CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
AI Score
Confidence
High
EPSS
Percentile
5.1%
A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.
Vendor | Product | Version | CPE |
---|---|---|---|
openvswitch | openvswitch | * | cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:* |
redhat | openshift_container_platform | 4.0 | cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:* |
redhat | virtualization | 4.0 | cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:* |
redhat | enterprise_linux | 7.0 | cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* |
redhat | enterprise_linux | 8.0 | cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:*:*:*:* |
redhat | enterprise_linux | 9.0 | cpe:2.3:o:redhat:enterprise_linux:9.0:*:*:*:*:*:*:* |
redhat | fast_datapath | - | cpe:2.3:a:redhat:fast_datapath:-:*:*:*:*:*:*:* |
www.openwall.com/lists/oss-security/2024/02/08/4
access.redhat.com/security/cve/CVE-2023-5366
bugzilla.redhat.com/show_bug.cgi?id=2006347
lists.debian.org/debian-lts-announce/2024/02/msg00004.html
lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/