UbuntuUSN-6514-1Open vSwitch vulnerability
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
5.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%
Releases
- Ubuntu 20.04 LTS
- Ubuntu 18.04 ESM
Packages
- openvswitch - Ethernet virtual switch
Details
It was discovered that Open vSwitch did not correctly handle OpenFlow
rules for ICMPv6 Neighbour Advertisement packets. A local attacker could
possibly use this issue to redirect traffic to arbitrary IP addresses.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 20.04 | noarch | openvswitch-common | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-dbg | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-doc | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-pki | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-source | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-switch | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-switch-dpdk | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-test | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-testcontroller | < 2.13.8-0ubuntu1.3 | UNKNOWN |
| Ubuntu | 20.04 | noarch | openvswitch-vtep | < 2.13.8-0ubuntu1.3 | UNKNOWN |
References
Related
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H
5.9 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
5.1%