Linux Distros Unpatched Vulnerability : CVE-2017-9263

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In Open vSwitch OvS 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort function for undefined role status reasons in the functio...

RHEL 7 : openvswitch (RHSA-2017:2553)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2553 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...

RHEL 6 : openvswitch (Unpatched Vulnerability)

The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - openvswitch: Buffer over-read while parsing the group mod OpenFlow message CVE-2017-9265 - In Open vSwitc...

RHEL 7 : openvswitch (RHSA-2017:2692)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2017:2692 advisory. Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic...

SUSE: Security Advisory (SUSE-SU-2018:0311-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2017:2212-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Photon OS 1.0: Cairo / Go / Libxml2 / Openvswitch PHSA-2017-0039 (deprecated)

An update of cairo,openvswitch,libxml2,go packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0039. The text itself is copyright C...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2018:0311-1)

This update for openvswitch fixes the following issues : - CVE-2017-9263: While parsing an OpenFlow role status message, there is a call to the abort functio for undefined role status reasons in the function ofpprintrolestatusmessage in lib/ofp-print.c that may be leveraged toward a remote DoS...

Fedora Update for openvswitch FEDORA-2017-45625fecca

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora 26 : openvswitch (2017-45625fecca)

Add a symlink of the OCF script in the OCF resources folder ---- Updated to Open vSwitch 2.7.3 and DPDK 16.11.3 for CVE-2017-14970 ---- Security fix for CVE-2017-9263, CVE-2017-9265 ---- Updated to Open vSwitch 2.7.1 and DPDK 16.11.2 1468234 Note that Tenable Network Security has extracted the...

Ubuntu 16.04 LTS : Open vSwitch vulnerabilities (USN-3450-1)

The remote Ubuntu 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3450-1 advisory. Bhargava Shastry discovered that Open vSwitch incorrectly handled certain OFP messages. A remote attacker could possibly use this issue to cause Open...

Ubuntu: Security Advisory (USN-3450-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

USN-3450-1: Open vSwitch vulnerabilities

Bhargava Shastry discovered that Open vSwitch incorrectly handled certain OFP messages. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. CVE-2017-9214 It was discovered that Open vSwitch incorrectly handled certain OpenFlow role...

Moderate: Red Hat Security Advisory: openvswitch security update

An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 Kilo for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: openvswitch security update

An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 Juno for RHEL 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

openSUSE Security Update : openvswitch (openSUSE-2017-973)

This update for openvswitch fixes the following issues : - CVE-2017-9263: OpenFlow role status message can cause a call to abort leading to application crash bsc1041470 - CVE-2017-9265: Buffer over-read while parsing message could lead to crash or maybe arbitrary code execution bsc1041447 - Do no...

SUSE SLES12 Security Update : openvswitch (SUSE-SU-2017:2212-1)

This update for openvswitch fixes the following issues : - CVE-2017-9263: OpenFlow role status message can cause a call to abort leading to application crash bsc1041470 - CVE-2017-9265: Buffer over-read while parsing message could lead to crash or maybe arbitrary code execution bsc1041447 - Do no...

SUSE-SU-2017:2212-1 Security update for openvswitch

This update for openvswitch fixes the following issues: - CVE-2017-9263: OpenFlow role status message can cause a call to abort leading to application crash bsc1041470 - CVE-2017-9265: Buffer over-read while parsing message could lead to crash or maybe arbitrary code execution bsc1041447 - Do not...

RHEL 7 : openvswitch (RHSA-2017:2418)

An update for openvswitch is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

CVE-2017-9263

CVE-2017-9263 affects Open vSwitch 2.7.0 where parsing an OpenFlow role status message can trigger abort() on undefined role status reasons in lib/ofp-print.c, enabling a remote DoS via a malicious switch. This is the core issue described across security notices (RHSA advisories and OSV entries) ...