9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
Open vSwitch (OvS) is vulnerable to denial of service attacks. A buffer over-read while parsing malformed TCP, UDP, and IPv6 packets allow remote attackers to cause denial of service conditions. This vulnerability affects the function extract_l3_ipv6/extract_l4_tcp/extract_l4_udp
in the library lib/conntrack.c
of the component Firewall
.
access.redhat.com/errata/RHSA-2017:2418
access.redhat.com/errata/RHSA-2017:2648
access.redhat.com/errata/RHSA-2017:2727
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1472729
bugzilla.redhat.com/show_bug.cgi?id=1472854
mail.openvswitch.org/pipermail/ovs-dev/2017-March/329323.html
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P