FKIE_CVE-2023-1668

Vulnerability from fkie_nvd - Published: 2023-04-10 22:15 - Updated: 2025-04-23 17:16
Severity ?
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
8.2 (High) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H
Summary
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
References
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2137666Issue Tracking, Third Party Advisory
secalert@redhat.comhttps://lists.debian.org/debian-lts-announce/2023/05/msg00000.html
secalert@redhat.comhttps://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2GUNS3WSJG4TUDKZ5L7FXGJMVOD6EJZ/
secalert@redhat.comhttps://security.gentoo.org/glsa/202311-16
secalert@redhat.comhttps://www.debian.org/security/2023/dsa-5387Third Party Advisory
secalert@redhat.comhttps://www.openwall.com/lists/oss-security/2023/04/06/1Mailing List, Mitigation, Patch
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=2137666Issue Tracking, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://lists.debian.org/debian-lts-announce/2023/05/msg00000.html
af854a3a-2127-422b-91ae-364da2661108https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2GUNS3WSJG4TUDKZ5L7FXGJMVOD6EJZ/
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/202311-16
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2023/dsa-5387Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://www.openwall.com/lists/oss-security/2023/04/06/1Mailing List, Mitigation, Patch
Impacted products
Vendor Product Version
cloudbase open_vswitch *
cloudbase open_vswitch *
cloudbase open_vswitch *
cloudbase open_vswitch *
cloudbase open_vswitch *
cloudbase open_vswitch *
cloudbase open_vswitch 3.1.0
debian debian_linux 11.0
redhat openshift_container_platform 4.0
redhat openstack_platform 16.1
redhat openstack_platform 16.2
redhat openstack_platform 17.0
redhat virtualization 4.0
redhat fast_datapath -
redhat enterprise_linux 7.0
redhat enterprise_linux 8.0
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "48C1C5E9-E256-43FD-9797-12F07441AAB1",
              "versionEndExcluding": "2.13.11",
              "versionStartIncluding": "1.5.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "A83DDD27-28AF-4ADA-9B8F-6573F29E9E22",
              "versionEndExcluding": "2.14.9",
              "versionStartIncluding": "2.14.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB75186B-4FB7-473D-B249-5A023DA1FDA4",
              "versionEndExcluding": "2.15.8",
              "versionStartIncluding": "2.15.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CD2D922F-E28D-4777-B0A9-814996568D1F",
              "versionEndExcluding": "2.16.7",
              "versionStartIncluding": "2.16.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "B88C4B2D-F726-46E4-8021-42C5770CF91B",
              "versionEndExcluding": "2.17.6",
              "versionStartIncluding": "2.17.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudbase:open_vswitch:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "92486D94-C16D-4422-986D-CC4BCC01F98A",
              "versionEndExcluding": "3.0.4",
              "versionStartIncluding": "3.0.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:cloudbase:open_vswitch:3.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "3C1AC9C8-68B9-413F-866F-46B279906B08",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:11.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "FA6FEEC2-9F11-4643-8827-749718254FED",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:openshift_container_platform:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "932D137F-528B-4526-9A89-CD59FA1AB0FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack_platform:16.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "DCC81071-B46D-4F5D-AC25-B4A4CCC20C73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack_platform:16.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "4B3000D2-35DF-4A93-9FC0-1AD3AB8349B8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:openstack_platform:17.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "F7076B1E-0529-43CC-828B-45C2ED11F9F6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "6BBD7A51-0590-4DDF-8249-5AFA8D645CB6",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:redhat:fast_datapath:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "0A63D05D-BFAF-484B-BA49-5F5E399CDA02",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "142AD0DD-4CF3-4D74-9442-459CE3347E3A",
              "vulnerable": false
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux:8.0:*:*:*:-:*:*:*",
              "matchCriteriaId": "053C1B35-3869-41C2-9551-044182DE0A64",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow."
    }
  ],
  "id": "CVE-2023-1668",
  "lastModified": "2025-04-23T17:16:28.023",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "nvd@nist.gov",
        "type": "Primary"
      },
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.2,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "LOW",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 4.2,
        "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
        "type": "Secondary"
      }
    ]
  },
  "published": "2023-04-10T22:15:09.133",
  "references": [
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137666"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00000.html"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2GUNS3WSJG4TUDKZ5L7FXGJMVOD6EJZ/"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://security.gentoo.org/glsa/202311-16"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5387"
    },
    {
      "source": "secalert@redhat.com",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Patch"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2023/04/06/1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Issue Tracking",
        "Third Party Advisory"
      ],
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2137666"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.debian.org/debian-lts-announce/2023/05/msg00000.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/V2GUNS3WSJG4TUDKZ5L7FXGJMVOD6EJZ/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://security.gentoo.org/glsa/202311-16"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://www.debian.org/security/2023/dsa-5387"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Mailing List",
        "Mitigation",
        "Patch"
      ],
      "url": "https://www.openwall.com/lists/oss-security/2023/04/06/1"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-670"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    },
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-670"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.