QwikSec

Security Database

CVE

CWE

Training

CVE-2023-1668

Published: Apr 10, 2023

Modified: Apr 23, 2025

PUBLISHED

Description

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.

Vendor	Product	Versions
n/a	openvswitch	affected `unknown`

Weaknesses (CWE)

References

https://bugzilla.redhat.com/show_bug.cgi?id=2137666

https://www.openwall.com/lists/oss-security/2023/04/06/1

vendor-advisory

FEDORA-2023-7da03dc2ae

vendor-advisory

[debian-lts-announce] 20230501 [SECURITY] [DLA 3410-1] openvswitch security update

mailing-list

vendor-advisory

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.