6d819b02d34a5b4e479a8d9623104641015f89565e0571373d85f225464
openvswitch-test-2.9.0-130.el7fdp.noarch.rpm SHA-256: de79d26fb8614bd2608125ce7e5dd0146dee2e5e5c98ca46ecd11c1ee531a3ea
openvswitch-test-2.9.0-130.el7fdp.noarch.rpm SHA-256: de79d26fb8614bd2608125ce7e5dd0146dee2e5e5c98ca46ecd11c1ee531a3ea
python-openvswitch-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: cb376293f82fb52498e0b423b5f3ebfef667be008334f682ebb1634c56c5721c
python-openvswitch-2.9.0-130.el7fdp.ppc64le.rpm SHA-256: cb376293f82fb52498e0b423b5f3ebfef667be008334f682ebb1634c56c5721c

Red Hat Enterprise Linux Fast Datapath (for IBM z Systems) 7

SRPM
openvswitch-2.9.0-130.el7fdp.src.rpm SHA-256: 32bee9af036303fcba5ec929fbeb682c2c0620bf0db6634592a4970f0bd52dd1
s390x
openvswitch-2.9.0-130.el7fdp.s390x.rpm SHA-256: 8e555f8f41c8f56e24881e60c3e0553c880b15863c5819fc076198532dfad143
openvswitch-debuginfo-2.9.0-130.el7fdp.s390x.rpm SHA-256: e29b602d1b1ecfc0be3354880b4bcce29a6a39b75fca7c1e49a6daeff3711b00
openvswitch-devel-2.9.0-130.el7fdp.s390x.rpm SHA-256: d7250197de219683db25d77bbb8bbe1a703235333ce5fc4877464268e3bacb44
openvswitch-ovn-central-2.9.0-130.el7fdp.s390x.rpm SHA-256: f3b24ec7ebe55b043b3800080fa1b7b465c8151100b2cfbb7c28d1e35fcf3067
openvswitch-ovn-common-2.9.0-130.el7fdp.s390x.rpm SHA-256: 37f25f35e9abe4f841b792f8c652cf9b04f9f19303536f5b14a0cd5e7e35d562
openvswitch-ovn-host-2.9.0-130.el7fdp.s390x.rpm SHA-256: 379a8a1848e42131b17cca43eda4b1c675a5b0f0783c9407c61f4c5d9cbe566e
openvswitch-ovn-vtep-2.9.0-130.el7fdp.s390x.rpm SHA-256: 932ef8c8c64acc8581c921c7bb39f15f7a1bbef38701b529ef15189a8a0f7d4a
openvswitch-test-2.9.0-130.el7fdp.noarch.rpm SHA-256: de79d26fb8614bd2608125ce7e5dd0146dee2e5e5c98ca46ecd11c1ee531a3ea
python-openvswitch-2.9.0-130.el7fdp.s390x.rpm SHA-256: 549bee2a56467663b713b0adc3055b9f74fbf7694be1e3c774736dafbd8deabe

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/.

Red Hat

Quick Links

  • Downloads
  • Subscriptions
  • Support Cases
  • Customer Service
  • Product Documentation

Help

  • Contact Us
  • Customer Portal FAQ
  • Log-in Assistance

Site Info

  • Trust Red Hat
  • Browser Support Policy
  • Accessibility
  • Awards and Recognition
  • Colophon

Related Sites

  • redhat.com
  • developers.redhat.com
  • connect.redhat.com
  • cloud.redhat.com

About

  • Red Hat Subscription Value
  • About Red Hat
  • Red Hat Jobs
Copyright © 2022 Red Hat, Inc.
  • Privacy Statement
  • Customer Portal Terms of Use
  • All Policies and Guidelines
Red Hat Summit
Twitter