3 matches found
CVE-2023-3153
Open Virtual Network (ovn/openvswitch) CVE-2023-3153 is reported as a denial-of-service risk caused by the service monitor MAC flow not being rate-limited. Public advisories from SUSE/OpenVAS indicate the issue affects openvswitch and openvswitch3, with remediation via updates to openvswitch/open...
CVE-2023-1668
CVE-2023-1668 — Open vSwitch (OVS) has a flaw where, when processing an IP packet with protocol 0, OVS installs a datapath flow whose action does not modify the IP header. This can cause a datapath rule matching all IP protocols (nw_proto wildcarded) to have an incorrect action, risking improper ...
CVE-2023-5366
CVE-2023-5366 affects Open vSwitch. The flaw allows ICMPv6 Neighbor Advertisement packets between VMs to bypass OpenFlow rules, enabling a local attacker to craft packets with a spoofed target IP to redirect ICMPv6 traffic. Connected advisories confirm patched/Open vSwitch versions are available ...