Описание
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function ofp_print_role_status_message in lib/ofp-print.c that may be leveraged toward a remote DoS attack by a malicious switch.
While parsing an OpenFlow role status message Open vSwitch (OvS), a call to the abort() function for undefined role status reasons in the function 'ofp_print_role_status_message' in 'lib/ofp-print.c' could be misused for a remote denial of service attack by a malicious switch.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse) | openvswitch | Will not fix | ||
| Red Hat OpenShift Enterprise 3 | openvswitch | Not affected | ||
| Red Hat OpenStack Platform 12 (Pike) | openvswitch | Not affected | ||
| Fast Datapath for Red Hat Enterprise Linux 7 | openvswitch | Fixed | RHSA-2017:2418 | 03.08.2017 |
| Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7 | openvswitch | Fixed | RHSA-2017:2665 | 06.09.2017 |
| Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7 | openvswitch | Fixed | RHSA-2017:2698 | 12.09.2017 |
| Red Hat OpenStack Platform 10.0 (Newton) | openvswitch | Fixed | RHSA-2017:2648 | 06.09.2017 |
| Red Hat OpenStack Platform 11.0 (Ocata) | openvswitch | Fixed | RHSA-2017:2727 | 13.09.2017 |
| Red Hat OpenStack Platform 8.0 (Liberty) | openvswitch | Fixed | RHSA-2017:2692 | 12.09.2017 |
| Red Hat OpenStack Platform 9.0 (Mitaka) | openvswitch | Fixed | RHSA-2017:2553 | 30.08.2017 |
Показывать по
Дополнительная информация
Статус:
EPSS
5.9 Medium
CVSS3
Связанные уязвимости
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status mes ...
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
EPSS
5.9 Medium
CVSS3