Unrated severityNVD Advisory· Published Apr 10, 2023· Updated Apr 23, 2025
CVE-2023-1668
CVE-2023-1668
Description
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
Affected products
33- openvswitch/openvswitchdescription
- osv-coords32 versionspkg:rpm/opensuse/openvswitch3&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/openvswitch3&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openvswitch&distro=openSUSE%20Leap%2015.4pkg:rpm/opensuse/openvswitch&distro=openSUSE%20Leap%2015.5pkg:rpm/opensuse/openvswitch&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openvswitch&distro=openSUSE%20Tumbleweedpkg:rpm/suse/openvswitch3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-ESPOSpkg:rpm/suse/openvswitch3&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP5-LTSSpkg:rpm/suse/openvswitch3&distro=SUSE%20Linux%20Enterprise%20Micro%205.5pkg:rpm/suse/openvswitch3&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP5pkg:rpm/suse/openvswitch3&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP5-LTSSpkg:rpm/suse/openvswitch3&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP5pkg:rpm/suse/openvswitch&distro=SUSE%20Enterprise%20Storage%207pkg:rpm/suse/openvswitch&distro=SUSE%20Enterprise%20Storage%207.1pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP2-LTSSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-LTSSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015%20SP5pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP4pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP5pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Server%20Applications%2015%20SP4pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Real%20Time%2015%20SP3pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP2-LTSSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP3-LTSSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP6-LTSSpkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP2pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP3pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP6pkg:rpm/suse/openvswitch&distro=SUSE%20Manager%20Proxy%204.2pkg:rpm/suse/openvswitch&distro=SUSE%20Manager%20Server%204.2
< 3.1.0-150500.3.3.1+ 31 more
- (no CPE)range: < 3.1.0-150500.3.3.1
- (no CPE)range: < 3.1.7-150500.3.25.1
- (no CPE)range: < 2.13.2-150200.9.22.1
- (no CPE)range: < 2.14.2-150400.24.9.1
- (no CPE)range: < 3.1.7-150600.33.9.1
- (no CPE)range: < 3.1.0-14.1
- (no CPE)range: < 3.1.7-150500.3.25.1
- (no CPE)range: < 3.1.7-150500.3.25.1
- (no CPE)range: < 3.1.7-150500.3.25.1
- (no CPE)range: < 3.1.0-150500.3.3.1
- (no CPE)range: < 3.1.7-150500.3.25.1
- (no CPE)range: < 3.1.7-150500.3.25.1
- (no CPE)range: < 2.13.2-150200.9.22.1
- (no CPE)range: < 2.14.2-150300.19.8.1
- (no CPE)range: < 2.13.2-150200.9.22.1
- (no CPE)range: < 2.14.2-150300.19.8.1
- (no CPE)range: < 2.14.2-150300.19.8.1
- (no CPE)range: < 2.14.2-150400.24.9.1
- (no CPE)range: < 2.14.2-150400.24.9.1
- (no CPE)range: < 2.14.2-150400.24.9.1
- (no CPE)range: < 2.14.2-150400.24.9.1
- (no CPE)range: < 2.14.2-150300.19.8.1
- (no CPE)range: < 2.11.5-3.18.2
- (no CPE)range: < 2.13.2-150200.9.22.1
- (no CPE)range: < 2.14.2-150300.19.8.1
- (no CPE)range: < 3.1.7-150600.33.9.1
- (no CPE)range: < 2.11.5-3.18.2
- (no CPE)range: < 2.13.2-150200.9.22.1
- (no CPE)range: < 2.14.2-150300.19.8.1
- (no CPE)range: < 3.1.7-150600.33.9.1
- (no CPE)range: < 2.14.2-150300.19.8.1
- (no CPE)range: < 2.14.2-150300.19.8.1
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
6- lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2GUNS3WSJG4TUDKZ5L7FXGJMVOD6EJZ/mitrevendor-advisory
- security.gentoo.org/glsa/202311-16mitrevendor-advisory
- www.debian.org/security/2023/dsa-5387mitrevendor-advisory
- lists.debian.org/debian-lts-announce/2023/05/msg00000.htmlmitremailing-list
- bugzilla.redhat.com/show_bug.cgimitre
- www.openwall.com/lists/oss-security/2023/04/06/1mitre
News mentions
0No linked articles in our index yet.