OESA-2023-1234

See a problem?
Please try reporting it to the source first.

Source

https://www.openeuler.org/en/security/security-bulletins/detail/?id=openEuler-SA-2023-1234

Import Source

https://repo.openeuler.org/security/data/osv/OESA-2023-1234.json

JSON Data

https://api.test.osv.dev/v1/vulns/OESA-2023-1234

Upstream

CVE-2023-1668

Published

2023-04-21T11:05:10Z

Modified

2025-08-12T05:17:44.773718Z

Summary

openvswitch security update

Details

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.(CVE-2023-1668)

Database specific

{
    "severity": "High"
}

References

Affected packages

openEuler:20.03-LTS-SP1 / openvswitch

Package

Name: openvswitch
Purl: pkg:rpm/openEuler/openvswitch&distro=openEuler-20.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12.4-4.oe1

Ecosystem specific

{
    "x86_64": [
        "openvswitch-2.12.4-4.oe1.x86_64.rpm",
        "openvswitch-debugsource-2.12.4-4.oe1.x86_64.rpm",
        "openvswitch-help-2.12.4-4.oe1.x86_64.rpm",
        "openvswitch-devel-2.12.4-4.oe1.x86_64.rpm",
        "openvswitch-debuginfo-2.12.4-4.oe1.x86_64.rpm",
        "python3-openvswitch-2.12.4-4.oe1.x86_64.rpm"
    ],
    "src": [
        "openvswitch-2.12.4-4.oe1.src.rpm"
    ],
    "aarch64": [
        "python3-openvswitch-2.12.4-4.oe1.aarch64.rpm",
        "openvswitch-devel-2.12.4-4.oe1.aarch64.rpm",
        "openvswitch-debuginfo-2.12.4-4.oe1.aarch64.rpm",
        "openvswitch-2.12.4-4.oe1.aarch64.rpm",
        "openvswitch-help-2.12.4-4.oe1.aarch64.rpm",
        "openvswitch-debugsource-2.12.4-4.oe1.aarch64.rpm"
    ]
}

openEuler:20.03-LTS-SP3 / openvswitch

Package

Name: openvswitch
Purl: pkg:rpm/openEuler/openvswitch&distro=openEuler-20.03-LTS-SP3

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12.4-5.oe1

Ecosystem specific

{
    "x86_64": [
        "openvswitch-debuginfo-2.12.4-5.oe1.x86_64.rpm",
        "openvswitch-devel-2.12.4-5.oe1.x86_64.rpm",
        "python3-openvswitch-2.12.4-5.oe1.x86_64.rpm",
        "openvswitch-2.12.4-5.oe1.x86_64.rpm",
        "openvswitch-debugsource-2.12.4-5.oe1.x86_64.rpm",
        "openvswitch-help-2.12.4-5.oe1.x86_64.rpm"
    ],
    "src": [
        "openvswitch-2.12.4-5.oe1.src.rpm"
    ],
    "aarch64": [
        "openvswitch-devel-2.12.4-5.oe1.aarch64.rpm",
        "openvswitch-debugsource-2.12.4-5.oe1.aarch64.rpm",
        "openvswitch-help-2.12.4-5.oe1.aarch64.rpm",
        "openvswitch-2.12.4-5.oe1.aarch64.rpm",
        "openvswitch-debuginfo-2.12.4-5.oe1.aarch64.rpm",
        "python3-openvswitch-2.12.4-5.oe1.aarch64.rpm"
    ]
}

openEuler:22.03-LTS / openvswitch

Package

Name: openvswitch
Purl: pkg:rpm/openEuler/openvswitch&distro=openEuler-22.03-LTS

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12.4-3.oe2203sp1

Ecosystem specific

{
    "x86_64": [
        "openvswitch-debugsource-2.12.4-4.oe2203.x86_64.rpm",
        "openvswitch-debuginfo-2.12.4-4.oe2203.x86_64.rpm",
        "openvswitch-help-2.12.4-4.oe2203.x86_64.rpm",
        "openvswitch-devel-2.12.4-4.oe2203.x86_64.rpm",
        "openvswitch-2.12.4-4.oe2203.x86_64.rpm",
        "openvswitch-help-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-debuginfo-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-debugsource-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-devel-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-2.12.4-3.oe2203sp1.x86_64.rpm"
    ],
    "src": [
        "openvswitch-2.12.4-4.oe2203.src.rpm",
        "openvswitch-2.12.4-3.oe2203sp1.src.rpm"
    ],
    "aarch64": [
        "openvswitch-help-2.12.4-4.oe2203.aarch64.rpm",
        "openvswitch-debugsource-2.12.4-4.oe2203.aarch64.rpm",
        "openvswitch-devel-2.12.4-4.oe2203.aarch64.rpm",
        "openvswitch-debuginfo-2.12.4-4.oe2203.aarch64.rpm",
        "openvswitch-2.12.4-4.oe2203.aarch64.rpm",
        "openvswitch-debuginfo-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-help-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-devel-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-debugsource-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-2.12.4-3.oe2203sp1.aarch64.rpm"
    ]
}

openEuler:22.03-LTS-SP1 / openvswitch

Package

Name: openvswitch
Purl: pkg:rpm/openEuler/openvswitch&distro=openEuler-22.03-LTS-SP1

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

2.12.4-3.oe2203sp1

Ecosystem specific

{
    "x86_64": [
        "openvswitch-help-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-debuginfo-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-debugsource-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-devel-2.12.4-3.oe2203sp1.x86_64.rpm",
        "openvswitch-2.12.4-3.oe2203sp1.x86_64.rpm"
    ],
    "src": [
        "openvswitch-2.12.4-3.oe2203sp1.src.rpm"
    ],
    "aarch64": [
        "openvswitch-debuginfo-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-help-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-devel-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-debugsource-2.12.4-3.oe2203sp1.aarch64.rpm",
        "openvswitch-2.12.4-3.oe2203sp1.aarch64.rpm"
    ]
}