{"id":"CVE-2021-36980","details":"Open vSwitch (aka openvswitch) 2.11.0 through 2.15.0 has a use-after-free in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action.","modified":"2026-02-24T11:41:02.172045Z","published":"2021-07-20T07:15:08.113Z","related":["SUSE-SU-2022:3096-1","SUSE-SU-2022:3098-1","SUSE-SU-2022:3099-1","SUSE-SU-2022:3116-1","SUSE-SU-2023:1795-1","SUSE-SU-2023:2360-1","openSUSE-SU-2024:11898-1"],"references":[{"type":"ADVISORY","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27851"},{"type":"ADVISORY","url":"https://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvswitch/OSV-2020-2197.yaml"},{"type":"ADVISORY","url":"https://github.com/openvswitch/ovs/commit/38744b1bcb022c611712527f039722115300f58f"},{"type":"ADVISORY","url":"https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3"},{"type":"ADVISORY","url":"https://github.com/openvswitch/ovs/commit/6d67310f4d2524b466b98f05ebccc1add1e8cf35"},{"type":"ADVISORY","url":"https://github.com/openvswitch/ovs/commit/77cccc74deede443e8b9102299efc869a52b65b2"},{"type":"ADVISORY","url":"https://github.com/openvswitch/ovs/commit/8ce8dc34b5f73b30ce0c1869af9947013c3c6575"},{"type":"ADVISORY","url":"https://github.com/openvswitch/ovs/commit/9926637a80d0d243dbf9c49761046895e9d1a8e2"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/202311-16"},{"type":"FIX","url":"https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27851"},{"type":"FIX","url":"https://github.com/openvswitch/ovs/commit/38744b1bcb022c611712527f039722115300f58f"},{"type":"FIX","url":"https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3"},{"type":"FIX","url":"https://github.com/openvswitch/ovs/commit/6d67310f4d2524b466b98f05ebccc1add1e8cf35"},{"type":"FIX","url":"https://github.com/openvswitch/ovs/commit/77cccc74deede443e8b9102299efc869a52b65b2"},{"type":"FIX","url":"https://github.com/openvswitch/ovs/commit/8ce8dc34b5f73b30ce0c1869af9947013c3c6575"},{"type":"FIX","url":"https://github.com/openvswitch/ovs/commit/9926637a80d0d243dbf9c49761046895e9d1a8e2"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/openvswitch/ovs","events":[{"introduced":"0"},{"fixed":"38744b1bcb022c611712527f039722115300f58f"},{"introduced":"0"},{"fixed":"65c61b0c23a0d474696d7b1cea522a5016a8aeb3"},{"introduced":"0"},{"fixed":"6d67310f4d2524b466b98f05ebccc1add1e8cf35"},{"introduced":"0"},{"fixed":"77cccc74deede443e8b9102299efc869a52b65b2"},{"introduced":"0"},{"fixed":"8ce8dc34b5f73b30ce0c1869af9947013c3c6575"},{"introduced":"0"},{"fixed":"9926637a80d0d243dbf9c49761046895e9d1a8e2"}]}],"versions":["v0.90.0","v0.90.1","v0.90.2","v0.90.3","v0.90.4","v0.90.6","v0.90.7","v0.99.0","v0.99.1","v0.99.2","v1.0.0","v1.0.1","v1.1.0pre1","v1.1.0pre2","v2.11.0","v2.11.1","v2.11.2","v2.11.3","v2.11.4","v2.11.5","v2.11.6","v2.12.0","v2.12.1","v2.12.2","v2.12.3","v2.13.0","v2.13.1","v2.13.2","v2.13.3","v2.14.0","v2.14.1","v2.14.2","v2.15.0"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-36980.json","vanir_signatures":[{"deprecated":false,"id":"CVE-2021-36980-200af1b6","source":"https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3","digest":{"length":761,"function_hash":"209576733534873843408785465615394916633"},"signature_version":"v1","target":{"function":"decode_NXAST_RAW_ENCAP","file":"lib/ofp-actions.c"},"signature_type":"Function"},{"deprecated":false,"id":"CVE-2021-36980-275ba41f","source":"https://github.com/openvswitch/ovs/commit/6d67310f4d2524b466b98f05ebccc1add1e8cf35","digest":{"threshold":0.9,"line_hashes":["92060819711219569976165408103874414148","230133176707265485790101955749202792602","125678146867983290637383644987280043108","160963822987075192410460993497950816861","75627123629655397597708468586468840578","203694621910049404690690516157255942209","195849225705113354180812045969896413298","208620529668483093776628092577962602440"]},"signature_version":"v1","target":{"file":"lib/ofp-actions.c"},"signature_type":"Line"},{"deprecated":false,"id":"CVE-2021-36980-30cd9a35","source":"https://github.com/openvswitch/ovs/commit/9926637a80d0d243dbf9c49761046895e9d1a8e2","digest":{"threshold":0.9,"line_hashes":["92060819711219569976165408103874414148","230133176707265485790101955749202792602","125678146867983290637383644987280043108","160963822987075192410460993497950816861","75627123629655397597708468586468840578","203694621910049404690690516157255942209","195849225705113354180812045969896413298","208620529668483093776628092577962602440"]},"signature_version":"v1","target":{"file":"lib/ofp-actions.c"},"signature_type":"Line"},{"deprecated":false,"id":"CVE-2021-36980-415b3027","source":"https://github.com/openvswitch/ovs/commit/6d67310f4d2524b466b98f05ebccc1add1e8cf35","digest":{"length":761,"function_hash":"209576733534873843408785465615394916633"},"signature_version":"v1","target":{"function":"decode_NXAST_RAW_ENCAP","file":"lib/ofp-actions.c"},"signature_type":"Function"},{"deprecated":false,"id":"CVE-2021-36980-4400f99d","source":"https://github.com/openvswitch/ovs/commit/8ce8dc34b5f73b30ce0c1869af9947013c3c6575","digest":{"threshold":0.9,"line_hashes":["92060819711219569976165408103874414148","230133176707265485790101955749202792602","125678146867983290637383644987280043108","160963822987075192410460993497950816861","75627123629655397597708468586468840578","203694621910049404690690516157255942209","195849225705113354180812045969896413298","208620529668483093776628092577962602440"]},"signature_version":"v1","target":{"file":"lib/ofp-actions.c"},"signature_type":"Line"},{"deprecated":false,"id":"CVE-2021-36980-58985c2c","source":"https://github.com/openvswitch/ovs/commit/38744b1bcb022c611712527f039722115300f58f","digest":{"threshold":0.9,"line_hashes":["92060819711219569976165408103874414148","230133176707265485790101955749202792602","125678146867983290637383644987280043108","160963822987075192410460993497950816861","75627123629655397597708468586468840578","203694621910049404690690516157255942209","195849225705113354180812045969896413298","208620529668483093776628092577962602440"]},"signature_version":"v1","target":{"file":"lib/ofp-actions.c"},"signature_type":"Line"},{"deprecated":false,"id":"CVE-2021-36980-5c589e53","source":"https://github.com/openvswitch/ovs/commit/77cccc74deede443e8b9102299efc869a52b65b2","digest":{"threshold":0.9,"line_hashes":["92060819711219569976165408103874414148","230133176707265485790101955749202792602","125678146867983290637383644987280043108","160963822987075192410460993497950816861","75627123629655397597708468586468840578","203694621910049404690690516157255942209","195849225705113354180812045969896413298","208620529668483093776628092577962602440"]},"signature_version":"v1","target":{"file":"lib/ofp-actions.c"},"signature_type":"Line"},{"deprecated":false,"id":"CVE-2021-36980-880e5a8e","source":"https://github.com/openvswitch/ovs/commit/65c61b0c23a0d474696d7b1cea522a5016a8aeb3","digest":{"threshold":0.9,"line_hashes":["92060819711219569976165408103874414148","230133176707265485790101955749202792602","125678146867983290637383644987280043108","160963822987075192410460993497950816861","75627123629655397597708468586468840578","203694621910049404690690516157255942209","195849225705113354180812045969896413298","208620529668483093776628092577962602440"]},"signature_version":"v1","target":{"file":"lib/ofp-actions.c"},"signature_type":"Line"},{"deprecated":false,"id":"CVE-2021-36980-8fa1a3c4","source":"https://github.com/openvswitch/ovs/commit/38744b1bcb022c611712527f039722115300f58f","digest":{"length":761,"function_hash":"209576733534873843408785465615394916633"},"signature_version":"v1","target":{"function":"decode_NXAST_RAW_ENCAP","file":"lib/ofp-actions.c"},"signature_type":"Function"},{"deprecated":false,"id":"CVE-2021-36980-9195f800","source":"https://github.com/openvswitch/ovs/commit/8ce8dc34b5f73b30ce0c1869af9947013c3c6575","digest":{"length":761,"function_hash":"209576733534873843408785465615394916633"},"signature_version":"v1","target":{"function":"decode_NXAST_RAW_ENCAP","file":"lib/ofp-actions.c"},"signature_type":"Function"},{"deprecated":false,"id":"CVE-2021-36980-96f56785","source":"https://github.com/openvswitch/ovs/commit/9926637a80d0d243dbf9c49761046895e9d1a8e2","digest":{"length":761,"function_hash":"209576733534873843408785465615394916633"},"signature_version":"v1","target":{"function":"decode_NXAST_RAW_ENCAP","file":"lib/ofp-actions.c"},"signature_type":"Function"},{"deprecated":false,"id":"CVE-2021-36980-f5546977","source":"https://github.com/openvswitch/ovs/commit/77cccc74deede443e8b9102299efc869a52b65b2","digest":{"length":761,"function_hash":"209576733534873843408785465615394916633"},"signature_version":"v1","target":{"function":"decode_NXAST_RAW_ENCAP","file":"lib/ofp-actions.c"},"signature_type":"Function"}]}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H"}]}