QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2018-17204

Back to search

CVE-2018-17204

Published: Sep 19, 2018

Modified: Aug 5, 2024

PUBLISHED

Description

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default.

VendorProductVersions

n/a

n/a

affected
n/a

References

RHSA-2019:0053
vendor-advisory
x_refsource_REDHAT
USN-3873-1
vendor-advisory
x_refsource_UBUNTU
RHSA-2018:3500
vendor-advisory
x_refsource_REDHAT
RHSA-2019:0081
vendor-advisory
x_refsource_REDHAT

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now