CVE-2012-3449

NameCVE-2012-3449
DescriptionOpen vSwitch 1.4.2 uses world writable permissions for (1) /var/lib/openvswitch/pki/controllerca/incoming/ and (2) /var/lib/openvswitch/pki/switchca/incoming/, which allows local users to delete and overwrite arbitrary files.
SourceCVE (at NVD; CERT, LWN, oss-sec, fulldisc, Red Hat, Ubuntu, Gentoo, SUSE bugzilla/CVE, GitHub advisories/code/issues, web search, more)
Debian Bugs683665

Vulnerable and fixed packages

The table below lists information on source packages.

Source PackageReleaseVersionStatus
openvswitch (PTS)bullseye (security), bullseye2.15.0+ds1-2+deb11u5fixed
bookworm, bookworm (security)3.1.0-2+deb12u1fixed
sid, trixie3.5.0~git20241129.2af7cef-2fixed

The information below is based on the following data on fixed versions.

PackageTypeReleaseFixed VersionUrgencyOriginDebian Bugs
openvswitchsource(unstable)1.4.2+git20120612-8683665
Search for package or bug name: Reporting problems