{
  "threat_severity" : "Moderate",
  "public_date" : "2023-06-07T00:00:00Z",
  "bugzilla" : {
    "description" : "ovn: service monitor MAC flow is not rate limited",
    "id" : "2213279",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=2213279"
  },
  "cvss3" : {
    "cvss3_base_score" : "5.3",
    "cvss3_scoring_vector" : "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
    "status" : "verified"
  },
  "cwe" : "CWE-400",
  "details" : [ "A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured.", "A flaw was found in Open Virtual Network where the service monitor MAC does not properly rate limit. This issue could allow an attacker to cause a denial of service, including on deployments with CoPP enabled and properly configured." ],
  "acknowledgement" : "This issue was discovered by Ales Musil (Red Hat).",
  "affected_release" : [ {
    "product_name" : "Red Hat OpenShift Container Platform 4.11",
    "release_date" : "2023-11-08T00:00:00Z",
    "advisory" : "RHSA-2023:6274",
    "cpe" : "cpe:/a:redhat:openshift:4.11::el8",
    "package" : "ovn22.12-0:22.12.1-18.el8fdp"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.13",
    "release_date" : "2023-10-17T00:00:00Z",
    "advisory" : "RHSA-2023:5672",
    "cpe" : "cpe:/a:redhat:openshift:4.13::el9",
    "package" : "openshift4/ose-ovn-kubernetes:v4.13.0-202310141544.p0.g6f9d5cd.assembly.stream"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.13",
    "release_date" : "2023-10-17T00:00:00Z",
    "advisory" : "RHSA-2023:5672",
    "cpe" : "cpe:/a:redhat:openshift:4.13::el9",
    "package" : "openshift4/ose-ovn-kubernetes-microshift-rhel9:v4.13.0-202310141544.p0.g6f9d5cd.assembly.stream"
  }, {
    "product_name" : "Red Hat OpenShift Container Platform 4.14",
    "release_date" : "2023-10-31T00:00:00Z",
    "advisory" : "RHSA-2023:5009",
    "cpe" : "cpe:/a:redhat:openshift:4.14::el9",
    "package" : "ovn23.09-0:23.09.0-37.el9fdp"
  } ],
  "package_state" : [ {
    "product_name" : "Fast Datapath for RHEL 7",
    "fix_state" : "Will not fix",
    "package_name" : "ovn2.11",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 7",
    "fix_state" : "Will not fix",
    "package_name" : "ovn2.12",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 7",
    "fix_state" : "Will not fix",
    "package_name" : "ovn2.13",
    "cpe" : "cpe:/o:redhat:enterprise_linux:7::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Will not fix",
    "package_name" : "ovn-2021",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Will not fix",
    "package_name" : "ovn2.11",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Will not fix",
    "package_name" : "ovn2.12",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Will not fix",
    "package_name" : "ovn2.13",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Affected",
    "package_name" : "ovn22.03",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Will not fix",
    "package_name" : "ovn22.06",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Will not fix",
    "package_name" : "ovn22.09",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 8",
    "fix_state" : "Will not fix",
    "package_name" : "ovn22.12",
    "cpe" : "cpe:/o:redhat:enterprise_linux:8::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 9",
    "fix_state" : "Will not fix",
    "package_name" : "ovn-2021",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 9",
    "fix_state" : "Affected",
    "package_name" : "ovn22.03",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 9",
    "fix_state" : "Will not fix",
    "package_name" : "ovn22.06",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 9",
    "fix_state" : "Will not fix",
    "package_name" : "ovn22.09",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
  }, {
    "product_name" : "Fast Datapath for RHEL 9",
    "fix_state" : "Affected",
    "package_name" : "ovn22.12",
    "cpe" : "cpe:/o:redhat:enterprise_linux:9::fastdatapath"
  }, {
    "product_name" : "Red Hat OpenStack Platform 13 (Queens)",
    "fix_state" : "Out of support scope",
    "package_name" : "ovn2.11",
    "cpe" : "cpe:/a:redhat:openstack:13"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2023-3153\nhttps://nvd.nist.gov/vuln/detail/CVE-2023-3153\nhttps://github.com/ovn-org/ovn/commit/9a3f7ed905e525ebdcb14541e775211cbb0203bd\nhttps://github.com/ovn-org/ovn/issues/198\nhttps://mail.openvswitch.org/pipermail/ovs-announce/2023-August/000327.html\nhttps://mail.openvswitch.org/pipermail/ovs-dev/2023-August/407553.html" ],
  "name" : "CVE-2023-3153",
  "csaw" : false
}