CVE-2023-3153
Summary
| CVE | CVE-2023-3153 |
|---|
| State | PUBLIC |
|---|
| Assigner | [email protected] |
|---|
| Source Priority | CVE Program / NVD first with legacy fallback |
|---|
| Published | 2023-10-04 12:15:00 UTC |
|---|
| Updated | 2023-11-07 04:18:00 UTC |
|---|
| Description | A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured. |
|---|
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|
| [ovs-announce] [ADVISORY] CVE-2023-3153 OVN: Service monitor MAC flow is not rate limited |
MISC |
mail.openvswitch.org |
|
| northd, controller: Add CoPP for SVC monitor · ovn-org/ovn@9a3f7ed · GitHub |
MISC |
github.com |
|
| cve-details |
MISC |
access.redhat.com |
|
| 2213279 – (CVE-2023-3153) CVE-2023-3153 ovn: service monitor MAC flow is not rate limited |
MISC |
bugzilla.redhat.com |
|
| [ovs-dev] [PATCH ovn] northd, controller: Add CoPP for SVC monitor |
MISC |
mail.openvswitch.org |
|
| CVE-2023-3153 ovn: service monitor MAC flow is not rate limited · Issue #198 · ovn-org/ovn · GitHub |
MISC |
github.com |
|
| CVE Program record |
CVE.ORG |
www.cve.org |
canonical |
| NVD vulnerability detail |
NVD |
nvd.nist.gov |
canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 242361 Red Hat OpenShift Container Platform 4.11 Security Update (RHSA-2023:6274)
- 242374 Red Hat OpenShift Container Platform 4.14 Security Update (RHSA-2023:5009)
- 754896 SUSE Enterprise Linux Security Update for openvswitch3 (SUSE-SU-2023:3710-1)
- 770212 Red Hat OpenShift Container Platform 4.11 Security Update (RHSA-2023:6274)
- 770213 Red Hat OpenShift Container Platform 4.14 Security Update (RHSA-2023:5009)
