CVE-2023-3966 - Vulnerability Details - OpenCVE

ReportizFlow

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

No CVSS v4.0

Attack Vector Network

Attack Complexity Low

Privileges Required None

Scope Unchanged

Confidentiality Impact None

Integrity Impact None

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

This CVE is not in the KEV list.

Key SSVC decision points have not yet been added.

Vendors	Products
Redhat	Enterprise Linux Openshift

No data.

Package	CPE	Advisory	Released Date
Fast Datapath for Red Hat Enterprise Linux 8
openvswitch2.17-0:2.17.0-148.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2024:1234	2024-03-07T00:00:00Z
openvswitch3.1-0:3.1.0-96.el8fdp	cpe:/o:redhat:enterprise_linux:8::fastdatapath	RHSA-2024:1235	2024-03-07T00:00:00Z
Fast Datapath for Red Hat Enterprise Linux 9
openvswitch3.1-0:3.1.0-88.el9fdp	cpe:/o:redhat:enterprise_linux:9::fastdatapath	RHSA-2024:1227	2024-03-07T00:00:00Z

References

Link	Providers
https://access.redhat.com/security/cve/CVE-2023-3966
https://bugzilla.redhat.com/show_bug.cgi?id=2178363
https://lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
https://lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/
https://nvd.nist.gov/vuln/detail/CVE-2023-3966
https://www.cve.org/CVERecord?id=CVE-2023-3966

History

No history.

MITRE

Status: PUBLISHED

Assigner: redhat

Published: 2024-02-22T12:15:53.128Z

Updated: 2024-08-02T07:08:50.792Z

Reserved: 2023-07-26T23:16:24.169Z

Link: CVE-2023-3966

Vulnrichment

Updated: 2024-08-02T07:08:50.792Z

NVD

Status : Awaiting Analysis

Published: 2024-02-22T13:15:07.770

Modified: 2024-11-21T08:18:25.007

Link: CVE-2023-3966

Redhat

Severity : Important

Publid Date: 2024-02-08T00:00:00Z

Links: CVE-2023-3966 - Bugzilla

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2023-3966", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "state": "PUBLISHED", "assignerShortName": "redhat", "dateReserved": "2023-07-26T23:16:24.169Z", "datePublished": "2024-02-22T12:15:53.128Z", "dateUpdated": "2024-08-02T07:08:50.792Z"}, "containers": {"cna": {"title": "Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet", "metrics": [{"other": {"content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}, "type": "Red Hat severity rating"}}, {"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "format": "CVSS"}], "descriptions": [{"lang": "en", "value": "A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled."}], "affected": [{"product": "openvswitch", "vendor": "n/a", "versions": [{"version": "3.1.0", "status": "unaffected"}]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.10", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.11", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.12", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.13", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.11", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.12", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.13", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.15", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.16", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.17", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch3.1", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch2.17", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch3.0", "defaultStatus": "unknown", "cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch3.1", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"]}, {"vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch3.2", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"]}, {"vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch", "defaultStatus": "affected", "cpes": ["cpe:/o:redhat:enterprise_linux:7"]}, {"vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 3.11", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "packageName": "openvswitch-ovn-kubernetes", "defaultStatus": "unaffected", "cpes": ["cpe:/a:redhat:openshift:3.11"]}, {"product": "OpenStack RDO", "vendor": "RDO", "collectionURL": "https://repos.fedorapeople.org/repos/openstack/", "packageName": "rdo-openvswitch", "defaultStatus": "affected"}, {"product": "Fedora", "vendor": "Fedora", "collectionURL": "https://packages.fedoraproject.org/", "packageName": "openvswitch", "defaultStatus": "affected"}], "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-3966", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363", "name": "RHBZ#2178363", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/"}], "datePublic": "2024-02-08T00:00:00+00:00", "problemTypes": [{"descriptions": [{"cweId": "CWE-248", "description": "Uncaught Exception", "lang": "en", "type": "CWE"}]}], "x_redhatCweChain": "CWE-248: Uncaught Exception", "timeline": [{"lang": "en", "time": "2023-03-14T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-02-08T00:00:00+00:00", "value": "Made public."}], "credits": [{"lang": "en", "value": "This issue was discovered by Haresh Khandelwal (Red Hat) and Timothy Redaelli (Red Hat)."}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-02-22T12:15:53.128Z"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2024-02-22T15:42:09.680379Z", "id": "CVE-2023-3966", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T18:14:22.101Z"}}, {"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:08:50.792Z"}, "title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-3966", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363", "name": "RHBZ#2178363", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/", "tags": ["x_transferred"]}]}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-3966", "tags": ["vdb-entry", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363", "name": "RHBZ#2178363", "tags": ["issue-tracking", "x_refsource_REDHAT", "x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/", "tags": ["x_transferred"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/", "tags": ["x_transferred"]}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-02T07:08:50.792Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2023-3966", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2024-02-22T15:42:09.680379Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2024-07-26T18:14:19.309Z"}}], "cna": {"title": "Openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet", "credits": [{"lang": "en", "value": "This issue was discovered by Haresh Khandelwal (Red Hat) and Timothy Redaelli (Red Hat)."}], "metrics": [{"other": {"type": "Red Hat severity rating", "content": {"value": "Important", "namespace": "https://access.redhat.com/security/updates/classification/"}}}, {"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 7.5, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "n/a", "product": "openvswitch", "versions": [{"status": "unaffected", "version": "3.1.0"}]}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "packageName": "openvswitch", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "packageName": "openvswitch2.10", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "packageName": "openvswitch2.11", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "packageName": "openvswitch2.12", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 7", "packageName": "openvswitch2.13", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "packageName": "openvswitch2.11", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "packageName": "openvswitch2.12", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "packageName": "openvswitch2.13", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "packageName": "openvswitch2.15", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "packageName": "openvswitch2.16", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "packageName": "openvswitch2.17", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:8::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 8", "packageName": "openvswitch3.1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "packageName": "openvswitch2.17", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "packageName": "openvswitch3.0", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unknown"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "packageName": "openvswitch3.1", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:9::fastdatapath"], "vendor": "Red Hat", "product": "Fast Datapath for RHEL 9", "packageName": "openvswitch3.2", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/o:redhat:enterprise_linux:7"], "vendor": "Red Hat", "product": "Red Hat Enterprise Linux 7", "packageName": "openvswitch", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "affected"}, {"cpes": ["cpe:/a:redhat:openshift:3.11"], "vendor": "Red Hat", "product": "Red Hat OpenShift Container Platform 3.11", "packageName": "openvswitch-ovn-kubernetes", "collectionURL": "https://access.redhat.com/downloads/content/package-browser/", "defaultStatus": "unaffected"}, {"vendor": "RDO", "product": "OpenStack RDO", "packageName": "rdo-openvswitch", "collectionURL": "https://repos.fedorapeople.org/repos/openstack/", "defaultStatus": "affected"}, {"vendor": "Fedora", "product": "Fedora", "packageName": "openvswitch", "collectionURL": "https://packages.fedoraproject.org/", "defaultStatus": "affected"}], "timeline": [{"lang": "en", "time": "2023-03-14T00:00:00+00:00", "value": "Reported to Red Hat."}, {"lang": "en", "time": "2024-02-08T00:00:00+00:00", "value": "Made public."}], "datePublic": "2024-02-08T00:00:00+00:00", "references": [{"url": "https://access.redhat.com/security/cve/CVE-2023-3966", "tags": ["vdb-entry", "x_refsource_REDHAT"]}, {"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363", "name": "RHBZ#2178363", "tags": ["issue-tracking", "x_refsource_REDHAT"]}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/"}, {"url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/"}], "descriptions": [{"lang": "en", "value": "A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-248", "description": "Uncaught Exception"}]}], "providerMetadata": {"orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat", "dateUpdated": "2024-02-22T12:15:53.128Z"}, "x_redhatCweChain": "CWE-248: Uncaught Exception"}}, "cveMetadata": {"cveId": "CVE-2023-3966", "state": "PUBLISHED", "dateUpdated": "2024-08-02T07:08:50.792Z", "dateReserved": "2023-07-26T23:16:24.169Z", "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "datePublished": "2024-02-22T12:15:53.128Z", "assignerShortName": "redhat"}, "dataVersion": "5.1"}

{"descriptions": [{"lang": "en", "value": "A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled."}, {"lang": "es", "value": "Se encontr\u00f3 una falla en Open vSwitch donde varias versiones son vulnerables a paquetes Geneve manipulados, lo que puede resultar en una denegaci\u00f3n de servicio y accesos a memoria no v\u00e1lidos. Para desencadenar este problema es necesario que la descarga de hardware a trav\u00e9s de la ruta de enlace de red est\u00e9 habilitada."}], "id": "CVE-2023-3966", "lastModified": "2024-11-21T08:18:25.007", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 3.6, "source": "[email protected]", "type": "Secondary"}]}, "published": "2024-02-22T13:15:07.770", "references": [{"source": "[email protected]", "url": "https://access.redhat.com/security/cve/CVE-2023-3966"}, {"source": "[email protected]", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/"}, {"source": "[email protected]", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://access.redhat.com/security/cve/CVE-2023-3966"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.fedoraproject.org/archives/list/[email protected]/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-248"}], "source": "[email protected]", "type": "Secondary"}]}

{"acknowledgement": "This issue was discovered by Haresh Khandelwal (Red Hat) and Timothy Redaelli (Red Hat).", "affected_release": [{"advisory": "RHSA-2024:1234", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package": "openvswitch2.17-0:2.17.0-148.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2024-03-07T00:00:00Z"}, {"advisory": "RHSA-2024:1235", "cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "package": "openvswitch3.1-0:3.1.0-96.el8fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 8", "release_date": "2024-03-07T00:00:00Z"}, {"advisory": "RHSA-2024:1227", "cpe": "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "package": "openvswitch3.1-0:3.1.0-88.el9fdp", "product_name": "Fast Datapath for Red Hat Enterprise Linux 9", "release_date": "2024-03-07T00:00:00Z"}], "bugzilla": {"description": "openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet", "id": "2178363", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2178363"}, "csaw": false, "cvss3": {"cvss3_base_score": "7.5", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "status": "verified"}, "cwe": "CWE-248", "details": ["A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.", "A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled."], "name": "CVE-2023-3966", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Affected", "package_name": "openvswitch", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.10", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.11", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Affected", "package_name": "openvswitch2.13", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.11", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.12", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Affected", "package_name": "openvswitch2.13", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Affected", "package_name": "openvswitch2.15", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch2.16", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "fix_state": "Affected", "package_name": "openvswitch2.17", "product_name": "Fast Datapath for RHEL 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "fix_state": "Out of support scope", "package_name": "openvswitch3.0", "product_name": "Fast Datapath for RHEL 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9::fastdatapath", "fix_state": "Will not fix", "package_name": "openvswitch3.2", "product_name": "Fast Datapath for RHEL 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Out of support scope", "package_name": "openvswitch", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/a:redhat:openshift:3.11", "fix_state": "Not affected", "package_name": "openvswitch-ovn-kubernetes", "product_name": "Red Hat OpenShift Container Platform 3.11"}], "public_date": "2024-02-08T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2023-3966\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3966"], "threat_severity": "Important", "upstream_fix": "openvswitch 3.1.0"}