8.2
CVE-2023-1668
- EPSS 0.09%
- Published 10.04.2023 22:15:09
- Last modified 23.04.2025 17:16:28
- Source secalert@redhat.com
- Teams watchlist Login
- Open Login
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
Data is provided by the National Vulnerability Database (NVD)
Cloudbase ≫ Open Vswitch Version >= 1.5.0 < 2.13.11
Cloudbase ≫ Open Vswitch Version >= 2.14.0 < 2.14.9
Cloudbase ≫ Open Vswitch Version >= 2.15.0 < 2.15.8
Cloudbase ≫ Open Vswitch Version >= 2.16.0 < 2.16.7
Cloudbase ≫ Open Vswitch Version >= 2.17.0 < 2.17.6
Cloudbase ≫ Open Vswitch Version >= 3.0.0 < 3.0.4
Cloudbase ≫ Open Vswitch Version3.1.0
Debian ≫ Debian Linux Version11.0
Redhat ≫ Openshift Container Platform Version4.0
Redhat ≫ Openstack Platform Version16.1
Redhat ≫ Openstack Platform Version16.2
Redhat ≫ Openstack Platform Version17.0
Redhat ≫ Virtualization Version4.0
Redhat ≫ Fast Datapath Version-
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
| Type | Source | Score | Percentile |
|---|---|---|---|
| EPSS | FIRST.org | 0.09% | 0.267 |
| Source | Base Score | Exploit Score | Impact Score | Vector string |
|---|---|---|---|---|
| nvd@nist.gov | 8.2 | 3.9 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
|
| 134c704f-9b21-4f2e-91b3-4a467353bcc0 | 8.2 | 3.9 | 4.2 |
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
|
CWE-670 Always-Incorrect Control Flow Implementation
The code contains a control flow path that does not reflect the algorithm that the path is intended to implement, leading to incorrect behavior any time this path is navigated.