Security update for openvswitch SUSE Patch security@suse.de SUSE Security Team SUSE-SU-2026:0660-1 Final 1 1 2026-02-26T15:09:19Z current 2026-02-26T15:09:19Z 2026-02-26T15:09:19Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z Security update for openvswitch This update for openvswitch fixes the following issues: - CVE-2024-2182: Fixed insufficient validation of incoming BFD packets may lead to denial of service (bsc#1255435) The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). SUSE-2026-660 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/update/announcement/2026/suse-su-20260660-1/ Link for SUSE-SU-2026:0660-1 https://lists.suse.com/pipermail/sle-security-updates/2026-February/024450.html E-Mail link for SUSE-SU-2026:0660-1 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://bugzilla.suse.com/1255435 SUSE Bug 1255435 https://www.suse.com/security/cve/CVE-2024-2182/ SUSE CVE CVE-2024-2182 page libopenvswitch-2_14-0-2.14.2-150400.24.29.1 libovn-20_06-0-20.06.2-150400.24.29.1 openvswitch-2.14.2-150400.24.29.1 openvswitch-devel-2.14.2-150400.24.29.1 openvswitch-doc-2.14.2-150400.24.29.1 openvswitch-ipsec-2.14.2-150400.24.29.1 openvswitch-pki-2.14.2-150400.24.29.1 openvswitch-test-2.14.2-150400.24.29.1 openvswitch-vtep-2.14.2-150400.24.29.1 ovn-20.06.2-150400.24.29.1 ovn-central-20.06.2-150400.24.29.1 ovn-devel-20.06.2-150400.24.29.1 ovn-doc-20.06.2-150400.24.29.1 ovn-docker-20.06.2-150400.24.29.1 ovn-host-20.06.2-150400.24.29.1 ovn-vtep-20.06.2-150400.24.29.1 python3-ovs-2.14.2-150400.24.29.1 A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service. CVE-2024-2182 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/support/update/announcement/2026/suse-su-20260660-1/ https://www.suse.com/security/cve/CVE-2024-2182.html CVE-2024-2182 https://bugzilla.suse.com/1255435 SUSE Bug 1255435