Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2017-14970

Опубликовано: 21 сент. 2017
Источник: redhat
CVSS3: 2.2
EPSS Низкий

Описание

In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more direct and powerful ways to force Open vSwitch to allocate memory, such as by inserting flows into the flow table."

Отчет

Red Hat Product Security determined that this flaw was not a security vulnerability. See the Bugzilla link for more details.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Fast Datapath for RHEL 7openvswitchNot affected
Red Hat Enterprise Linux OpenStack Platform 6 (Juno)openvswitchNot affected
Red Hat Enterprise Linux OpenStack Platform 7 (Kilo)openvswitchNot affected
Red Hat OpenShift Enterprise 3openvswitchNot affected
Red Hat OpenStack Platform 10 (Newton)openvswitchNot affected
Red Hat OpenStack Platform 11 (Ocata)openvswitchNot affected
Red Hat OpenStack Platform 12 (Pike)openvswitchNot affected
Red Hat OpenStack Platform 8 (Liberty)openvswitchNot affected
Red Hat OpenStack Platform 9 (Mitaka)openvswitchNot affected
Red Hat Virtualization 4openvswitchNot affected

Показывать по

Ссылки на источники

Дополнительная информация

Дефект:
CWE-400
https://bugzilla.redhat.com/show_bug.cgi?id=1497966openvswitch: Multiple memory leaks in lib/ofp-util.c while parsing malformed OpenFlow group mod messages

EPSS

Процентиль: 70%
0.00651
Низкий

2.2 Low

CVSS3

Связанные уязвимости

ubuntu логотип

CVE-2017-14970

CVSS3: 5.9
ubuntu
больше 8 лет назад

In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more direct and powerful ways to force Open vSwitch to allocate memory, such as by inserting flows into the flow table."

nvd логотип

CVE-2017-14970

CVSS3: 5.9
nvd
больше 8 лет назад

In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multiple memory leaks while parsing malformed OpenFlow group mod messages. NOTE: the vendor disputes the relevance of this report, stating "it can only be triggered by an OpenFlow controller, but OpenFlow controllers have much more direct and powerful ways to force Open vSwitch to allocate memory, such as by inserting flows into the flow table."

debian логотип

CVE-2017-14970

CVSS3: 5.9
debian
больше 8 лет назад

In lib/ofp-util.c in Open vSwitch (OvS) before 2.8.1, there are multip ...

suse-cvrf логотип

openSUSE-SU-2017:3238-1

suse-cvrf
около 8 лет назад

Security update for openvswitch

suse-cvrf логотип

SUSE-SU-2017:3232-1

suse-cvrf
около 8 лет назад

Security update for openvswitch

EPSS

Процентиль: 70%
0.00651
Низкий

2.2 Low

CVSS3