Lucene search
K

790 matches found

UbuntuCve
UbuntuCve
added 2017/05/29 12:0 a.m.26 views

CVE-2017-9264

In lib/conntrack.c in the firewall implementation in Open vSwitch OvS 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions extractl3ipv6, extractl4tcp, and extractl4udp that can be triggered remotely...

9.8CVSS7.2AI score0.02415EPSS
Exploits0References3
OSV
OSV
added 2017/05/29 12:0 a.m.4 views

UBUNTU-CVE-2017-9263

In Open vSwitch OvS 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort function for undefined role status reasons in the function ofpprintrolestatusmessage in lib/ofp-print.c that may be leveraged toward a remote DoS attack by a malicious switch...

6.5CVSS6.9AI score0.01EPSS
Exploits0References4
CNVD
CNVD
added 2017/05/25 12:0 a.m.4 views

Open vSwitch Integer Overflow Vulnerability

Open vSwitch OVS is a multi-layer virtual switch product based on open source technology following the Apache 2.0 license, which supports large-scale network automation through programmatic extensions, standard management interfaces and protocols, and more. An integer overflow vulnerability exist...

9.8CVSS7.3AI score0.02887EPSS
Exploits0References1
OSV
OSV
added 2017/05/23 5:29 p.m.3 views

DEBIAN-CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

9.8CVSS9.3AI score0.02887EPSS
Exploits0References1
OSV
OSV
added 2017/05/23 5:29 p.m.34 views

CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

9.8CVSS6.8AI score
Exploits0References9
NVD
NVD
added 2017/05/23 5:29 p.m.26 views

CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

9.8CVSS9.6AI score0.02887EPSS
Exploits0References9
Prion
Prion
added 2017/05/23 5:29 p.m.23 views

Integer overflow

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

7.5CVSS7.1AI score0.02887EPSS
Exploits0References9Affected Software5
CVE
CVE
added 2017/05/23 5:0 p.m.92 views

CVE-2017-9214

Summary: CVE-2017-9214 affects Open vSwitch (OvS) 2.7.0 and is due to a buffer over-read caused by an unsigned integer underflow in the function ofputil_pull_queue_get_config_reply10 while parsing OFPT_QUEUE_GET_CONFIG_REPLY (OFP 1.0). Impact (as described): Buffer over-read with potential denial...

9.8CVSS9.3AI score0.02887EPSS
Exploits0References9Affected Software1
Cvelist
Cvelist
added 2017/05/23 5:0 p.m.45 views

CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

9.5AI score0.02887EPSS
Exploits0References9
Debian CVE
Debian CVE
added 2017/05/23 5:0 p.m.56 views

CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

9.8CVSS9.7AI score0.02887EPSS
Exploits0
UbuntuCve
UbuntuCve
added 2017/05/23 12:0 a.m.30 views

CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

9.8CVSS7.3AI score0.02887EPSS
Exploits0References3
OSV
OSV
added 2017/05/23 12:0 a.m.6 views

UBUNTU-CVE-2017-9214

In Open vSwitch OvS 2.7.0, while parsing an OFPTQUEUEGETCONFIGREPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputilpullqueuegetconfigreply10 in lib/ofp-util.c...

9.8CVSS7.4AI score0.02887EPSS
Exploits0References4
Citrix
Citrix
added 2017/03/03 12:0 a.m.10 views

PVS 7.13: XenServer PVS-Accelerator Introduction and Requirements

Note : This feature is only available in XenServer 7.1 and PVS 7.13 or later. XenServer PVS-Accelerator feature offers additional capabilities for customers using XenServer and Citrix Provisioning Services PVS. With this feature, the read requests from a PVS target device can now be cached on eac...

6.8AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/01/03 12:0 a.m.59 views

GLSA-201701-07 : Open vSwitch: Remote execution of arbitrary code

The remote host is affected by the vulnerability described in GLSA-201701-07 Open vSwitch: Remote execution of arbitrary code A buffer overflow was discovered in lib/flow.c in ovs-vswitchd. Impact : A remote attacker, using a specially crafted MPLS packet, could execute arbitrary code. Workaround...

9.8CVSS8.9AI score0.06279EPSS
Exploits0References2
Gentoo Linux
Gentoo Linux
added 2017/01/01 12:0 a.m.40 views

Open vSwitch: Remote execution of arbitrary code

Background Open vSwitch is a production quality multilayer virtual switch. Description A buffer overflow was discovered in lib/flow.c in ovs-vswitchd. Impact A remote attacker, using a specially crafted MPLS packet, could execute arbitrary code. Workaround There is no known workaround at this tim...

9.8CVSS5.9AI score0.06279EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2016/10/17 12:0 a.m.3 views

PT-2022-21128 · Ovs +3 · Ovs +3

Name of the Vulnerable Software and Affected Versions: ovs versions v0.90.0 through v2.5.0 Description: The issue is related to a heap buffer over-read in flow.c, caused by an unsafe comparison in the minimasks function. This could lead to access to an unmapped region of memory, resulting in...

9.8CVSS7.6AI score0.06279EPSS
Exploits0References55
OSV
OSV
added 2016/07/03 9:59 p.m.6 views

CVE-2016-2074

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command...

9.8CVSS9.8AI score0.06279EPSS
Exploits0References12
OSV
OSV
added 2016/07/03 9:59 p.m.2 views

DEBIAN-CVE-2016-2074

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command...

9.8CVSS9.2AI score0.06279EPSS
Exploits0References1
Prion
Prion
added 2016/07/03 9:59 p.m.27 views

Buffer overflow

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command...

7.5CVSS8.3AI score0.06279EPSS
Exploits0References12Affected Software2
CVE
CVE
added 2016/07/03 9:0 p.m.102 views

CVE-2016-2074

Open vSwitch: MPLS processing in ovs-vswitchd contains a buffer overflow in OpenFlow/MPLS label handling affecting Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1. A remote attacker can exploit crafted MPLS packets to achieve arbitrary code execution or DoS. Upstream fixes are in...

9.8CVSS9.7AI score0.06279EPSS
Exploits0References12Affected Software1
Rows per page
Query Builder