Copyright © 2012 Red Hat, Inc. All rights reserved. Moderate 2026-06-04T00:00:00 openvswitch: Open vSwitch: Denial of service via resource exhaustion due to missing upper-bound check 4.4 CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CWE-770

A missing upper-bound check in the udpif_set_threads() function of Open vSwitch v3.6.90 allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads. This can cause a denial of service (DoS) via resource exhaustion.

A flaw was found in Open vSwitch. A missing upper-bound check in udpif_set_threads() allows an attacker with OVSDB write access to request an excessive number of handler or revalidation threads, causing resource exhaustion and denial of service. Reported against Open vSwitch v3.6.90; affects deployments where OVSDB is writable by untrusted parties.

Open vSwitch is vulnerable to denial of service via resource exhaustion in udpif_set_threads() due to a missing upper-bound check on thread counts. An attacker with high privileges (OVSDB write access) can configure excessive handler or revalidation threads to exhaust system resources. CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (4.4). Affects FDP, OpenShift OVS RPMs, RHEL-7 ELS, and Fedora openvswitch packages. Restrict OVSDB write access to trusted administrators only. Do not expose OVSDB management interfaces to untrusted networks. Fast Datapath for RHEL 10 Fix deferred openvswitch3.5 Fast Datapath for RHEL 10 Fix deferred openvswitch3.6 Fast Datapath for RHEL 7 Fix deferred openvswitch Fast Datapath for RHEL 7 Fix deferred openvswitch2.10 Fast Datapath for RHEL 7 Fix deferred openvswitch2.11 Fast Datapath for RHEL 7 Fix deferred openvswitch2.12 Fast Datapath for RHEL 7 Fix deferred openvswitch2.13 Fast Datapath for RHEL 8 Fix deferred openvswitch2.11 Fast Datapath for RHEL 8 Fix deferred openvswitch2.12 Fast Datapath for RHEL 8 Fix deferred openvswitch2.13 Fast Datapath for RHEL 8 Fix deferred openvswitch2.15 Fast Datapath for RHEL 8 Fix deferred openvswitch2.16 Fast Datapath for RHEL 8 Fix deferred openvswitch2.17 Fast Datapath for RHEL 8 Fix deferred openvswitch3.1 Fast Datapath for RHEL 9 Fix deferred openvswitch2.17 Fast Datapath for RHEL 9 Fix deferred openvswitch3.0 Fast Datapath for RHEL 9 Fix deferred openvswitch3.1 Fast Datapath for RHEL 9 Fix deferred openvswitch3.2 Fast Datapath for RHEL 9 Fix deferred openvswitch3.3 Fast Datapath for RHEL 9 Fix deferred openvswitch3.4 Fast Datapath for RHEL 9 Fix deferred openvswitch3.5 Fast Datapath for RHEL 9 Fix deferred openvswitch3.6 Red Hat Enterprise Linux 7 Under investigation openvswitch Red Hat OpenShift Container Platform 4 Fix deferred openvswitch2.17 Red Hat OpenShift Container Platform 4 Fix deferred openvswitch3.0 Red Hat OpenShift Container Platform 4 Fix deferred openvswitch3.1 https://www.cve.org/CVERecord?id=CVE-2026-36499 https://nvd.nist.gov/vuln/detail/CVE-2026-36499 http://open.com https://github.com/majdlatah/OVS-Other-Config-Bug