Main Vulnerability Database SB2023112725

SB2023112725 - SUSE update for openvswitch

Published: November 27, 2023

Security Bulletin ID SB2023112725

Severity

Low

Patch available

YES

Number of vulnerabilities 1

Exploitation vector Local access

Highest impact Data manipulation

Breakdown by Severity

Low
Medium
High
Critical

Description

This security bulletin contains information about 1 security vulnerability.

1) Insufficient verification of data authenticity (CVE-ID: CVE-2023-5366)

The vulnerability allows a local user to bypass implemented security restrictions.

The vulnerability exists due to missing verification of data authenticity when handling ICMPv6 Neighbor Advertisement packets between virtual machines. A local user can bypass OpenFlow rules and send otherwise restricted packets.

Remediation

Install update from vendor's website.

References

https://www.suse.com/support/update/announcement/2023/suse-su-20234573-1/

Vulnerable Software

SUSE Linux Enterprise Micro: 5.3 - 6.0
SUSE Package Hub 15: 15-SP4 - 15-SP5
Legacy Module: 15-SP5
SUSE Linux Enterprise Server for SAP Applications 15: SP4 - SP5
SUSE Linux Enterprise Server 15: SP4 - SP5
SUSE Linux Enterprise Real Time 15: SP4 - SP5
SUSE Linux Enterprise High Performance Computing 15: SP4 - SP5
SUSE Linux Enterprise Desktop 15: SP4 - SP5
Server Applications Module: 15-SP4
openSUSE Leap: 15.4 - 15.5
SUSE Manager Retail Branch Server: 4.3
SUSE Manager Server: 4.3
SUSE Manager Proxy: 4.3
ovn-doc: before 20.06.2-150400.24.14.2
openvswitch-doc: before 2.14.2-150400.24.14.2
libovn-20_06-0-debuginfo: before 20.06.2-150400.24.14.2
openvswitch-ipsec: before 2.14.2-150400.24.14.2
openvswitch-pki: before 2.14.2-150400.24.14.2
ovn-vtep: before 20.06.2-150400.24.14.2
openvswitch-vtep-debuginfo: before 2.14.2-150400.24.14.2
ovn-host-debuginfo: before 20.06.2-150400.24.14.2
openvswitch-test-debuginfo: before 2.14.2-150400.24.14.2
openvswitch-devel: before 2.14.2-150400.24.14.2
ovn-docker: before 20.06.2-150400.24.14.2
ovn-central: before 20.06.2-150400.24.14.2
openvswitch-test: before 2.14.2-150400.24.14.2
libovn-20_06-0: before 20.06.2-150400.24.14.2
openvswitch-debugsource: before 2.14.2-150400.24.14.2
libopenvswitch-2_14-0-debuginfo: before 2.14.2-150400.24.14.2
ovn-devel: before 20.06.2-150400.24.14.2
libopenvswitch-2_14-0: before 2.14.2-150400.24.14.2
ovn-debuginfo: before 20.06.2-150400.24.14.2
openvswitch: before 2.14.2-150400.24.14.2
openvswitch-debuginfo: before 2.14.2-150400.24.14.2
ovn-host: before 20.06.2-150400.24.14.2
ovn-vtep-debuginfo: before 20.06.2-150400.24.14.2
ovn-central-debuginfo: before 20.06.2-150400.24.14.2
ovn: before 20.06.2-150400.24.14.2
python3-ovs: before 2.14.2-150400.24.14.2
openvswitch-vtep: before 2.14.2-150400.24.14.2