EUVD-2018-8968

Malware in sbrugna...

Buffer Over-read

Open vSwitch is vulnerable to buffer over-read vulnerability. A remote unauthenticated attacker could cause denial of service conditions during BUNDLE action decoding via a buffer over-read. Affected is the function decodebundle in the library lib/ofp-actions.c...

The vulnerability of the decode_bundle() function in the Open vSwitch software multi-level switch allows a attacker to cause a service failure.

The vulnerability of the decodebundle function in lib/ofp-actions.c of the Open vSwitch OvS software multi-level switch involves reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

Design/Logic Flaw

An issue was discovered in Open vSwitch OvS 2.7.x through 2.7.6. The decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding...

CVE-2018-17206

An issue was discovered in Open vSwitch OvS 2.7.x through 2.7.6. The decodebundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding...

openvswitch/ofp_print_fuzzer: Heap-buffer-overflow in decode_bundle

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5147430386401280 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...