Detections
Analytics

CVE-2024-2182

medium

Description

A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service.

References

https://www.openwall.com/lists/oss-security/2024/03/12/5

https://mail.openvswitch.org/pipermail/ovs-announce/2024-March/000346.html

https://bugzilla.redhat.com/show_bug.cgi?id=2267840

https://access.redhat.com/security/cve/CVE-2024-2182

https://access.redhat.com/errata/RHSA-2024:4035

https://access.redhat.com/errata/RHSA-2024:1394

https://access.redhat.com/errata/RHSA-2024:1393

https://access.redhat.com/errata/RHSA-2024:1392

https://access.redhat.com/errata/RHSA-2024:1391

https://access.redhat.com/errata/RHSA-2024:1390

https://access.redhat.com/errata/RHSA-2024:1388

https://access.redhat.com/errata/RHSA-2024:1387

https://access.redhat.com/errata/RHSA-2024:1386

https://access.redhat.com/errata/RHSA-2024:1385

Details

Source: Mitre, NVD

Published: 2024-03-12

Updated: 2024-09-14

Risk Information

CVSS v2

Base Score: 6.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:C

Severity: Medium

CVSS v3

Base Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Severity: Medium