Описание
Security update for openvswitch
This update for openvswitch fixes the following issues:
- CVE-2023-1668: Fixed remote traffic denial of service via crafted packets with IP proto 0 (bsc#1210054).
- CVE-2022-4338: Fixed Integer Underflow in Organization Specific TLV (bsc#1206580).
- CVE-2022-4337: Fixed Out-of-Bounds Read in Organization Specific TLV (bsc#1206581).
Список пакетов
SUSE Enterprise Storage 7.1
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
SUSE Linux Enterprise High Performance Computing 15 SP3-LTSS
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
SUSE Linux Enterprise Real Time 15 SP3
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
SUSE Linux Enterprise Server 15 SP3-LTSS
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
SUSE Linux Enterprise Server for SAP Applications 15 SP3
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
SUSE Manager Proxy 4.2
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
SUSE Manager Server 4.2
libopenvswitch-2_14-0-2.14.2-150300.19.8.1
libovn-20_06-0-20.06.2-150300.19.8.1
openvswitch-2.14.2-150300.19.8.1
openvswitch-devel-2.14.2-150300.19.8.1
openvswitch-ipsec-2.14.2-150300.19.8.1
openvswitch-pki-2.14.2-150300.19.8.1
openvswitch-test-2.14.2-150300.19.8.1
openvswitch-vtep-2.14.2-150300.19.8.1
ovn-20.06.2-150300.19.8.1
ovn-central-20.06.2-150300.19.8.1
ovn-devel-20.06.2-150300.19.8.1
ovn-docker-20.06.2-150300.19.8.1
ovn-host-20.06.2-150300.19.8.1
ovn-vtep-20.06.2-150300.19.8.1
python3-ovs-2.14.2-150300.19.8.1
Ссылки
- Link for SUSE-SU-2023:2275-1
- E-Mail link for SUSE-SU-2023:2275-1
- SUSE Security Ratings
- SUSE Bug 1206580
- SUSE Bug 1206581
- SUSE Bug 1210054
- SUSE CVE CVE-2022-4337 page
- SUSE CVE CVE-2022-4338 page
- SUSE CVE CVE-2023-1668 page
Описание
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.
Затронутые продукты
SUSE Enterprise Storage 7.1:libopenvswitch-2_14-0-2.14.2-150300.19.8.1
SUSE Enterprise Storage 7.1:libovn-20_06-0-20.06.2-150300.19.8.1
SUSE Enterprise Storage 7.1:openvswitch-2.14.2-150300.19.8.1
SUSE Enterprise Storage 7.1:openvswitch-devel-2.14.2-150300.19.8.1
Ссылки
- CVE-2022-4337
- SUSE Bug 1206581
Описание
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
Затронутые продукты
SUSE Enterprise Storage 7.1:libopenvswitch-2_14-0-2.14.2-150300.19.8.1
SUSE Enterprise Storage 7.1:libovn-20_06-0-20.06.2-150300.19.8.1
SUSE Enterprise Storage 7.1:openvswitch-2.14.2-150300.19.8.1
SUSE Enterprise Storage 7.1:openvswitch-devel-2.14.2-150300.19.8.1
Ссылки
- CVE-2022-4338
- SUSE Bug 1206580
Описание
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
Затронутые продукты
SUSE Enterprise Storage 7.1:libopenvswitch-2_14-0-2.14.2-150300.19.8.1
SUSE Enterprise Storage 7.1:libovn-20_06-0-20.06.2-150300.19.8.1
SUSE Enterprise Storage 7.1:openvswitch-2.14.2-150300.19.8.1
SUSE Enterprise Storage 7.1:openvswitch-devel-2.14.2-150300.19.8.1
Ссылки
- CVE-2023-1668
- SUSE Bug 1210054