CVE-2023-3153
Service monitor mac flow is not rate limited
A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Produtos afetados
Fedora · Fedoran/a · ovnRed Hat · Fast Datapath for RHEL 7Red Hat · Fast Datapath for RHEL 8Red Hat · Fast Datapath for RHEL 9Red Hat · Red Hat OpenShift Container Platform 4Red Hat · Red Hat OpenStack Platform 13 (Queens)Quer saber se a sua infraestrutura está exposta a isto?
Falar com a TrueHacking →Referências
https://access.redhat.com/security/cve/CVE-2023-3153https://bugzilla.redhat.com/show_bug.cgi?id=2213279https://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bdhttps://github.com/ovn-org/ovn/issues/198https://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.htmlhttps://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html