7 matches found
CVE-2024-34487
CVE-2024-34487 affects Faucet SDN Ryu 4.34, where OFPFlowStats in parser.py is vulnerable. The root cause is inadequate input handling in the OFPFlowStats path, allowing an attacker to trigger a denial of service by setting inst.length = 0, potentially causing an infinite loop. The DoS impact is ...
CVE-2024-34489
CVE-2024-34489 affects Faucet SDN Ryu 4.34. The issue is in the OFPHello handling in parser.py, where a crafted length=0 input allows an attacker to trigger an infinite loop, causing a denial of service. Root cause: inadequate input validation for length=0. CVSS v3.1 indicates NETWORK attack vect...
CVE-2024-34488
The CVE-2024-34488 entry concerns Faucet SDN Ryu 4.34, where OFPMultipartReply in parser.py can trigger a denial-of-service (infinite loop) when b.length is set to 0. Connected documents corroborate the DoS behavior and reference the same function/parameter without detailing a published fix or af...
CVE-2024-28732
CVE-2024-28732 affects Faucet SDN Ryu 4.34, where the vulnerability is in OFPMatch parsing logic within parser.py. The issue allows remote attackers to trigger an infinite loop, resulting in a denial of service. The available connected sources consistently describe the same failure mode but do no...
CVE-2024-34484
The CVE-2024-34484 issue concerns Faucet SDN Ryu 4.34. In OFPBucket (parser.py), processing an OpenFlow action with length 0 (action.len=0) can trigger an infinite loop, leading to a Denial of Service. The vulnerability affects the parser’s handling of the OFPBucket construct, and the impact is a...
CVE-2024-34483
The CVE-2024-34483 issue affects Faucet SDN Ryu 4.34, where a flaw in the OFPGroupDescStats handling in parser.py (OFPBucket.len=0) can trigger an infinite loop during parsing, leading to a denial of service. Multiple sources corroborate that the vulnerability stems from OFPGroupDescStats in the ...
CVE-2024-34486
CVE-2024-34486 affects Faucet SDN Ryu 4.34. The vulnerability resides in OFPPacketQueue within parser.py, where insufficient input validation on OFPQueueProp.len can trigger an infinite loop, enabling a denial-of-service condition. Connected sources (Red Hat, SUSE, Veracode, Osv, GHSA) corroborat...