Primary

Context

Open vSwitch Heap Access Vulnerability via Malformed FTP EPASV Command Leading to Denial-of-Service

Vulnerability

A heap access vulnerability has been identified in Open vSwitch. This issue arises when Open vSwitch is set up with a conntrack flow using FTP helpers over the userspace datapath. A remote attacker can exploit this by sending a crafted FTP stream containing an EPASV command that exceeds 255 characters. This exploitation causes a heap access error, which can crash the system, leading to a denial-of-service condition.

Impact

Exploitation of this vulnerability causes the Open vSwitch process to crash, disrupting network services and causing a denial-of-service condition on the affected system.

Remediation

Users can optionally avoid using FTP flows, as these are not typically configured by default. Red Hat users should refer to the Red Hat Security Errata for their specific version for guidance on applying the fix.

Added: May 5, 2026, 4:58 PM

Updated: May 5, 2026, 4:58 PM

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.7

remediation

7.9

relevance

7.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

6.6

impact

2.5

exploitability

4.7

remediation

7.9

relevance

7.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Open vSwitch Heap Access Vulnerability via Malformed FTP EPASV Command Leading to Denial-of-Service

Vulnerability

Impact

Remediation

Affected Products

Open vSwitch

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating