rpm package
opensuse/openvswitch3&distro=openSUSE Leap 15.5
pkg:rpm/opensuse/openvswitch3&distro=openSUSE%20Leap%2015.5
Vulnerabilities (5)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-3966 | — | < 3.1.0-150500.3.16.1 | 3.1.0-150500.3.16.1 | Feb 22, 2024 | A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled. | ||
| CVE-2023-5366 | — | < 3.1.0-150500.3.11.1 | 3.1.0-150500.3.11.1 | Oct 6, 2023 | A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICM | ||
| CVE-2023-3153 | — | < 3.1.0-150500.3.6.2 | 3.1.0-150500.3.6.2 | Oct 4, 2023 | A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured. | ||
| CVE-2023-3152 | — | < 3.1.0-150500.3.6.2 | 3.1.0-150500.3.6.2 | Jun 7, 2023 | A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\posts\view_post.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has b | ||
| CVE-2023-1668 | — | < 3.1.0-150500.3.3.1 | 3.1.0-150500.3.3.1 | Apr 10, 2023 | A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols |
- CVE-2023-3966Feb 22, 2024affected < 3.1.0-150500.3.16.1fixed 3.1.0-150500.3.16.1
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.
- CVE-2023-5366Oct 6, 2023affected < 3.1.0-150500.3.11.1fixed 3.1.0-150500.3.11.1
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICM
- CVE-2023-3153Oct 4, 2023affected < 3.1.0-150500.3.6.2fixed 3.1.0-150500.3.6.2
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
- CVE-2023-3152Jun 7, 2023affected < 3.1.0-150500.3.6.2fixed 3.1.0-150500.3.6.2
A vulnerability classified as critical has been found in SourceCodester Online Discussion Forum Site 1.0. This affects an unknown part of the file admin\posts\view_post.php. The manipulation leads to sql injection. It is possible to initiate the attack remotely. The exploit has b
- CVE-2023-1668Apr 10, 2023affected < 3.1.0-150500.3.3.1fixed 3.1.0-150500.3.3.1
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols