PT-2017-18815 · Open Vswitch+1 · Openvswitch+1

Bhargava Shastry

Publicado

2017-05-29

Atualizado

2019-10-03

CVE-2017-9264

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open vSwitch (OvS) version 2.6.1

Description The issue is related to a buffer over-read that occurs while parsing malformed TCP, UDP, and IPv6 packets. This can be triggered remotely and is associated with the functions extract l3 ipv6, extract l4 tcp, and extract l4 udp.

Recommendations For Open vSwitch (OvS) version 2.6.1, consider disabling the functions extract l3 ipv6, extract l4 tcp, and extract l4 udp as a temporary workaround until a patch is available. Restrict access to the firewall implementation to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

CVE-2017-9264

RHSA-2017:2418

RHSA-2017:2648

RHSA-2017:2727

USN-3450-1

Produtos afetados

Openvswitch

Ubuntu

PT-2017-18815 · Open Vswitch+1 · Openvswitch+1

CVE-2017-9264

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 18