Описание
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputil_pull_queue_get_config_reply10 in lib/ofp-util.c.
An unsigned integer wrap around that led to a buffer over-read was found when parsing OFPT_QUEUE_GET_CONFIG_REPLY messages in Open vSwitch (OvS). An attacker could use this issue to cause a remote denial of service attack.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | openvswitch | Will not fix | ||
| Red Hat OpenShift Enterprise 3 | openvswitch | Not affected | ||
| Red Hat OpenStack Platform 12 (Pike) | openvswitch | Not affected | ||
| Fast Datapath for Red Hat Enterprise Linux 7 | openvswitch | Fixed | RHSA-2017:2418 | 03.08.2017 |
| Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | openvswitch | Fixed | RHSA-2017:2665 | 06.09.2017 |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | openvswitch | Fixed | RHSA-2017:2698 | 12.09.2017 |
| Red Hat OpenStack Platform 10.0 (Newton) | openvswitch | Fixed | RHSA-2017:2648 | 06.09.2017 |
| Red Hat OpenStack Platform 11.0 (Ocata) | openvswitch | Fixed | RHSA-2017:2727 | 13.09.2017 |
| Red Hat OpenStack Platform 8.0 (Liberty) | openvswitch | Fixed | RHSA-2017:2692 | 12.09.2017 |
| Red Hat OpenStack Platform 9.0 (Mitaka) | openvswitch | Fixed | RHSA-2017:2553 | 30.08.2017 |
Показывать по
Дополнительная информация
Статус:
7.5 High
CVSS3
Связанные уязвимости
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_RE ...
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
7.5 High
CVSS3