Описание
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function ofp_print_role_status_message in lib/ofp-print.c that may be leveraged toward a remote DoS attack by a malicious switch.
| Релиз | Статус | Примечание |
|---|---|---|
| devel | not-affected | 2.8.0~git20170809.7aa47a19d-0ubuntu1 |
| esm-infra-legacy/trusty | DNE | trusty/esm was DNE [trusty was not-affected [code not present]] |
| esm-infra/xenial | released | 2.5.2-0ubuntu0.16.04.2 |
| precise/esm | DNE | |
| trusty | not-affected | code not present |
| trusty/esm | DNE | trusty was not-affected [code not present] |
| upstream | needs-triage | |
| vivid/stable-phone-overlay | DNE | |
| vivid/ubuntu-core | DNE | |
| xenial | released | 2.5.2-0ubuntu0.16.04.2 |
Показывать по
3.3 Low
CVSS2
6.5 Medium
CVSS3
Связанные уязвимости
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status mes ...
In Open vSwitch (OvS) 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
3.3 Low
CVSS2
6.5 Medium
CVSS3