CVE-2023-3153: Service monitor mac flow is not rate limited
First published: Wed Jun 07 2023(Updated: )
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
Credit: secalert@redhat.com secalert@redhat.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Ovn Open Virtual Network | <22.03.3 | |
| Ovn Open Virtual Network | >=22.03.4<22.09.2 | |
| Ovn Open Virtual Network | >=22.09.3<22.12.1 | |
| Ovn Open Virtual Network | >=22.12.2<23.03.1 | |
| Ovn Open Virtual Network | >=23.03.2<23.06.1 | |
| Redhat Openshift Container Platform | =4.0 | |
| Redhat Fast Datapath | ||
| Redhat Enterprise Linux | =9.0 | |
| redhat/ovn | <22.03.3 | 22.03.3 |
| redhat/ovn | <22.09.2 | 22.09.2 |
| redhat/ovn | <22.12.1 | 22.12.1 |
| redhat/ovn | <23.03.1 | 23.03.1 |
| redhat/ovn | <23.06.1 | 23.06.1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- https://access.redhat.com/security/cve/CVE-2023-3153
- https://bugzilla.redhat.com/show_bug.cgi?id=2213279
- https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd
- https://github.com/ovn-org/ovn/issues/198
- https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html
- https://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2213285
- https://github.com/ovn-org/ovn
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2213279#c5
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=2213279#c7
- https://access.redhat.com/errata/RHSA-2023:5009
- https://access.redhat.com/errata/RHSA-2023:6274
Frequently Asked Questions
What is CVE-2023-3153?
CVE-2023-3153 is a vulnerability found in Open Virtual Network that allows an attacker to cause a denial of service.
How severe is CVE-2023-3153?
CVE-2023-3153 has a severity rating of medium (5.3).
Which software versions are affected by CVE-2023-3153?
The affected software versions are OVN Open Virtual Network 22.03.3 to 23.06.1.
How can I fix CVE-2023-3153?
To fix CVE-2023-3153, update the affected software to version 22.09.2, 22.12.1, 23.03.1, or 23.06.1.
Where can I find more information about CVE-2023-3153?
More information about CVE-2023-3153 can be found at the following references: [Reference 1](https://access.redhat.com/security/cve/CVE-2023-3153), [Reference 2](https://bugzilla.redhat.com/show_bug.cgi?id=2213279), [Reference 3](https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd).
- collector/nvd-api
- collector/nvd-index
- agent/references
- agent/type
- agent/author
- agent/softwarecombine
- agent/first-publish-date
- agent/remedy
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2023-3153
- agent/software-canonical-lookup
- collector/mitre-cve
- source/MITRE
- agent/weakness
- agent/title
- agent/tags
- agent/last-modified-date
- agent/severity
- agent/description
- agent/event
- vendor/ovn
- canonical/ovn open virtual network
- version/ovn open virtual network/22.03.4
- version/ovn open virtual network/22.09.3
- version/ovn open virtual network/22.12.2
- version/ovn open virtual network/23.03.2
- vendor/redhat
- canonical/redhat openshift container platform
- version/redhat openshift container platform/4.0
- canonical/redhat fast datapath
- canonical/redhat enterprise linux
- version/redhat enterprise linux/9.0
- package-manager/redhat