Back to bug 2137666

Who When What Removed Added
Anten Skrabec 2022-10-25 18:55:24 UTC CC security-response-team
Anten Skrabec 2023-01-26 21:08:16 UTC CC aconole, amusil, apevec, chrisw, eglynn, jiji, jjoyce, lhh, lpeer, mburns, mgarciac, michal.skrivanek, mkolesni, mperina, qding, sbonazzo, scohen, spower
Anten Skrabec 2023-01-26 23:21:48 UTC CC aconole, qding
Anten Skrabec 2023-01-30 20:13:35 UTC CC dfreiber, jburrell, rogbas, vkumar
Anten Skrabec 2023-02-10 23:56:20 UTC Doc Text When processing a IP packet with protocol 0, OVS will install datapath flow without action modifying ip header. This results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wilcarded) for this flow but with an incorrect action. This may result in incorrect handling of other IP packets with a != 0 IP protocol that match this dp flow.
Anten Skrabec 2023-02-11 00:00:19 UTC Depends On 2169004, 2169005
Anten Skrabec 2023-03-28 21:51:36 UTC Alias CVE-2023-1668
Summary EMBARGOED openvswitch: ip proto 0 triggers incorrect handling EMBARGOED CVE-2023-1668 openvswitch: ip proto 0 triggers incorrect handling
Martin Perina 2023-03-29 07:31:12 UTC Flags needinfo?(askrabec)
RaTasha Tillery-Smith 2023-03-29 12:52:14 UTC Doc Text When processing a IP packet with protocol 0, OVS will install datapath flow without action modifying ip header. This results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wilcarded) for this flow but with an incorrect action. This may result in incorrect handling of other IP packets with a != 0 IP protocol that match this dp flow. A flaw was found in openvswitch (OVS). When processing an IP packet with protocol 0, OVS will install the datapath flow without the action modifying the IP header. This issue results (for both kernel and userspace datapath) in installing a datapath flow matching all IP protocols (nw_proto is wildcarded) for this flow, but with an incorrect action, possibly causing incorrect handling of other IP packets with a != 0 IP protocol that matches this dp flow.
Anten Skrabec 2023-03-29 18:52:24 UTC Flags needinfo?(askrabec)
Anten Skrabec 2023-03-29 18:54:23 UTC Group team ocp_embargoes
Depends On 2182823, 2182832, 2182831, 2182833, 2182829, 2182822, 2182826, 2182827, 2182828, 2182824, 2182830, 2182825, 2182834
Anten Skrabec 2023-03-30 18:20:36 UTC CC tredaelli
Pedro Sampaio 2023-04-06 20:45:45 UTC CC ovs-bugzilla, ovs-qe, rhos-maint
Summary EMBARGOED CVE-2023-1668 openvswitch: ip proto 0 triggers incorrect handling CVE-2023-1668 openvswitch: ip proto 0 triggers incorrect handling
Group qe_staff, team ocp_embargoes, security
Patrick Del Bello 2023-04-12 14:28:17 UTC Depends On 2186245, 2186246, 2186247
errata-xmlrpc 2023-04-13 09:04:36 UTC Link ID Red Hat Product Errata RHSA-2023:1766
errata-xmlrpc 2023-04-13 09:04:50 UTC Link ID Red Hat Product Errata RHSA-2023:1769
errata-xmlrpc 2023-04-13 09:04:56 UTC Link ID Red Hat Product Errata RHSA-2023:1765
errata-xmlrpc 2023-04-13 09:05:22 UTC Link ID Red Hat Product Errata RHSA-2023:1770
Ronit Dey 2023-04-17 19:24:39 UTC CC rdey
errata-xmlrpc 2023-04-18 14:07:27 UTC Link ID Red Hat Product Errata RHSA-2023:1823
errata-xmlrpc 2023-04-18 14:07:32 UTC Link ID Red Hat Product Errata RHSA-2023:1824
Product Security DevOps Team 2023-04-18 19:36:52 UTC Status NEW CLOSED
Resolution --- ERRATA
Last Closed 2023-04-18 19:36:52 UTC
Anten Skrabec 2023-04-19 14:12:57 UTC Depends On 2188027
Anten Skrabec 2023-04-19 14:19:24 UTC CC ovs-triage
Anten Skrabec 2023-04-24 08:46:08 UTC CC arachman, lveyde
Anten Skrabec 2023-05-23 20:36:42 UTC Severity medium high
Priority medium high
Avinash Hanwate 2023-05-29 09:10:43 UTC Depends On 2210714
errata-xmlrpc 2023-06-06 14:11:51 UTC Link ID Red Hat Product Errata RHSA-2023:3491
Przemyslaw Roguski 2023-06-22 13:07:20 UTC Priority high medium
Severity high medium

Back to bug 2137666