drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Denial of Service in OVN
Name: |
Denial of Service in OVN |
|
ID: |
USN-6691-1 |
|
Distribution: |
Ubuntu |
|
Plattformen: |
Ubuntu 20.04 LTS, Ubuntu 22.04 LTS, Ubuntu 23.10 |
|
Datum: |
Di, 12. März 2024, 21:34 |
|
Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-2182 |
|
Applikationen: |
OVN |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --===============3094846574671237242== Content-Language: en-CA Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="------------fRuvvIoJnJNFdd4CwkVAas5c"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --------------fRuvvIoJnJNFdd4CwkVAas5c Content-Type: multipart/mixed; boundary="------------Zqw2zNYfnN7w5cRNGojKT7jU"; protected-headers="v1" From: Marc Deslauriers <marc.deslauriers@canonical.com> Reply-To: Ubuntu Security <security@ubuntu.com> To: "ubuntu-security-announce@lists.ubuntu.com" <ubuntu-security-announce@lists.ubuntu.com> Message-ID: <41614313-72d9-40ce-854c-f0d5af8ed178@canonical.com> Subject: [USN-6691-1] OVN vulnerability
--------------Zqw2zNYfnN7w5cRNGojKT7jU Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: base64
========================================================================== Ubuntu Security Notice USN-6691-1 March 12, 2024
ovn vulnerability ==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 23.10 - Ubuntu 22.04 LTS - Ubuntu 20.04 LTS
Summary:
OVN could be made to disrupt traffic.
Software Description: - ovn: system to support virtual network abstraction
Details:
It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding Detection on logical ports. A remote attacker could possibly use this issue to disrupt traffic.
Update instructions:
The problem can be corrected by updating your system to the following package versions:
Ubuntu 23.10: ovn-central 23.09.0-1ubuntu0.1 ovn-common 23.09.0-1ubuntu0.1 ovn-host 23.09.0-1ubuntu0.1 ovn-ic 23.09.0-1ubuntu0.1
Ubuntu 22.04 LTS: ovn-central 22.03.3-0ubuntu0.22.04.2 ovn-common 22.03.3-0ubuntu0.22.04.2 ovn-host 22.03.3-0ubuntu0.22.04.2 ovn-ic 22.03.3-0ubuntu0.22.04.2
Ubuntu 20.04 LTS: ovn-central 20.03.2-0ubuntu0.20.04.5 ovn-common 20.03.2-0ubuntu0.20.04.5 ovn-host 20.03.2-0ubuntu0.20.04.5 ovn-ic 20.03.2-0ubuntu0.20.04.5
In general, a standard system update will make all the necessary changes.
References: https://ubuntu.com/security/notices/USN-6691-1 CVE-2024-2182
Package Information: https://launchpad.net/ubuntu/+source/ovn/23.09.0-1ubuntu0.1 https://launchpad.net/ubuntu/+source/ovn/22.03.3-0ubuntu0.22.04.2 https://launchpad.net/ubuntu/+source/ovn/20.03.2-0ubuntu0.20.04.5
--------------Zqw2zNYfnN7w5cRNGojKT7jU--
--------------fRuvvIoJnJNFdd4CwkVAas5c Content-Type: application/pgp-signature; name="OpenPGP_signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="OpenPGP_signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmXwc98ACgkQZWnYVadE vpOnKRAAoxG7JiUUBQSuIGvr7z/At59bCO1s++4K3OrenOKhpcxU0xuTtx1irUlc AhZO4SrWt7GEy9YLAiLohY1cwjbB3mhOpW4PEzbLDAfJm8/0CrhSNn+dFNttxzD/ mZre/dSRbKfBAjoNOfLCgB2wF25SM+atwiLawFvDnIBIZ1YZ4SJiEhFXHPi8pslA QBUv+HhY0VmZ94VC9zFOVObS8NuB0yX39yBek0pm9mVbw5kW53RWfznJpdgKzZxa VewYnTBd6inEnLeCQOwok1XoYKndBJHCfn7tp/bVAYNagauSAHBBgG7J7qgtpmJp 1JYAHk9Xxuzs8ytN5owmaF0OU2/4ghLYlKZrOJJl/4IOkxL8C/F1kxwd36wIVNMm pRgjjnXmz0lBs7+CAcuPzXuETQtEjfSotE6Aqj1Op/wyMr04d21wc9bx5ngh5wCl qdoDLKtjzwqMnqUbnkZCGtjmb9brbYSbOoaLxcZ9IPETjihNjnezKOjgvumC2m1+ LqvgFCKGmAS/5aP5pBH13MkZrQrprn4FG4s3BAfVrsaBLzwhulrtM/ymxlRwaChM 9+pcl25PqMrlbdOMqR5JGyH7zbt3W9fy0vOiS4oCD0t1h9mfpdqGVvPrbSdc0rUs 6OnhTeVue7Bxd0mMtIvP5HbygF3wvs/jVgSL+irb2WSciU6FXLE= =YvEr -----END PGP SIGNATURE-----
--------------fRuvvIoJnJNFdd4CwkVAas5c--
--===============3094846574671237242== Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: base64 Content-Disposition: inline
Cg==
--===============3094846574671237242==--
|
|
|
|