CVE-2023-5366

CVSS v3.1

7.1

High

Vector

AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H

Name of the Vulnerable Software and Affected Versions Open vSwitch (affected versions not specified)

Description A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses. The vulnerability is related to insufficient authentication of data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Insufficient Verification of Data Authenticity

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-345

Related Identifiers

ALT-PU-2024-10743

ALT-PU-2024-6293

AZL-31280

AZL-35087

BDU:2024-03244

CVE-2023-5366

DLA-3734-1

DSA-5640-1

OESA-2023-1732

OPENSUSE-SU-2023_4508-1

OPENSUSE-SU-2024:13657-1

RHSA-2024:1227

RHSA-2024:1234

RHSA-2024:1235

ROSA-SA-2025-2664

SUSE-SU-2023:4508-1

SUSE-SU-2023:4571-1

SUSE-SU-2023:4573-1

SUSE-SU-2023:4657-1

SUSE-SU-2023:4661-1

SUSE-SU-2023:4666-1

SUSE-SU-2023:4714-1

SUSE-SU-2023_4508-1

SUSE-SU-2023_4571-1

SUSE-SU-2023_4573-1

SUSE-SU-2023_4657-1

SUSE-SU-2023_4661-1

SUSE-SU-2023_4666-1

SUSE-SU-2023_4714-1

SUSE-SU-2026:0280-1

SUSE-SU-2026:0290-1

SUSE-SU-2026:20049-1

SUSE-SU-2026:20061-1

USN-6514-1

USN-6690-1

Affected Products

Alt Linux

Astra Linux

Linuxmint

Openvswitch

Red Os

Suse

Ubuntu

CVE-2023-5366

Weakness Enumeration

Related Identifiers

Affected Products

References · 81