CVE-2023-3966

Name
CVE-2023-3966
Description
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.
NVD Severity
unknown
Other trackers
Mailing lists
Exploits
Forges
GitHub (code, issues), Aports (code, issues)

References

Type URI
vdb-entry https://access.redhat.com/security/cve/CVE-2023-3966
issue-tracking https://bugzilla.redhat.com/show_bug.cgi?id=2178363
secalert@redhat.com https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/
secalert@redhat.com https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/

Match rules

CPE URI Source package Min version Max version
openvswitch == 3.1.0 == 3.1.0

Vulnerable and fixed packages

Source package Branch Version Maintainer Status
openvswitch 3.19-community 2.17.9-r0 Stuart Cardall <developer@it-offshore.co.uk> fixed