Vulnerability CVE-2023-3966: Information

Description

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

URL: https://nvd.nist.gov/vuln/detail/CVE-2023-3966
Published: Feb. 22, 2024
Modified: March 23, 2024
Error type identifier: CWE-248

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
openvswitchp102.17.9-alt12.17.9-alt1ALT-PU-2024-6293-2344872Fixed
openvswitchp10_e2k2.17.9-alt12.17.9-alt1ALT-PU-2024-6890-1-Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
https://access.redhat.com/security/cve/CVE-2023-3966
    RHBZ#2178363
      https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/
        https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
          VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
          Version: v24.5.1
          Back to top