Overview

File _patchinfo of Package patchinfo.42368

<patchinfo incident="42368">
  <issue tracker="cve" id="2023-3153"/>
  <issue tracker="cve" id="2023-3152"/>
  <issue tracker="cve" id="2023-5366"/>
  <issue tracker="cve" id="2023-3966"/>
  <issue tracker="cve" id="2024-2182"/>
  <issue tracker="cve" id="2025-0650"/>
  <issue tracker="cve" id="2023-1668"/>
  <issue tracker="bnc" id="1210054">VUL-0: CVE-2023-1668: openvswitch: remote traffic denial of service via crafted packets with IP proto 0</issue>
  <issue tracker="bnc" id="1219465">VUL-0: CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload</issue>
  <issue tracker="bnc" id="1255435">VUL-0: CVE-2024-2182: openvswitch: ov: insufficient validation of incoming BFD packets may lead to denial of service</issue>
  <issue tracker="bnc" id="1212125">VUL-0: CVE-2023-3153: openvswitch,openvswitch3: service monitor MAC flow is not rate limited</issue>
  <issue tracker="bnc" id="1216002">VUL-0: CVE-2023-5366: openvswitch: missing masks on a final stage with ports trie</issue>
  <packager>cfconrad</packager>
  <rating>important</rating>
  <category>security</category>
  <summary>Security update for openvswitch3</summary>
  <description>This update for openvswitch3 fixes the following issues:

Update to v3.1.7:

 - CVE-2023-3966: openvswitch, openvswitch3: Invalid memory access in Geneve with HW offload (bsc#1219465).
 - CVE-2024-2182: openvswitch: ov: insufficient validation of incoming BFD packets may lead to denial of service (bsc#1255435).
 - CVE-2023-1668: openvswitch: remote traffic denial of service via crafted packets with IP proto 0 (bsc#1210054).
 - CVE-2023-3153: openvswitch,openvswitch3: service monitor MAC flow is not rate limited (bsc#1212125).
 - CVE-2023-5366: openvswitch: missing masks on a final stage with ports trie (bsc#1216002).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places