PT-2017-18816 · Open Vswitch+3 · Openvswitch+3

Bhargava Shastry

Publicado

2017-05-29

Atualizado

2019-10-03

CVE-2017-9265

CVSS v3.1

9.8

Crítica

Vetor

AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open vSwitch (OvS) version 2.7.0

Description The issue arises from a buffer over-read that occurs while parsing the group mod OpenFlow message sent from the controller. This happens in the lib/ofp-util.c file, specifically within the ofputil pull ofp15 group mod function.

Recommendations For Open vSwitch (OvS) version 2.7.0, consider updating to a newer version that addresses this issue, as no specific fix is provided for this version.

Correção

Out of bounds Read

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-125

Identificadores relacionados

ALT-PU-2017-1874

CVE-2017-9265

RHSA-2017:2418

RHSA-2017:2553

RHSA-2017:2648

RHSA-2017:2665

RHSA-2017:2692

RHSA-2017:2698

RHSA-2017:2727

SUSE-SU-2017:2212-1

SUSE-SU-2018:0311-1

SUSE-SU-2018:0505-1

USN-3450-1

Produtos afetados

Alt Linux

Openvswitch

Suse

Ubuntu

PT-2017-18816 · Open Vswitch+3 · Openvswitch+3

CVE-2017-9265

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 42