First published: Tue Sep 21 2021(Updated: )
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.
Credit: secalert@redhat.com secalert@redhat.com secalert@redhat.com
Affected Software | Affected Version | How to fix |
---|---|---|
Openvswitch Openvswitch | <2023-02-28 | |
Redhat Openshift Container Platform | =4.0 | |
Redhat Virtualization | =4.0 | |
Redhat Enterprise Linux | =7.0 | |
Redhat Fast Datapath | ||
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
debian/openvswitch | <=2.10.7+ds1-0+deb10u1<=2.15.0+ds1-2+deb11u4<=3.1.0-2 | 2.10.7+ds1-0+deb10u5 2.15.0+ds1-2+deb11u5 3.1.0-2+deb12u1 3.3.0~git20240118.e802fe7-3 3.3.0-1 |
All of | ||
Redhat Fast Datapath | ||
Any of | ||
Redhat Enterprise Linux | =7.0 | |
Redhat Enterprise Linux | =8.0 | |
Redhat Enterprise Linux | =9.0 | |
ubuntu/openvswitch | <2.13.8-0ubuntu1.4 | 2.13.8-0ubuntu1.4 |
ubuntu/openvswitch | <2.17.9-0ubuntu0.22.04.1 | 2.17.9-0ubuntu0.22.04.1 |
ubuntu/openvswitch | <3.2.2-0ubuntu0.23.10.1 | 3.2.2-0ubuntu0.23.10.1 |
ubuntu/openvswitch | <3.2.2<3.1.4<3.0.6<2.17.9 | 3.2.2 3.1.4 3.0.6 2.17.9 |
<2023-02-28 | ||
=4.0 | ||
=4.0 | ||
=7.0 | ||
All of | ||
Any of | ||
=7.0 | ||
=8.0 | ||
=9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this flaw is CVE-2023-5366.
The severity of CVE-2023-5366 is high.
Openvswitch, Redhat Openshift Container Platform, Redhat Virtualization, and Redhat Enterprise Linux versions 7.0, 8.0, and 9.0 are affected by CVE-2023-5366.
A local attacker can exploit CVE-2023-5366 by creating specially crafted packets with a modified or spoofed target IP address field to bypass OpenFlow rules.
No, Redhat Enterprise Linux versions 7.0, 8.0, and 9.0 are not vulnerable to CVE-2023-5366.