VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-1rz7-uz9z-2kbr

Essentials
Severities (27)
References (19)
Severity details (10)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-1rz7-uz9z-2kbr
Aliases	CVE-2023-3966
Summary	openvswsitch: ovs-vswitch fails to recover after malformed geneve metadata packet
Status	Published
Exploitability	0.5
Weighted Severity	6.8
Risk	3.4
Affected and Fixed Packages	Package Details

Weaknesses (1)

CWE-248

Uncaught Exception

System	Score	Found at
cvssv3	7.5	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3966.json
cvssv3.1	7.5	https://access.redhat.com/security/cve/CVE-2023-3966
ssvc	Track	https://access.redhat.com/security/cve/CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
epss	0.00045	https://api.first.org/data/v1/epss?cve=CVE-2023-3966
cvssv3.1	7.5	https://bugzilla.redhat.com/show_bug.cgi?id=2178363
ssvc	Track	https://bugzilla.redhat.com/show_bug.cgi?id=2178363
cvssv3.1	7.5	https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
cvssv3.1	7.5	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/
ssvc	Track	https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/

Reference id	Reference type	URL
		https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3966.json
		https://api.first.org/data/v1/epss?cve=CVE-2023-3966
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-3966
		https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-5366
		https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
1063492		https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=1063492
2178363		https://bugzilla.redhat.com/show_bug.cgi?id=2178363
cpe:/a:redhat:openshift:3.11		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/a:redhat:openshift:3.11
cpe:/o:redhat:enterprise_linux:7		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7
cpe:/o:redhat:enterprise_linux:7::fastdatapath		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:7::fastdatapath
cpe:/o:redhat:enterprise_linux:8::fastdatapath		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:8::fastdatapath
cpe:/o:redhat:enterprise_linux:9::fastdatapath		https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:/o:redhat:enterprise_linux:9::fastdatapath
CVE-2023-3966		https://access.redhat.com/security/cve/CVE-2023-3966
LFZADABUDOFI2KZIRQBYFZCIKH55RGY3		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/
RHSA-2024:1227		https://access.redhat.com/errata/RHSA-2024:1227
RHSA-2024:1234		https://access.redhat.com/errata/RHSA-2024:1234
RHSA-2024:1235		https://access.redhat.com/errata/RHSA-2024:1235
USN-6690-1		https://usn.ubuntu.com/6690-1/
VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO		https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3966.json

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://access.redhat.com/security/cve/CVE-2023-3966

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-22T15:42:09Z/ Found at https://access.redhat.com/security/cve/CVE-2023-3966

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://bugzilla.redhat.com/show_bug.cgi?id=2178363

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-22T15:42:09Z/ Found at https://bugzilla.redhat.com/show_bug.cgi?id=2178363

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-02-22T15:42:09Z/ Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/LFZADABUDOFI2KZIRQBYFZCIKH55RGY3/

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/VYYUBF6OW2JG7VOFEOROHXGSJCTES3QO/

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.13733
EPSS Score	0.00045
Published At	April 2, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-04-01T13:49:58.670474+00:00	RedHat Importer	Import	https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2023-3966.json	38.0.0