CVE-2023-3966

EUVD-2023-44591
A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 14%
Affected Products (NVD)
VendorProductVersion
openvswitchopenvswitch
𝑥
< 3.1.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openvswitch
bookworm
3.1.0-2+deb12u1
fixed
bookworm (security)
3.1.0-2+deb12u1
fixed
bullseye
2.15.0+ds1-2+deb11u5
fixed
bullseye (security)
2.15.0+ds1-2+deb11u5
fixed
buster
not-affected
sid
3.5.0~git20241129.2af7cef-2
fixed
trixie
3.5.0~git20241129.2af7cef-2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openvswitch
bionic
not-affected
focal
Fixed 2.13.8-0ubuntu1.4
released
jammy
Fixed 2.17.9-0ubuntu0.22.04.1
released
mantic
Fixed 3.2.2-0ubuntu0.23.10.1
released
noble
Fixed 3.3.0~git20240118.e802fe7-3ubuntu1
released
trusty
ignored
xenial
not-affected
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libopenvswitch-2_13-0
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
libopenvswitch-2_14-0
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
libopenvswitch-3_1-0
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
libopenvswitch-3_5-0
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
libovn-20_03-0
suse enterprise server 15 SP2
20.03.1-150200.9.34.1
fixed
libovn-20_06-0
suse enterprise sap 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP3
20.06.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
20.06.2-150400.24.23.1
fixed
libovn-23_03-0
suse enterprise sap 15 SP5
23.03.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
23.03.3-150500.3.25.1
fixed
suse enterprise server 15 SP6
23.03.3-150600.33.9.1
fixed
libovn-25_03-0
suse enterprise sap 15 SP7
25.03.0-150700.39.4
fixed
suse enterprise server 15 SP7
25.03.0-150700.39.4
fixed
openvswitch
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
openvswitch-devel
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
openvswitch-ipsec
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
openvswitch-pki
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
openvswitch-test
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
openvswitch-vtep
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
openvswitch3
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
openvswitch3-devel
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
openvswitch3-ipsec
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
openvswitch3-pki
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
openvswitch3-test
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
openvswitch3-vtep
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
ovn
suse enterprise sap 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
25.03.0-150700.39.4
fixed
suse enterprise server 15 SP2
20.03.1-150200.9.34.1
fixed
suse enterprise server 15 SP3
20.06.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
23.03.3-150600.33.9.1
fixed
suse enterprise server 15 SP7
25.03.0-150700.39.4
fixed
ovn-central
suse enterprise sap 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
25.03.0-150700.39.4
fixed
suse enterprise server 15 SP2
20.03.1-150200.9.34.1
fixed
suse enterprise server 15 SP3
20.06.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
23.03.3-150600.33.9.1
fixed
suse enterprise server 15 SP7
25.03.0-150700.39.4
fixed
ovn-devel
suse enterprise sap 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
25.03.0-150700.39.4
fixed
suse enterprise server 15 SP2
20.03.1-150200.9.34.1
fixed
suse enterprise server 15 SP3
20.06.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
23.03.3-150600.33.9.1
fixed
suse enterprise server 15 SP7
25.03.0-150700.39.4
fixed
ovn-docker
suse enterprise sap 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
25.03.0-150700.39.4
fixed
suse enterprise server 15 SP2
20.03.1-150200.9.34.1
fixed
suse enterprise server 15 SP3
20.06.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
23.03.3-150600.33.9.1
fixed
suse enterprise server 15 SP7
25.03.0-150700.39.4
fixed
ovn-host
suse enterprise sap 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
25.03.0-150700.39.4
fixed
suse enterprise server 15 SP2
20.03.1-150200.9.34.1
fixed
suse enterprise server 15 SP3
20.06.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
23.03.3-150600.33.9.1
fixed
suse enterprise server 15 SP7
25.03.0-150700.39.4
fixed
ovn-vtep
suse enterprise sap 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
25.03.0-150700.39.4
fixed
suse enterprise server 15 SP2
20.03.1-150200.9.34.1
fixed
suse enterprise server 15 SP3
20.06.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
20.06.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
23.03.3-150600.33.9.1
fixed
suse enterprise server 15 SP7
25.03.0-150700.39.4
fixed
ovn3
suse enterprise sap 15 SP5
23.03.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
23.03.3-150500.3.25.1
fixed
ovn3-central
suse enterprise sap 15 SP5
23.03.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
23.03.3-150500.3.25.1
fixed
ovn3-devel
suse enterprise sap 15 SP5
23.03.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
23.03.3-150500.3.25.1
fixed
ovn3-docker
suse enterprise sap 15 SP5
23.03.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
23.03.3-150500.3.25.1
fixed
ovn3-host
suse enterprise sap 15 SP5
23.03.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
23.03.3-150500.3.25.1
fixed
ovn3-vtep
suse enterprise sap 15 SP5
23.03.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
23.03.3-150500.3.25.1
fixed
python3-ovs
suse enterprise sap 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise sap 15 SP7
3.5.0-150700.39.4
fixed
suse enterprise server 15 SP2
2.13.2-150200.9.34.1
fixed
suse enterprise server 15 SP3
2.14.2-150300.19.20.1
fixed
suse enterprise server 15 SP4
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP5
2.14.2-150400.24.23.1
fixed
suse enterprise server 15 SP6
3.1.7-150600.33.9.1
fixed
suse enterprise server 15 SP7
3.5.0-150700.39.4
fixed
python3-ovs3
suse enterprise sap 15 SP5
3.1.0-150500.3.16.1
fixed
suse enterprise server 15 SP5
3.1.7-150500.3.25.1
fixed
Common Weakness Enumeration
References
https://access.redhat.com/security/cve/CVE-2023-3966
https://bugzilla.redhat.com/show_bug.cgi?id=2178363
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/
https://access.redhat.com/security/cve/CVE-2023-3966
https://bugzilla.redhat.com/show_bug.cgi?id=2178363
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/