CVE-2017-9264

In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be triggered remotely.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:openvswitch:openvswitch:2.6.1:*:*:*:*:*:*:*

Information

Published : 2017-05-28 21:29

Updated : 2019-10-02 17:03


NVD link : CVE-2017-9264

Mitre link : CVE-2017-9264


JSON object : View

CWE
CWE-125

Out-of-bounds Read

Advertisement

dedicated server usa

Products Affected

openvswitch

  • openvswitch