1. Ubuntu Security Notices
  2. USN-6068-1

USN-6068-1: Open vSwitch vulnerability

Publication date

10 May 2023

Overview

Open vSwitch could be made to stop forwarding packets if it received specially crafted network traffic.

Releases

Packages

Details

David Marchand discovered that Open vSwitch incorrectly handled IP packets
with the protocol set to 0. A remote attacker could possibly use this issue
to cause a denial of service.

David Marchand discovered that Open vSwitch incorrectly handled IP packets
with the protocol set to 0. A remote attacker could possibly use this issue
to cause a denial of service.

Update instructions

In general, a standard system update will make all the necessary changes.

Learn more about how to get the fixes.

The problem can be corrected by updating your system to the following package versions:

Ubuntu Release Package Version
22.10 kinetic openvswitch-common –  3.0.3-0ubuntu0.22.10.3
python3-openvswitch –  3.0.3-0ubuntu0.22.10.3
22.04 jammy openvswitch-common –  2.17.5-0ubuntu0.22.04.2
python3-openvswitch –  2.17.5-0ubuntu0.22.04.2
20.04 focal openvswitch-common –  2.13.8-0ubuntu1.2
python3-openvswitch –  2.13.8-0ubuntu1.2
18.04 bionic openvswitch-common –  2.9.8-0ubuntu0.18.04.5
python-openvswitch –  2.9.8-0ubuntu0.18.04.5
python3-openvswitch –  2.9.8-0ubuntu0.18.04.5

Reduce your security exposure

Ubuntu Pro provides ten-year security coverage to 25,000+ packages in Main and Universe repositories, and it is free for up to five machines.

Get Ubuntu Pro

References

Have additional questions?

Talk to a member of the team ›