Wind River Support Network

HomeDefectsLIN1021-5581
Fixed

LIN1021-5581 : Security Advisory - openvswitch - CVE-2023-1668

Created: Apr 10, 2023    Updated: Sep 15, 2024
Resolved Date: Feb 22, 2024
Found In Version: 10.21.20.1
Fix Version: 10.21.20.22
Severity: Standard
Applicable for: Wind River Linux LTS 21
Component/s: Userspace

Description

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

https://nvd.nist.gov/vuln/detail/CVE-2023-1668

CVEs


Live chat
Online