rpm package
suse/openvswitch&distro=SUSE Linux Enterprise High Performance Computing 15 SP3-ESPOS
pkg:rpm/suse/openvswitch&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP3-ESPOS
Vulnerabilities (4)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2023-5366 | — | < 2.14.2-150300.19.11.1 | 2.14.2-150300.19.11.1 | Oct 6, 2023 | A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICM | ||
| CVE-2023-1668 | — | < 2.14.2-150300.19.8.1 | 2.14.2-150300.19.8.1 | Apr 10, 2023 | A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols | ||
| CVE-2022-4338 | — | < 2.14.2-150300.19.8.1 | 2.14.2-150300.19.8.1 | Jan 10, 2023 | An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch. | ||
| CVE-2022-4337 | — | < 2.14.2-150300.19.8.1 | 2.14.2-150300.19.8.1 | Jan 10, 2023 | An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch. |
- CVE-2023-5366Oct 6, 2023affected < 2.14.2-150300.19.11.1fixed 2.14.2-150300.19.11.1
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICM
- CVE-2023-1668Apr 10, 2023affected < 2.14.2-150300.19.8.1fixed 2.14.2-150300.19.8.1
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols
- CVE-2022-4338Jan 10, 2023affected < 2.14.2-150300.19.8.1fixed 2.14.2-150300.19.8.1
An integer underflow in Organization Specific TLV was found in various versions of OpenvSwitch.
- CVE-2022-4337Jan 10, 2023affected < 2.14.2-150300.19.8.1fixed 2.14.2-150300.19.8.1
An out-of-bounds read in Organization Specific TLV was found in various versions of OpenvSwitch.