CVE-2016-2074 SUSE CVE security@suse.de SUSE Security Team SUSE CVE-2016-2074 Interim 1 9 2025-11-05T04:33:00Z current 2021-05-30T13:39:03Z 2025-11-05T04:33:00Z cve-database/bin/generate-cvrf-cve.pl 2020-12-27T01:00:00Z CVE-2016-2074 Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). https://www.suse.com/support/security/rating/ SUSE Security Ratings SUSE Cloud 5 SUSE Linux Enterprise Real Time Extension 12 SP1 SUSE Linux Enterprise Server 12 SUSE Linux Enterprise Server 12 SP1 openvswitch openvswitch-kmp-default openvswitch-kmp-xen openvswitch-switch openvswitch as a component of SUSE Cloud 5 openvswitch as a component of SUSE Linux Enterprise Real Time Extension 12 SP1 openvswitch as a component of SUSE Linux Enterprise Server 12 openvswitch-kmp-default as a component of SUSE Linux Enterprise Server 12 openvswitch-kmp-xen as a component of SUSE Linux Enterprise Server 12 openvswitch-switch as a component of SUSE Linux Enterprise Server 12 openvswitch as a component of SUSE Linux Enterprise Server 12 SP1 openvswitch-kmp-default as a component of SUSE Linux Enterprise Server 12 SP1 openvswitch-kmp-xen as a component of SUSE Linux Enterprise Server 12 SP1 openvswitch-switch as a component of SUSE Linux Enterprise Server 12 SP1 Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. CVE-2016-2074 SUSE Cloud 5:openvswitch SUSE Linux Enterprise Real Time Extension 12 SP1:openvswitch SUSE Linux Enterprise Server 12 SP1:openvswitch SUSE Linux Enterprise Server 12 SP1:openvswitch-kmp-default SUSE Linux Enterprise Server 12 SP1:openvswitch-kmp-xen SUSE Linux Enterprise Server 12 SP1:openvswitch-switch SUSE Linux Enterprise Server 12:openvswitch SUSE Linux Enterprise Server 12:openvswitch-kmp-default SUSE Linux Enterprise Server 12:openvswitch-kmp-xen SUSE Linux Enterprise Server 12:openvswitch-switch critical 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P 9.8 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H