Red Hat Security Advisory 2017-2648-01 - Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. Security Fix: An unsigned int wrap around leading to a buffer over-read was found when parsing OFPT_QUEUE_GET_CONFIG_REPLY messages in Open vSwitch. An attacker could use this flaw to cause a remote DoS. In Open vSwitch, while parsing an OpenFlow role status message there is a call to the abort() function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch.
a89207e2a95563240c607a5d5422b72c90ed390784fb1efbcfddd8431ef00b24
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed