CVE-2017-9265

Опубликовано: 26 мая 2017

Источник: redhat

CVSS3: 5.6

EPSS Низкий

Описание

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in lib/ofp-util.c in the function ofputil_pull_ofp15_group_mod.

A buffer over-read issue was found in Open vSwitch (OvS) which emerged while parsing the GroupMod OpenFlow messages sent from the controller. The issue could enable an attacker to cause a denial of service type of attack.

Затронутые пакеты

Платформа	Пакет	Состояние	Рекомендация	Релиз
Red Hat Enterprise Linux OpenStack Platform 5 (Icehouse)	openvswitch	Will not fix
Red Hat OpenShift Enterprise 3	openvswitch	Not affected
Red Hat OpenStack Platform 12 (Pike)	openvswitch	Not affected
Fast Datapath for Red Hat Enterprise Linux 7	openvswitch	Fixed	RHSA-2017:2418	03.08.2017
Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7	openvswitch	Fixed	RHSA-2017:2665	06.09.2017
Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7	openvswitch	Fixed	RHSA-2017:2698	12.09.2017
Red Hat OpenStack Platform 10.0 (Newton)	openvswitch	Fixed	RHSA-2017:2648	06.09.2017
Red Hat OpenStack Platform 11.0 (Ocata)	openvswitch	Fixed	RHSA-2017:2727	13.09.2017
Red Hat OpenStack Platform 8.0 (Liberty)	openvswitch	Fixed	RHSA-2017:2692	12.09.2017
Red Hat OpenStack Platform 9.0 (Mitaka)	openvswitch	Fixed	RHSA-2017:2553	30.08.2017

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate

Дефект:

CWE-122

https://bugzilla.redhat.com/show_bug.cgi?id=1457335openvswitch: Buffer over-read while parsing the group mod OpenFlow message

EPSS

Процентиль: 80%

0.01417

Низкий

5.6 Medium

CVSS3

Связанные уязвимости

CVE-2017-9265

CVSS3: 9.8

ubuntu

больше 8 лет назад

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.

CVE-2017-9265

CVSS3: 9.8

nvd

больше 8 лет назад

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.

CVE-2017-9265

CVSS3: 9.8

debian

больше 8 лет назад

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsin ...

GHSA-34xg-fgjc-449p

CVSS3: 9.8

github

больше 3 лет назад

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.

openSUSE-SU-2017:2272-1

suse-cvrf

больше 8 лет назад

Security update for openvswitch

EPSS

Процентиль: 80%

0.01417

Низкий

5.6 Medium

CVSS3