Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2023-1668

Опубликовано: 10 апр. 2023
Источник: nvd
CVSS3: 8.2
EPSS Низкий

Описание

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*
Версия от 1.5.0 (включая) до 2.13.11 (исключая)
cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*
Версия от 2.14.0 (включая) до 2.14.9 (исключая)
cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*
Версия от 2.15.0 (включая) до 2.15.8 (исключая)
cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*
Версия от 2.16.0 (включая) до 2.16.7 (исключая)
cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*
Версия от 2.17.0 (включая) до 2.17.6 (исключая)
cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*
Версия от 3.0.0 (включая) до 3.0.4 (исключая)
cpe:2.3:a:cloudbase:open_vswitch:3.1.0:*:*:*:*:*:*:*
Конфигурация 2
cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*
Конфигурация 3

Одно из

cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack_platform:17.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
Конфигурация 4

Одновременно

cpe:2.3:a:redhat:fast_datapath:-:*:*:*:*:*:*:*

Одно из

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*

EPSS

Процентиль: 55%
0.00329
Низкий

8.2 High

CVSS3

Дефекты

CWE-670
CWE-670

Связанные уязвимости

ubuntu логотип

CVE-2023-1668

CVSS3: 8.2
ubuntu
почти 3 года назад

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

redhat логотип

CVE-2023-1668

CVSS3: 8.2
redhat
почти 3 года назад

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

msrc логотип

CVE-2023-1668

CVSS3: 8.2
msrc
почти 3 года назад

Описание отсутствует

debian логотип

CVE-2023-1668

CVSS3: 8.2
debian
почти 3 года назад

A flaw was found in openvswitch (OVS). When processing an IP packet wi ...

suse-cvrf логотип

SUSE-SU-2023:2621-1

suse-cvrf
больше 2 лет назад

Security update for openvswitch

EPSS

Процентиль: 55%
0.00329
Низкий

8.2 High

CVSS3

Дефекты

CWE-670
CWE-670