USN-6691-1: OVN vulnerability

Releases

• Ubuntu 23.10
• Ubuntu 22.04 LTS
• Ubuntu 20.04 LTS

Packages

• ovn - system to support virtual network abstraction

Details

It was discovered that OVN incorrectly enabled OVS Bidirectional Forwarding
Detection on logical ports. A remote attacker could possibly use this issue
to disrupt traffic.

Update instructions

The problem can be corrected by updating your system to the following package versions:

Ubuntu 23.10

• ovn-central - 23.09.0-1ubuntu0.1
• ovn-common - 23.09.0-1ubuntu0.1
• ovn-host - 23.09.0-1ubuntu0.1
• ovn-ic - 23.09.0-1ubuntu0.1

Ubuntu 22.04

• ovn-central - 22.03.3-0ubuntu0.22.04.2
• ovn-common - 22.03.3-0ubuntu0.22.04.2
• ovn-host - 22.03.3-0ubuntu0.22.04.2
• ovn-ic - 22.03.3-0ubuntu0.22.04.2

Ubuntu 20.04

• ovn-central - 20.03.2-0ubuntu0.20.04.5
• ovn-common - 20.03.2-0ubuntu0.20.04.5
• ovn-host - 20.03.2-0ubuntu0.20.04.5
• ovn-ic - 20.03.2-0ubuntu0.20.04.5

In general, a standard system update will make all the necessary changes.

References

• CVE-2024-2182