(RHSA-2019:0053) Moderate: openvswitch security and bug fix update

2019-01-1616:50:56

access.redhat.com

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.004 Low

EPSS

Percentile

74.7%

JSON

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

openvswitch: Mishandle of group mods in lib/ofp-util.c:parse_group_prop_ntr_selection_method() allows for assertion failure (CVE-2018-17204)
openvswitch: Error during bundle commit in ofproto/ofproto.c:ofproto_rule_insert__() allows for crash (CVE-2018-17205)
openvswitch: Buffer over-read in lib/ofp-actions.c:decode_bundle() (CVE-2018-17206)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

OSVersionArchitecturePackageVersionFilename
RedHat7x86_64openvswitch-debuginfo< 2.9.0-83.el7fdp.1openvswitch-debuginfo-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat7x86_64openvswitch-ovn-common< 2.9.0-83.el7fdp.1openvswitch-ovn-common-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat7x86_64openvswitch-ovn-host< 2.9.0-83.el7fdp.1openvswitch-ovn-host-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat7noarchopenvswitch-test< 2.9.0-83.el7fdp.1openvswitch-test-2.9.0-83.el7fdp.1.noarch.rpm
RedHat7x86_64openvswitch-ovn-vtep< 2.9.0-83.el7fdp.1openvswitch-ovn-vtep-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat7x86_64openvswitch-ovn-central< 2.9.0-83.el7fdp.1openvswitch-ovn-central-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat7x86_64openvswitch< 2.9.0-83.el7fdp.1openvswitch-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat7x86_64python-openvswitch< 2.9.0-83.el7fdp.1python-openvswitch-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat7x86_64openvswitch-devel< 2.9.0-83.el7fdp.1openvswitch-devel-2.9.0-83.el7fdp.1.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	x86_64	openvswitch-debuginfo	< 2.9.0-83.el7fdp.1	openvswitch-debuginfo-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat	7	x86_64	openvswitch-ovn-common	< 2.9.0-83.el7fdp.1	openvswitch-ovn-common-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat	7	x86_64	openvswitch-ovn-host	< 2.9.0-83.el7fdp.1	openvswitch-ovn-host-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat	7	noarch	openvswitch-test	< 2.9.0-83.el7fdp.1	openvswitch-test-2.9.0-83.el7fdp.1.noarch.rpm
RedHat	7	x86_64	openvswitch-ovn-vtep	< 2.9.0-83.el7fdp.1	openvswitch-ovn-vtep-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat	7	x86_64	openvswitch-ovn-central	< 2.9.0-83.el7fdp.1	openvswitch-ovn-central-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat	7	x86_64	openvswitch	< 2.9.0-83.el7fdp.1	openvswitch-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat	7	x86_64	python-openvswitch	< 2.9.0-83.el7fdp.1	python-openvswitch-2.9.0-83.el7fdp.1.x86_64.rpm
RedHat	7	x86_64	openvswitch-devel	< 2.9.0-83.el7fdp.1	openvswitch-devel-2.9.0-83.el7fdp.1.x86_64.rpm