A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2023-04-10T00:00:00

Updated: 2024-08-02T05:57:24.726Z

Reserved: 2023-03-27T00:00:00

Link: CVE-2023-1668

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-04-10T22:15:09.133

Modified: 2024-11-21T07:39:39.313

Link: CVE-2023-1668

cve-icon Redhat

Severity : Moderate

Publid Date: 2023-04-06T00:00:00Z

Links: CVE-2023-1668 - Bugzilla