CVE-2023-3966 Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet

2024-02-2212:15:53

CWE-248

redhat

www.cve.org

open vswitch

geneve packets

denial of service

memory accesses

netlink path

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

Percentile

15.5%

JSON

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

CNA Affected

[
  {
    "product": "openvswitch",
    "vendor": "n/a",
    "versions": [
      {
        "version": "3.1.0",
        "status": "unaffected"
      }
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.10",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.11",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.12",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.13",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.11",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.12",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.13",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.15",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.16",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.17",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 8",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch3.1",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch2.17",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch3.0",
    "defaultStatus": "unknown",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch3.1",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Fast Datapath for RHEL 9",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch3.2",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat Enterprise Linux 7",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch",
    "defaultStatus": "affected",
    "cpes": [
      "cpe:/o:redhat:enterprise_linux:7"
    ]
  },
  {
    "vendor": "Red Hat",
    "product": "Red Hat OpenShift Container Platform 3.11",
    "collectionURL": "https://access.redhat.com/downloads/content/package-browser/",
    "packageName": "openvswitch-ovn-kubernetes",
    "defaultStatus": "unaffected",
    "cpes": [
      "cpe:/a:redhat:openshift:3.11"
    ]
  },
  {
    "product": "OpenStack RDO",
    "vendor": "RDO",
    "collectionURL": "https://repos.fedorapeople.org/repos/openstack/",
    "packageName": "rdo-openvswitch",
    "defaultStatus": "affected"
  },
  {
    "product": "Fedora",
    "vendor": "Fedora",
    "collectionURL": "https://packages.fedoraproject.org/",
    "packageName": "openvswitch",
    "defaultStatus": "affected"
  }
]