Debian Security Advisory DSA-5640-1 [email protected]
https://www.debian.org/security/ Moritz Muehlenhoff
March 14, 2024 https://www.debian.org/security/faq
Package : openvswitch
CVE ID : CVE-2023-3966 CVE-2023-5366
Debian Bug : 1063492
Two vulnerabilities were discovered in Open vSwitch, a software-based
Ethernet virtual switch, which could result in a bypass of OpenFlow
rules or denial of service.
For the oldstable distribution (bullseye), these problems have been fixed
in version 2.15.0+ds1-2+deb11u5. This update also adresses a memory leak
tracked as CVE-2024-22563.
For the stable distribution (bookworm), these problems have been fixed in
version 3.1.0-2+deb12u1.
We recommend that you upgrade your openvswitch packages.
For the detailed security status of openvswitch please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openvswitch
Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/
Mailing list: [email protected]
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Debian | 11 | all | python3-openvswitch | < 2.15.0+ds1-2+deb11u5 | python3-openvswitch_2.15.0+ds1-2+deb11u5_all.deb |
Debian | 11 | all | openvswitch-vtep | < 2.15.0+ds1-2+deb11u5 | openvswitch-vtep_2.15.0+ds1-2+deb11u5_all.deb |
Debian | 11 | all | openvswitch-switch-dpdk | < 2.15.0+ds1-2+deb11u5 | openvswitch-switch-dpdk_2.15.0+ds1-2+deb11u5_all.deb |
Debian | 12 | all | openvswitch-vtep | < 3.1.0-2+deb12u1 | openvswitch-vtep_3.1.0-2+deb12u1_all.deb |
Debian | 12 | all | openvswitch-test | < 3.1.0-2+deb12u1 | openvswitch-test_3.1.0-2+deb12u1_all.deb |
Debian | 12 | all | python3-openvswitch | < 3.1.0-2+deb12u1 | python3-openvswitch_3.1.0-2+deb12u1_all.deb |
Debian | 11 | all | openvswitch-dbg | < 2.15.0+ds1-2+deb11u5 | openvswitch-dbg_2.15.0+ds1-2+deb11u5_all.deb |
Debian | 11 | all | openvswitch-dev | < 2.15.0+ds1-2+deb11u5 | openvswitch-dev_2.15.0+ds1-2+deb11u5_all.deb |
Debian | 12 | all | openvswitch-switch-dpdk | < 3.1.0-2+deb12u1 | openvswitch-switch-dpdk_3.1.0-2+deb12u1_all.deb |
Debian | 11 | all | openvswitch-common | < 2.15.0+ds1-2+deb11u5 | openvswitch-common_2.15.0+ds1-2+deb11u5_all.deb |