CVE-2022-29606 Information

Description

An issue was discovered in ONOS 2.5.1. An intent with a large port number shows the CORRUPT state which is misleading to a network operator. Improper handling of such port numbers causes inconsistency between intent and flow rules in the network.

Reference

https://wiki.onosproject.org/display/ONOS/Intent+Framework https://www.usenix.org/system/files/sec23fall-prepub-285_kim-jiwon.pdf