StarlingX

[Debian] High CVE: CVE-2023-3966/CVE-2023-5366/CVE-2024-22563 openvswitch : multiple CVEs

Bug #2057984 reported by Yue Tao on 2024-03-15

256

This bug affects 1 person

Affects		Status	Importance	Assigned to	Milestone
	StarlingX	Fix Released	High	Wentao Zhang

Bug Description

CVE-2023-3966: https://nvd.nist.gov/vuln/detail/CVE-2023-3966

A flaw was found in Open vSwitch where multiple versions are vulnerable to crafted Geneve packets, which may result in a denial of service and invalid memory accesses. Triggering this issue requires that hardware offloading via the netlink path is enabled.

CVE-2023-5366: https://nvd.nist.gov/vuln/detail/CVE-2023-5366

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.

CVE-2024-22563: https://nvd.nist.gov/vuln/detail/CVE-2024-22563

openvswitch 2.17.8 was discovered to contain a memory leak via the function xmalloc__ in openvswitch-2.17.8/lib/util.c.

Base Score: High

Reference:

openvswitch_2.15.0+ds1-2+deb11u5
https://security-tracker.debian.org/tracker/DSA-5640-1

Tags:

CVE References

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-21: Fix proposed to integ (master)

Fix proposed to branch: master
Review: https://review.opendev.org/c/starlingx/integ/+/913871

Changed in starlingx:
status:	Triaged → In Progress

Revision history for this message

OpenStack Infra (hudson-openstack) wrote on 2024-03-21: Fix merged to integ (master)

Reviewed: https://review.opendev.org/c/starlingx/integ/+/913871
Committed: https://opendev.org/starlingx/integ/commit/1b0db90e438c7fb1ee5ceb2516f8a459fa7fe21a
Submitter: "Zuul (22348)"
Branch: master

commit 1b0db90e438c7fb1ee5ceb2516f8a459fa7fe21a
Author: Wentao Zhang <email address hidden>
Date: Thu Mar 21 00:55:46 2024 -0700

Debian: openvswitch: fix CVE-2023-3966/CVE-2023-5366/CVE-2024-22563

Upgrade openvswitch's version from 2.15.0+ds1-2+deb11u4 to
2.15.0+ds1-2+deb11u5 to fix CVE-2023-3966/CVE-2023-5366/CVE-2024-22563

    Refer to:
    https://nvd.nist.gov/vuln/detail/CVE-2023-3966
    https://nvd.nist.gov/vuln/detail/CVE-2023-5366
    https://nvd.nist.gov/vuln/detail/CVE-2024-22563
    https://security-tracker.debian.org/tracker/DSA-5640-1

    Test Plan:
     Pass: downloader
     Pass: build-pkgs --clean --all
     Pass: build-image
     Pass: boot

Closes-bug: #2057984

Change-Id: I59ac7a2d64cf3f93da081a32e683d36f29055f28
Signed-off-by: Wentao Zhang <email address hidden>

Changed in starlingx:
status:	In Progress → Fix Released

Revision history for this message

Ghada Khalil (gkhalil) wrote on 2024-04-01 (last edit on 2024-04-01):

Changing the target release to stx.10.0 since this only merged in the main branch after the r/stx.9.0 release branch was created (March 7) and the team doesn't port CVE fixes to released branches.

tags:	added: stx.10.0 removed: stx.9.0
Changed in starlingx:
assignee:	nobody → Wentao Zhang (wzhang4)

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.