PT-2017-7891 · Open Vswitch · Openvswitch

Bhargava Shastry

Published

2017-05-29

Updated

2017-06-08

CVE-2016-10377

CVSS v3.1

8.8

High

Vector

AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Open vSwitch version 2.5.0

Description A malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in the function miniflow extract in lib/flow.c, permitting remote bypass of the access control list enforced by the switch.

Recommendations For Open vSwitch version 2.5.0, consider disabling the miniflow extract function in lib/flow.c as a temporary workaround until a patch is available. Restrict access to the switch to minimize the risk of exploitation.

Fix

Buffer Overflow

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-119

Related Identifiers

CVE-2016-10377

Affected Products

Openvswitch

PT-2017-7891 · Open Vswitch · Openvswitch

CVE-2016-10377

Weakness Enumeration

Related Identifiers

Affected Products

References · 8