Vulnerability in Cloudbase Open_vswitch
CVE-2023-1668
A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a…
EPSS: 0.012 (64.9th percentile) — read the EPSS interpretation.
CVSS v3 metric
CVSS v3 base score 8.2 (High). Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:H.
Affected products
- Cloudbase Open_vswitch — versions 3.1.0
- Debian Debian_linux — versions 11.0
- Redhat Enterprise_linux — versions 7.0, 8.0
- Redhat Fast_datapath
- Redhat Openshift_container_platform — versions 4.0
- Redhat Openstack_platform — versions 16.1, 16.2, 17.0
- Redhat Virtualization — versions 4.0
- N/a Openvswitch — versions unknown
Weakness classification (CWE)
Public proof-of-concept exploits
References
- secalert@redhat.com (Third Party Advisory, Issue Tracking)
- secalert@redhat.com (Patch, Mailing List, Mitigation)
- secalert@redhat.com (vendor-advisory, Third Party Advisory)
- secalert@redhat.com (vendor-advisory)
- secalert@redhat.com (mailing-list)
- secalert@redhat.com (vendor-advisory)
Frequently asked questions
- What is CVE-2023-1668?
- CVE-2023-1668 is a high-severity vulnerability in Cloudbase Open_vswitch, classified under Always-Incorrect Control Flow Implementation. CVSS score: 8.2/10. Published 2023-04-10.
- How severe is CVE-2023-1668?
- High severity. CVSS v3 base score is 8.2 out of 10.
- Is CVE-2023-1668 known to be exploited?
- 2 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.