In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.
References
Link | Resource |
---|---|
https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html | Mailing List Patch Vendor Advisory |
https://access.redhat.com/errata/RHSA-2017:2727 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2698 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2692 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2665 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2648 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2553 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2017:2418 | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html | Mailing List Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
Information
Published : 2017-05-23 10:29
Updated : 2021-08-04 10:15
NVD link : CVE-2017-9214
Mitre link : CVE-2017-9214
JSON object : View
CWE
CWE-191
Integer Underflow (Wrap or Wraparound)
Products Affected
openvswitch
- openvswitch
redhat
- enterprise_linux
- openstack
- virtualization
- virtualization_manager
debian
- debian_linux