Nixpkgs Security Tracker

Untriaged

Permalink CVE-2023-5366

7.1 HIGH

CVSS version: 3.1
Attack vector (AV): NETWORK
Attack complexity (AC): LOW
Privileges required (PR): LOW
User interaction (UI): NONE
Scope (S): UNCHANGED
Confidentiality impact (C): LOW
Integrity impact (I): NONE
Availability impact (A): HIGH

created 6 months ago

Openvswitch don't match packets on nd_target field

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.

References

https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry
RHBZ#2006347 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/02/08/4
https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry
RHBZ#2006347 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/02/08/4
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry
RHBZ#2006347 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/02/08/4
https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry
RHBZ#2006347 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/02/08/4
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry
RHBZ#2006347 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/02/08/4
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2006347 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/02/08/4 x_transferred
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry
RHBZ#2006347 issue-tracking x_refsource_REDHAT
http://www.openwall.com/lists/oss-security/2024/02/08/4
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj…
https://lists.debian.org/debian-lts-announce/2024/02/msg00004.html x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproj… x_transferred
https://access.redhat.com/security/cve/CVE-2023-5366 x_refsource_REDHAT vdb-entry x_transferred
RHBZ#2006347 issue-tracking x_refsource_REDHAT x_transferred
http://www.openwall.com/lists/oss-security/2024/02/08/4 x_transferred

Affected products

openvswitch

openvswitch3.0

openvswitch3.1

openvswitch2.10

openvswitch2.11

openvswitch2.12

openvswitch2.13

openvswitch2.15

openvswitch2.16

openvswitch2.17

rhosp-openvswitch

openvswitch-ovn-kubernetes

redhat-virtualization-host

Matching in nixpkgs

pkgs.openvswitch

Multilayer virtual switch

nixos-unstable -
- nixpkgs-unstable 3.6.0

pkgs.openvswitch-dpdk