Key Information About the Vulnerability: Bug ID: 2006347 (CVE-2023-5366) Title: openvswitch don't match packets on nd_target field Keywords: Security Status: NEW Product: Security Response Component: vulnerability Version: unspecified Hardware: All OS: Linux Priority: medium Severity: medium Reported: 2021-09-21 14:07 UTC by Marian Rehak Modified: 2025-10-01 08:27 UTC Duplicates: 2240833 Description of the Vulnerability: Virtual Machines can send ICMPv6 Neighbor Advertisement packets to mis-direct traffic to them. It needs to first send a packet with the correct IP address in the nd_target field and quickly after that, send a packet with a spoofed IP address. Reference:  Comments and Updates: Created openvswitch tracking bugs for this issue (Comment 15). Issue seems resolved by the commit commit link (Comment 16). There is a reproducer available for verification (Comment 18). Two main issues: overbroad match of nd_target and spec issue with OpenFlow (Comment 20). Correct commit for fix: commit link (Comment 21).