CVE-2018-17204 Information

Feb 14, 2021 cve

Description

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6 affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder however tries to use the type and command earlier when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Reference

https://access.redhat.com/errata/RHSA-2018:3500 https://access.redhat.com/errata/RHSA-2019:0053 https://access.redhat.com/errata/RHSA-2019:0081 https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde https://usn.ubuntu.com/3873-1/

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

NONE

Base Score

LOW

Base Severity

4.3

Share on: