suse · CVE-2023-5366

Quick triage

Priority: high Published: 2023-10-06 23:20:27 UTC Updated: 2026-03-05 03:52:14 UTC

View at Official suse advisory, NVD, CVE.org · CVE detail

Freshness: upstream tracker timestamp is available; use API updated time as primary recency signal.

Tracker summary

CVE-2023-5366 severity important: SUSE including 154 source package names (latest:selinux-policy-20230523+git27.6fee49569-1.1, latest:selinux-policy-targeted-20230523+git27.6fee49569-1.1, …), 476 product×package rows across 40 product lines (Container suse/sl-micro/6.0/baremetal-os-container, Image SLE-Micro, … (40 product lines)): Fixed 476.

Description:

A flaw was found in Open vSwitch that allows ICMPv6 Neighbor Advertisement packets between virtual machines to bypass OpenFlow rules. This issue may allow a local attacker to create specially crafted packets with a modified or spoofed target IP address field that can redirect ICMPv6 traffic to arbitrary IP addresses.

cvelogic Threat Intelligence