CVE-2017-9214

Published: May 23, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

RHSA-2017:2698

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2727

vendor-advisory

x_refsource_REDHAT

https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html

x_refsource_CONFIRM

RHSA-2017:2692

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2553

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2418

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2648

vendor-advisory

x_refsource_REDHAT

RHSA-2017:2665

vendor-advisory

x_refsource_REDHAT

[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2017-9214

Description

Affected Products

References