12 matches found
CVE-2018-17205
An issue was discovered in Open vSwitch OvS, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and 2.9.x through 2.9.2, where the ofprotoruleinsert function inside ofproto/ofproto.c is affected by an assertion failure under certain circumstances. A specially crafted flow update applied using the bundling...
Ubuntu 16.04 LTS / 18.04 LTS : Open vSwitch vulnerabilities (USN-3873-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3873-1 advisory. It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitc...
USN-3873-1: Open vSwitch vulnerabilities
It was discovered that Open vSwitch incorrectly decoded certain packets. A remote attacker could possibly use this issue to cause Open vSwitch to crash, resulting in a denial of service. CVE-2018-17204 It was discovered that Open vSwitch incorrectly handled processing certain flows. A remote...
Moderate: Red Hat Security Advisory: openvswitch security and bug fix update
An update for openvswitch is now available for Red Hat OpenStack Platform 13.0 Queens. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
openSUSE: Security Advisory for openvswitch (openSUSE-SU-2018:4148-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for openvswitch (openSUSE-SU-2018:4148-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : openvswitch (openSUSE-2018-1562)
This update for openvswitch to version 2.7.6 fixes the following issues : These security issues were fixed : - CVE-2018-17205: Prevent OVS crash when reverting old flows in bundle commit bsc1104467. - CVE-2018-17206: Avoid buffer overread in BUNDLE action decoding bsc1104467. - CVE-2018-17204:Whe...
SUSE SLES12 Security Update : openvswitch (SUSE-SU-2018:4128-1)
This update for openvswitch to version 2.7.6 fixes the following issues : These security issues were fixed : CVE-2018-17205: Prevent OVS crash when reverting old flows in bundle commit bsc1104467. CVE-2018-17206: Avoid buffer overread in BUNDLE action decoding bsc1104467. CVE-2018-17204: When...
Security update for openvswitch (moderate)
This update for openvswitch to version 2.7.6 fixes the following issues: These security issues were fixed: - CVE-2018-17205: Prevent OVS crash when reverting old flows in bundle commit bsc1104467. - CVE-2018-17206: Avoid buffer overread in BUNDLE action decoding bsc1104467. - CVE-2018-17204:When...
Moderate: Red Hat Security Advisory: openvswitch security, bug fix, and enhancement update
An update for openvswitch is now available for Fast Datapath for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
CVE-2018-17205
Open vSwitch CVE-2018-17205 affects 2.7.x–2.7.6 in the bundle commit path (ofproto_rule_insert__) where, if a flow fails to be added, OvS reverts previous flows from the same bundle. While reinserting old flows, an assertion failure on rule state != RULE_INITIALIZED occurs because the old flow st...
CVE-2018-17205
An issue was discovered in Open vSwitch OvS 2.7.x through 2.7.6, affecting ofprotoruleinsert in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added e.g., the flow action is a go-to for a group id that does not exist,...