Lucene search
UbuntuUSN-6690-1HistoryMar 12, 2024 - 12:00 a.m.
Open vSwitch vulnerabilities
2024-03-1200:00:00
ubuntu.com
12
open vswitch
ubuntu
vulnerabilities
denial of service
traffic redirection
netlink path
Releases
- Ubuntu 23.10
- Ubuntu 22.04 LTS
- Ubuntu 20.04 LTS
Packages
- openvswitch - Ethernet virtual switch
Details
Timothy Redaelli and Haresh Khandelwal discovered that Open vSwitch
incorrectly handled certain crafted Geneve packets when hardware offloading
via the netlink path is enabled. A remote attacker could possibly use this
issue to cause Open vSwitch to crash, leading to a denial of service.
(CVE-2023-3966)
It was discovered that Open vSwitch incorrectly handled certain ICMPv6
Neighbor Advertisement packets. A remote attacker could possibly use this
issue to redirect traffic to arbitrary IP addresses. (CVE-2023-5366)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Ubuntu | 23.10 | noarch | openvswitch-common | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-common-dbgsym | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-doc | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-ipsec | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-pki | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-source | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-switch | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-switch-dbgsym | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-switch-dpdk | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
| Ubuntu | 23.10 | noarch | openvswitch-switch-dpdk-dbgsym | < 3.2.2-0ubuntu0.23.10.1 | UNKNOWN |
Related
nessus
nessus
RHEL 8 : openvswitch2.17 (RHSA-2024:1234)
2024-03-07 00:00:00
Fedora 40 : openvswitch (2024-1f26ce7731)
2024-04-29 00:00:00
openvas
openvas
Ubuntu: Security Advisory (USN-6690-1)
2024-03-13 00:00:00
Debian: Security Advisory (DSA-5640-1)
2024-03-15 00:00:00
Fedora: Security Advisory for openvswitch (FEDORA-2024-a4530e9bfe)
2024-03-25 00:00:00
fedora
fedora
[SECURITY] Fedora 40 Update: openvswitch-3.3.0-1.fc40
2024-03-23 00:49:44
[SECURITY] Fedora 39 Update: openvswitch-3.2.2-1.fc39
2024-03-16 01:17:38
redhat
redhat
(RHSA-2024:1234) Important: openvswitch2.17 security update
2024-03-07 17:58:17
(RHSA-2024:1235) Important: openvswitch3.1 security update
2024-03-07 17:58:20
(RHSA-2024:1227) Important: openvswitch3.1 security update
2024-03-07 17:57:27
osv
osv
openvswitch vulnerabilities
2024-03-12 11:34:51
openvswitch - security update
2024-03-14 00:00:00
openvswitch vulnerability
2023-11-26 23:54:45
debian
debian
[SECURITY] [DSA 5640-1] openvswitch security update
2024-03-14 13:20:02
[SECURITY] [DLA 3734-1] openvswitch security update
2024-02-18 09:17:42
prion
prion
Design/Logic Flaw
2023-10-06 18:15:00
Design/Logic Flaw
2024-02-22 13:15:00
ubuntucve
ubuntucve
CVE-2023-5366
2023-10-06 00:00:00
CVE-2023-3966
2024-02-08 00:00:00
cvelist
cvelist
ubuntu
ubuntu
Open vSwitch vulnerability
2023-11-26 00:00:00
veracode
veracode
Denial Of Service
2024-02-12 18:54:24
Insufficient Verification Of Data Authenticity
2024-02-12 17:52:01
cve
cve
CVE-2023-3966
2024-02-22 13:15:07
CVE-2023-5366
2023-10-06 18:15:12
redos
redos
ROS-20240423-08
2024-04-23 00:00:00
ROS-20240422-08
2024-04-22 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-3966 affecting package openvswitch for versions less than 3.3.0-1
2024-03-19 17:21:46
alpinelinux
alpinelinux
CVE-2023-5366
2023-10-06 18:15:12
CVE-2023-3966
2024-02-22 13:15:07
debiancve
debiancve
CVE-2023-5366
2023-10-06 18:15:12
CVE-2023-3966
2024-02-22 13:15:07
redhatcve
redhatcve
CVE-2023-5366
2023-10-03 19:24:39
CVE-2023-3966
2024-02-09 02:59:34
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0510
2023-11-12 00:00:00