CVE-2023-5366

CWE-34511 documents9 sources
Severity
5.5MEDIUM
EPSS
0.0%
top 94.67%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
4
Openvswitch OpenvswitchRedhat Enterprise LinuxRedhat Openshift Container Platform+1 more
Timeline
PublishedOct 6
Latest updateMar 12

Description

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:HExploitability: 2.8 | Impact: 4.2

Affected Packages3 packages

NVDopenvswitch/openvswitch< 2023-02-28
Debianopenvswitch< 2.15.0+ds1-2+deb11u5+3

Also affects: Openshift Container Platform 4.0, Enterprise Linux 7.0

Patches

Patch: bugzilla.redhat.comPatch: bugzilla.redhat.com

🔴Vulnerability Details

4
OSV
openvswitch vulnerabilities2024-03-12
CVEList
Openvswitch don't match packets on nd_target field2023-10-06
GHSA
GHSA-f89w-2cg8-8h78: A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules2023-10-06
OSV
CVE-2023-5366: A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules2023-10-06

📋Vendor Advisories

5
Ubuntu
Open vSwitch vulnerabilities2024-03-12
Ubuntu
Open vSwitch vulnerability2023-11-26
Microsoft
Openvswitch don't match packets on nd_target field2023-10-10
Red Hat
openvswitch: openvswitch don't match packets on nd_target field2023-09-26
Debian
CVE-2023-5366: openvswitch - A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packe...2023

💬Community

1
Bugzilla
CVE-2023-5366 openvswitch: openvswitch don't match packets on nd_target field2021-09-21