openvswitch/odp_target: Use-of-uninitialized-value in scan_geneve

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5715184807575552 Project: openvswitch Fuzzer: libFuzzeropenvswitchodptarget Fuzz target binary: odptarget Job Type: libfuzzermsanopenvswitch Platform Id: linux Crash Type: Use-of-uninitialized-value...

openvswitch/odp_target: Heap-use-after-free in parse_odp_action

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5641929845374976 Project: openvswitch Fuzzer: aflopenvswitchodptarget Fuzz target binary: odptarget Job Type: aflasanopenvswitch Platform Id: linux Crash Type: Heap-use-after-free READ 2 Crash...

openvswitch/expr_parse_target: Use-of-uninitialized-value in make_cmp

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5692438513975296 Project: openvswitch Fuzzer: libFuzzeropenvswitchexprparsetarget Fuzz target binary: exprparsetarget Job Type: libfuzzermsanopenvswitch Platform Id: linux Crash Type:...

openvswitch/expr_parse_target: Stack-buffer-underflow in lex_parse_hex_integer

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5699613135208448 Project: openvswitch Fuzzer: aflopenvswitchexprparsetarget Fuzz target binary: exprparsetarget Job Type: aflasanopenvswitch Platform Id: linux Crash Type: Stack-buffer-underflow REA...

openvswitch/ofp_print_target: Use-of-uninitialized-value in flow_wildcards_init_for_packet

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5758815018942464 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprinttarget Fuzz target binary: ofpprinttarget Job Type: libfuzzermsanopenvswitch Platform Id: linux Crash Type:...

openvswitch/ofp_print_target: Use-of-uninitialized-value in is_nd

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5740399507800064 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprinttarget Fuzz target binary: ofpprinttarget Job Type: libfuzzermsanopenvswitch Platform Id: linux Crash Type:...

openvswitch/flow_extract_target: Use-of-uninitialized-value in miniflow_map_init

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5706708475707392 Project: openvswitch Fuzzer: libFuzzeropenvswitchflowextracttarget Fuzz target binary: flowextracttarget Job Type: libfuzzermsanopenvswitch Platform Id: linux Crash Type:...

openvswitch/flow_extract_target: Use-of-uninitialized-value in is_nd

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5697050302218240 Project: openvswitch Fuzzer: libFuzzeropenvswitchflowextracttarget Fuzz target binary: flowextracttarget Job Type: libfuzzermsanopenvswitch Platform Id: linux Crash Type:...

openvswitch/ofp_print_fuzzer: Heap-use-after-free in ofpact_finish_CLONE

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5722747668791296 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

openvswitch/ofp_print_fuzzer: Heap-double-free in ofputil_pull_ofp15_group_mod

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5677588436484096 Project: openvswitch Fuzzer: aflopenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: aflasanopenvswitch Platform Id: linux Crash Type: Heap-double-free Crash...

Photon OS 1.0: Openvswitch PHSA-2017-0020 (deprecated)

An update of openvswitch packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0020. The text itself is copyright C VMware, Inc...

Photon OS 1.0: Bash / Curl / Mariadb / Openvswitch / Systemd PHSA-2017-0044 (deprecated)

An update of openvswitch,systemd,curl,mariadb,bash packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0044. The text itself is...

openvswitch/ofp_print_fuzzer: Heap-buffer-overflow in parse_intel_port_custom_property

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5072291707748352 Project: openvswitch Fuzzer: aflopenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: aflasanopenvswitch Platform Id: linux Crash Type: Heap-buffer-overflow READ 1...

openvswitch/ofp_print_fuzzer: Heap-buffer-overflow in ofp_packet_to_string

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=6470117922701312 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

openvswitch/flow_extract_fuzzer: Heap-buffer-overflow in parse_icmpv6

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5457710546944000 Project: openvswitch Fuzzer: libFuzzeropenvswitchflowextractfuzzer Fuzz target binary: flowextractfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

openvswitch/ofp_print_fuzzer: Heap-buffer-overflow in get_be16

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5394482341085184 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

openvswitch/ofp_print_fuzzer: Heap-buffer-overflow in decode_bundle

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=5147430386401280 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

openvswitch/ofp_print_fuzzer: Heap-buffer-overflow in get_be16

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=6502620041576448 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

openvswitch/ofp_print_fuzzer: Heap-buffer-overflow in get_unaligned_be32

Project: https://github.com/openvswitch/ovs.git Detailed report: https://oss-fuzz.com/testcase?key=4584019764183040 Project: openvswitch Fuzzer: libFuzzeropenvswitchofpprintfuzzer Fuzz target binary: ofpprintfuzzer Job Type: libfuzzerasanopenvswitch Platform Id: linux Crash Type:...

Security Bulletin: Vulnerabilities in OpenvSwitch affect PowerKVM

Summary PowerKVM is affected by vulnerabilities in OpenvSwitch. IBM has now addressed these vulnerabilities. Vulnerability Details CVEID: CVE-2017-9265 DESCRIPTION: Open vSwitch is vulnerable to a buffer overflow, caused by improper bounds checking by the ofputilpullofp15groupmod function in...