UBUNTU-CVE-2024-2182

See a problem?
Source
https://ubuntu.com/security/CVE-2024-2182
Import Source
https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2024/UBUNTU-CVE-2024-2182.json
JSON Data
https://api.osv.dev/v1/vulns/UBUNTU-CVE-2024-2182
Related
Published
2024-03-12T00:00:00Z
Modified
2024-03-12T00:00:00Z
Summary
[none]
Details

A flaw was found in the Open Virtual Network (OVN). In OVN clusters where BFD is used between hypervisors for high availability, an attacker can inject specially crafted BFD packets from inside unprivileged workloads, including virtual machines or containers, that can trigger a denial of service.

References

Affected packages

Ubuntu:20.04:LTS / ovn

Package

Name
ovn
Purl
pkg:deb/ubuntu/ovn?arch=src?distro=focal

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
20.03.2-0ubuntu0.20.04.5

Affected versions

2.*

2.12.90~git20200107.c80e014d4-0ubuntu1
2.12.90~git20200107.c80e014d4-0ubuntu2

20.*

20.03.0~git20200212.9a4e68ec8-0ubuntu1
20.03.0~git20200212.9a4e68ec8-0ubuntu3
20.03.0-0ubuntu1
20.03.1-0ubuntu1
20.03.1-0ubuntu1.1
20.03.1-0ubuntu1.2
20.03.2-0ubuntu0.20.04.1
20.03.2-0ubuntu0.20.04.2
20.03.2-0ubuntu0.20.04.3
20.03.2-0ubuntu0.20.04.4

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-central"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-central-dbgsym"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-common"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-common-dbgsym"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-controller-vtep"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-controller-vtep-dbgsym"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-doc"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-docker"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-host"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-host-dbgsym"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-ic"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-ic-db"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-ic-db-dbgsym"
        },
        {
            "binary_version": "20.03.2-0ubuntu0.20.04.5",
            "binary_name": "ovn-ic-dbgsym"
        }
    ]
}

Ubuntu:22.04:LTS / ovn

Package

Name
ovn
Purl
pkg:deb/ubuntu/ovn?arch=src?distro=jammy

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
22.03.3-0ubuntu0.22.04.2

Affected versions

21.*

21.09.0~git20210922.6549e5842-0ubuntu1
21.09.0~git20210922.6549e5842-0ubuntu2
21.09.0-0ubuntu2
21.12.0-0ubuntu1

22.*

22.03.0~git20220218.ed81be7-0ubuntu1
22.03.0-0ubuntu1
22.03.2-0ubuntu0.22.04.1
22.03.3-0ubuntu0.22.04.1

Ecosystem specific

{
    "availability": "No subscription required",
    "ubuntu_priority": "medium",
    "binaries": [
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-central"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-central-dbgsym"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-common"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-common-dbgsym"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-controller-vtep"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-controller-vtep-dbgsym"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-doc"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-docker"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-host"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-host-dbgsym"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-ic"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-ic-db"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-ic-db-dbgsym"
        },
        {
            "binary_version": "22.03.3-0ubuntu0.22.04.2",
            "binary_name": "ovn-ic-dbgsym"
        }
    ]
}