Alerts This Week
Warning Icon 1 727
Alerts This Week
Warning Icon 1 727

Debian DSA-5640-1 Critical: Open vSwitch DoS Exploit Fix

debian
Calendar Grey March 14, 2024
Debian Logo
A couple of security flaws in Open vSwitch may result in OpenFlow circumvention or service interruptions. Prompt patching advised.
Two vulnerabilities were discovered in Open vSwitch, a software-based Ethernet virtual switch, which could result in a bypass of OpenFlow rules or denial of service
Topics%20covered

Topics Covered

security advisory denial of service critical debian openvswitch

Summary

Two vulnerabilities were discovered in Open vSwitch, a software-based
Ethernet virtual switch, which could result in a bypass of OpenFlow
rules or denial of service.

For the oldstable distribution (bullseye), these problems have been fixed
in version 2.15.0+ds1-2+deb11u5. This update also adresses a memory leak
tracked as CVE-2024-22563.

For the stable distribution (bookworm), these problems have been fixed in
version 3.1.0-2+deb12u1.

We recommend that you upgrade your openvswitch packages.

For the detailed security status of openvswitch please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/source-package/openvswitch

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/



Severity
critical
Lowest
Low
Medium
High
Critical

Package: openvswitch
CVE ID: CVE-2023-3966 CVE-2023-5366

Topics%20covered

Topics Covered

security advisory denial of service critical debian openvswitch

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here