Vulnerability-Lookup

CVE-2017-9214 (GCVE-0-2017-9214)

Vulnerability from cvelistv5 – Published: 2017-05-23 17:00 – Updated: 2024-08-05 17:02

Summary

Severity

9.8 (Critical)


                        
                          CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

CWE

Assigner

mitre

References

9 references

URL	Tags
https://access.redhat.com/errata/RHSA-2017:2698	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:2727	vendor-advisoryx_refsource_REDHAT
https://mail.openvswitch.org/pipermail/ovs-dev/20…	x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2017:2692	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:2553	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:2418	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:2648	vendor-advisoryx_refsource_REDHAT
https://access.redhat.com/errata/RHSA-2017:2665	vendor-advisoryx_refsource_REDHAT
https://lists.debian.org/debian-lts-announce/2021…	mailing-listx_refsource_MLIST

Date Public

2017-05-23 00:00

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-05T17:02:43.682Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "name": "RHSA-2017:2698",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2698"
          },
          {
            "name": "RHSA-2017:2727",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2727"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html"
          },
          {
            "name": "RHSA-2017:2692",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2692"
          },
          {
            "name": "RHSA-2017:2553",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2553"
          },
          {
            "name": "RHSA-2017:2418",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2418"
          },
          {
            "name": "RHSA-2017:2648",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2648"
          },
          {
            "name": "RHSA-2017:2665",
            "tags": [
              "vendor-advisory",
              "x_refsource_REDHAT",
              "x_transferred"
            ],
            "url": "https://access.redhat.com/errata/RHSA-2017:2665"
          },
          {
            "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update",
            "tags": [
              "mailing-list",
              "x_refsource_MLIST",
              "x_transferred"
            ],
            "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2017-05-23T00:00:00.000Z",
      "descriptions": [
        {
          "lang": "en",
          "value": "In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2021-02-20T00:06:12.000Z",
        "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
        "shortName": "mitre"
      },
      "references": [
        {
          "name": "RHSA-2017:2698",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2698"
        },
        {
          "name": "RHSA-2017:2727",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2727"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html"
        },
        {
          "name": "RHSA-2017:2692",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2692"
        },
        {
          "name": "RHSA-2017:2553",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2553"
        },
        {
          "name": "RHSA-2017:2418",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2418"
        },
        {
          "name": "RHSA-2017:2648",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2648"
        },
        {
          "name": "RHSA-2017:2665",
          "tags": [
            "vendor-advisory",
            "x_refsource_REDHAT"
          ],
          "url": "https://access.redhat.com/errata/RHSA-2017:2665"
        },
        {
          "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update",
          "tags": [
            "mailing-list",
            "x_refsource_MLIST"
          ],
          "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "cve@mitre.org",
          "ID": "CVE-2017-9214",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "RHSA-2017:2698",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2698"
            },
            {
              "name": "RHSA-2017:2727",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2727"
            },
            {
              "name": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html",
              "refsource": "CONFIRM",
              "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html"
            },
            {
              "name": "RHSA-2017:2692",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2692"
            },
            {
              "name": "RHSA-2017:2553",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2553"
            },
            {
              "name": "RHSA-2017:2418",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2418"
            },
            {
              "name": "RHSA-2017:2648",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2648"
            },
            {
              "name": "RHSA-2017:2665",
              "refsource": "REDHAT",
              "url": "https://access.redhat.com/errata/RHSA-2017:2665"
            },
            {
              "name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update",
              "refsource": "MLIST",
              "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
    "assignerShortName": "mitre",
    "cveId": "CVE-2017-9214",
    "datePublished": "2017-05-23T17:00:00.000Z",
    "dateReserved": "2017-05-23T00:00:00.000Z",
    "dateUpdated": "2024-08-05T17:02:43.682Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "epss": {
      "cve": "CVE-2017-9214",
      "date": "2026-06-08",
      "epss": "0.04372",
      "percentile": "0.89168"
    },
    "fkie_nvd": {
      "configurations": "[{\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:openvswitch:openvswitch:2.7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"C3C92CDE-F125-490D-9B70-AEAAA6947352\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]}, {\"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"31EC146C-A6F6-4C0D-AF87-685286262DAA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"9DAA72A4-AC7D-4544-89D4-5B07961D5A95\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E8B8C725-34CF-4340-BE7B-37E58CF706D6\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"4E9AF77C-5D49-4842-9817-AD710A919073\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"03EB0F63-DB24-4240-BC44-C92BAE7EAF42\"}, {\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"AF786B57-02C3-48B7-B902-318356B3A3B6\"}]}]}, {\"operator\": \"AND\", \"nodes\": [{\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": true, \"criteria\": \"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"6BBD7A51-0590-4DDF-8249-5AFA8D645CB6\"}]}, {\"operator\": \"OR\", \"negate\": false, \"cpeMatch\": [{\"vulnerable\": false, \"criteria\": \"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\", \"matchCriteriaId\": \"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}]",
      "descriptions": "[{\"lang\": \"en\", \"value\": \"In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.\"}, {\"lang\": \"es\", \"value\": \"En Open vSwitch (OvS) versi\\u00f3n 2.7.0, mientras analiza un mensaje OFPT_QUEUE_GET_CONFIG_REPLY tipo OFP versi\\u00f3n 1.0, se presenta una lectura excesiva b\\u00fafer causada por un desbordamiento de enteros sin signo en la funci\\u00f3n \\u201cofputil_pull_queue_get_config_reply10\\u201d en la biblioteca \\u201clib/ofp-util.c\\u201d.\"}]",
      "id": "CVE-2017-9214",
      "lastModified": "2024-11-21T03:35:36.157",
      "metrics": "{\"cvssMetricV31\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"3.1\", \"vectorString\": \"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\", \"baseScore\": 9.8, \"baseSeverity\": \"CRITICAL\", \"attackVector\": \"NETWORK\", \"attackComplexity\": \"LOW\", \"privilegesRequired\": \"NONE\", \"userInteraction\": \"NONE\", \"scope\": \"UNCHANGED\", \"confidentialityImpact\": \"HIGH\", \"integrityImpact\": \"HIGH\", \"availabilityImpact\": \"HIGH\"}, \"exploitabilityScore\": 3.9, \"impactScore\": 5.9}], \"cvssMetricV2\": [{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"cvssData\": {\"version\": \"2.0\", \"vectorString\": \"AV:N/AC:L/Au:N/C:P/I:P/A:P\", \"baseScore\": 7.5, \"accessVector\": \"NETWORK\", \"accessComplexity\": \"LOW\", \"authentication\": \"NONE\", \"confidentialityImpact\": \"PARTIAL\", \"integrityImpact\": \"PARTIAL\", \"availabilityImpact\": \"PARTIAL\"}, \"baseSeverity\": \"HIGH\", \"exploitabilityScore\": 10.0, \"impactScore\": 6.4, \"acInsufInfo\": false, \"obtainAllPrivilege\": false, \"obtainUserPrivilege\": false, \"obtainOtherPrivilege\": false, \"userInteractionRequired\": false}]}",
      "published": "2017-05-23T17:29:00.257",
      "references": "[{\"url\": \"https://access.redhat.com/errata/RHSA-2017:2418\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2553\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2648\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2665\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2692\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2698\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2727\", \"source\": \"cve@mitre.org\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html\", \"source\": \"cve@mitre.org\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2418\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2553\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2648\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2665\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2692\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2698\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://access.redhat.com/errata/RHSA-2017:2727\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Third Party Advisory\"]}, {\"url\": \"https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Third Party Advisory\"]}, {\"url\": \"https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html\", \"source\": \"af854a3a-2127-422b-91ae-364da2661108\", \"tags\": [\"Mailing List\", \"Patch\", \"Vendor Advisory\"]}]",
      "sourceIdentifier": "cve@mitre.org",
      "vulnStatus": "Modified",
      "weaknesses": "[{\"source\": \"nvd@nist.gov\", \"type\": \"Primary\", \"description\": [{\"lang\": \"en\", \"value\": \"CWE-191\"}]}]"
    },
    "nvd": "{\"cve\":{\"id\":\"CVE-2017-9214\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2017-05-23T17:29:00.257\",\"lastModified\":\"2026-05-13T00:24:29.033\",\"vulnStatus\":\"Modified\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.\"},{\"lang\":\"es\",\"value\":\"En Open vSwitch (OvS) versi\u00f3n 2.7.0, mientras analiza un mensaje OFPT_QUEUE_GET_CONFIG_REPLY tipo OFP versi\u00f3n 1.0, se presenta una lectura excesiva b\u00fafer causada por un desbordamiento de enteros sin signo en la funci\u00f3n \u201cofputil_pull_queue_get_config_reply10\u201d en la biblioteca \u201clib/ofp-util.c\u201d.\"}],\"metrics\":{\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"baseScore\":7.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-191\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C3C92CDE-F125-490D-9B70-AEAAA6947352\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"DEECE5FC-CACF-4496-A3E7-164736409252\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"31EC146C-A6F6-4C0D-AF87-685286262DAA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9DAA72A4-AC7D-4544-89D4-5B07961D5A95\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E8B8C725-34CF-4340-BE7B-37E58CF706D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F40C26BE-56CB-4022-A1D8-3CA0A8F87F4B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4E9AF77C-5D49-4842-9817-AD710A919073\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"03EB0F63-DB24-4240-BC44-C92BAE7EAF42\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"AF786B57-02C3-48B7-B902-318356B3A3B6\"}]}]},{\"operator\":\"AND\",\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6BBD7A51-0590-4DDF-8249-5AFA8D645CB6\"}]},{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":false,\"criteria\":\"cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"142AD0DD-4CF3-4D74-9442-459CE3347E3A\"}]}]}],\"references\":[{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2418\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2553\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2648\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2665\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2692\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2698\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2727\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2418\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2553\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2648\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2665\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2692\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2698\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://access.redhat.com/errata/RHSA-2017:2727\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Third Party Advisory\"]},{\"url\":\"https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Mailing List\",\"Patch\",\"Vendor Advisory\"]}]}}"
  }
}

VAR-201705-3873

Vulnerability from variot - Updated: 2024-07-23 20:17

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputil_pull_queue_get_config_reply10 in lib/ofp-util.c. Open vSwitch (OvS) Contains an integer underflow vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Open vSwitch (OVS) is a multi-layer virtual switch product based on open source technology (following the Apache2.0 license). It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. There is an integer overflow vulnerability in the 'ofputil_pull_queue_get_config_reply10' function of lib/ofp-util.c file in OvS 2.7.0 version. 1473735 - ovs-vswitchd crashes with SIGSEGV randomly when adding/removing interfaces

X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11 X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 03 Aug 2017 12:39:24 +0000 (UTC)

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Moderate: openvswitch security, bug fix, and enhancement update Advisory ID: RHSA-2017:2418-01 Product: Fast Datapath Advisory URL: https://access.redhat.com/errata/RHSA-2017:2418 Issue date: 2017-08-03 CVE Names: CVE-2017-9214 CVE-2017-9263 CVE-2017-9264 CVE-2017-9265 =====================================================================

Summary:

An update for openvswitch is now available for Fast Datapath for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

Relevant releases/architectures:

Channel to provide early releases to layered products - noarch, x86_64

Description:

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

The following packages have been upgraded to a later upstream version: openvswitch (2.7.2). An attacker could use this flaw to cause a remote DoS. (CVE-2017-9214)

In Open vSwitch (OvS), while parsing an OpenFlow role status message there is a call to the abort() function for undefined role status reasons in the function ofp_print_role_status_message in lib/ofp-print.c that may be leveraged toward a remote DoS attack by a malicious switch. (CVE-2017-9263)
A buffer over-read was found in the Open vSwitch (OvS) firewall implementation. This flaw can be triggered by parsing a specially crafted TCP, UDP, or IPv6 packet. A remote attack could use this flaw to cause a Denial of Service (DoS). An attacker could use this flaw to cause a Denial of Service (DoS). (CVE-2017-9265)
Solution:

For details on how to apply this update, which includes the changes described in this advisory, refer to:

https://access.redhat.com/articles/11258

Package List:

Channel to provide early releases to layered products:

Source: openvswitch-2.7.2-1.git20170719.el7fdp.src.rpm

noarch: openvswitch-test-2.7.2-1.git20170719.el7fdp.noarch.rpm python-openvswitch-2.7.2-1.git20170719.el7fdp.noarch.rpm

x86_64: openvswitch-2.7.2-1.git20170719.el7fdp.x86_64.rpm openvswitch-debuginfo-2.7.2-1.git20170719.el7fdp.x86_64.rpm openvswitch-devel-2.7.2-1.git20170719.el7fdp.x86_64.rpm openvswitch-ovn-central-2.7.2-1.git20170719.el7fdp.x86_64.rpm openvswitch-ovn-common-2.7.2-1.git20170719.el7fdp.x86_64.rpm openvswitch-ovn-docker-2.7.2-1.git20170719.el7fdp.x86_64.rpm openvswitch-ovn-host-2.7.2-1.git20170719.el7fdp.x86_64.rpm openvswitch-ovn-vtep-2.7.2-1.git20170719.el7fdp.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

References:

https://access.redhat.com/security/cve/CVE-2017-9214 https://access.redhat.com/security/cve/CVE-2017-9263 https://access.redhat.com/security/cve/CVE-2017-9264 https://access.redhat.com/security/cve/CVE-2017-9265 https://access.redhat.com/security/updates/classification/#moderate

Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

iD8DBQFZgxmYXlSAg2UNWIIRAuzuAJ9Dngapo5j66itwFnpsvl92GKMAywCfb2Ah V7og7GgSn4a1oFzQjIZHeXk= =qOi+ -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce

Show details on source website

JSON

To clipboard

{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201705-3873",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "openstack",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "11"
      },
      {
        "model": "openvswitch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openvswitch",
        "version": "2.7.0"
      },
      {
        "model": "openstack",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "9"
      },
      {
        "model": "openstack",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "10"
      },
      {
        "model": "linux",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "debian",
        "version": "9.0"
      },
      {
        "model": "virtualization manager",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "4.1"
      },
      {
        "model": "openstack",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "6.0"
      },
      {
        "model": "virtualization",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "4.0"
      },
      {
        "model": "openstack",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "8"
      },
      {
        "model": "virtualization",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "4.1"
      },
      {
        "model": "openstack",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "open vswitch",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "open vswitch",
        "version": "2.7.0"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": true
                  }
                ],
                "operator": "OR"
              },
              {
                "children": [],
                "cpe_match": [
                  {
                    "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*",
                    "cpe_name": [],
                    "vulnerable": false
                  }
                ],
                "operator": "OR"
              }
            ],
            "cpe_match": [],
            "operator": "AND"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "143959"
      },
      {
        "db": "PACKETSTORM",
        "id": "144028"
      },
      {
        "db": "PACKETSTORM",
        "id": "144137"
      },
      {
        "db": "PACKETSTORM",
        "id": "144026"
      },
      {
        "db": "PACKETSTORM",
        "id": "144124"
      },
      {
        "db": "PACKETSTORM",
        "id": "143646"
      },
      {
        "db": "PACKETSTORM",
        "id": "144115"
      }
    ],
    "trust": 0.7
  },
  "cve": "CVE-2017-9214",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2017-9214",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.8,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-117417",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.1"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2017-9214",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2017-9214",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "VULHUB",
            "id": "VHN-117417",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`. Open vSwitch (OvS) Contains an integer underflow vulnerability.Information is acquired, information is falsified, and denial of service (DoS) May be in a state. Open vSwitch (OVS) is a multi-layer virtual switch product based on open source technology (following the Apache2.0 license). It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. There is an integer overflow vulnerability in the \u0027ofputil_pull_queue_get_config_reply10\u0027 function of lib/ofp-util.c file in OvS 2.7.0 version. \n1473735 - ovs-vswitchd crashes with SIGSEGV randomly when adding/removing interfaces\n\n6. X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11\nX-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16 (mx1.redhat.com [10.5.110.25]); Thu, 03 Aug 2017 12:39:24 +0000 (UTC)\n\n\n-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Moderate: openvswitch security, bug fix, and enhancement update\nAdvisory ID:       RHSA-2017:2418-01\nProduct:           Fast Datapath\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2017:2418\nIssue date:        2017-08-03\nCVE Names:         CVE-2017-9214 CVE-2017-9263 CVE-2017-9264 \n                   CVE-2017-9265 \n=====================================================================\n\n1. Summary:\n\nAn update for openvswitch is now available for Fast Datapath for Red Hat\nEnterprise Linux 7. \n\nRed Hat Product Security has rated this update as having a security impact\nof Moderate. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available for each vulnerability from\nthe CVE link(s) in the References section. \n\n2. Relevant releases/architectures:\n\nChannel to provide early releases to layered products - noarch, x86_64\n\n3. Description:\n\nOpen vSwitch provides standard network bridging functions and support for\nthe OpenFlow protocol for remote per-flow control of traffic. \n\nThe following packages have been upgraded to a later upstream version:\nopenvswitch (2.7.2). An\nattacker could use this flaw to cause a remote DoS. (CVE-2017-9214)\n\n* In Open vSwitch (OvS), while parsing an OpenFlow role status message\nthere is a call to the abort() function for undefined role status reasons\nin the function `ofp_print_role_status_message` in `lib/ofp-print.c` that\nmay be leveraged toward a remote DoS attack by a malicious switch. \n(CVE-2017-9263)\n\n* A buffer over-read was found in the Open vSwitch (OvS) firewall\nimplementation. This flaw can be triggered by parsing a specially crafted\nTCP, UDP, or IPv6 packet. A remote attack could use this flaw to cause a\nDenial of Service (DoS). An attacker could use\nthis flaw to cause a Denial of Service (DoS). (CVE-2017-9265)\n\n4. Solution:\n\nFor details on how to apply this update, which includes the changes\ndescribed in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Package List:\n\nChannel to provide early releases to layered products:\n\nSource:\nopenvswitch-2.7.2-1.git20170719.el7fdp.src.rpm\n\nnoarch:\nopenvswitch-test-2.7.2-1.git20170719.el7fdp.noarch.rpm\npython-openvswitch-2.7.2-1.git20170719.el7fdp.noarch.rpm\n\nx86_64:\nopenvswitch-2.7.2-1.git20170719.el7fdp.x86_64.rpm\nopenvswitch-debuginfo-2.7.2-1.git20170719.el7fdp.x86_64.rpm\nopenvswitch-devel-2.7.2-1.git20170719.el7fdp.x86_64.rpm\nopenvswitch-ovn-central-2.7.2-1.git20170719.el7fdp.x86_64.rpm\nopenvswitch-ovn-common-2.7.2-1.git20170719.el7fdp.x86_64.rpm\nopenvswitch-ovn-docker-2.7.2-1.git20170719.el7fdp.x86_64.rpm\nopenvswitch-ovn-host-2.7.2-1.git20170719.el7fdp.x86_64.rpm\nopenvswitch-ovn-vtep-2.7.2-1.git20170719.el7fdp.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2017-9214\nhttps://access.redhat.com/security/cve/CVE-2017-9263\nhttps://access.redhat.com/security/cve/CVE-2017-9264\nhttps://access.redhat.com/security/cve/CVE-2017-9265\nhttps://access.redhat.com/security/updates/classification/#moderate\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2017 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFZgxmYXlSAg2UNWIIRAuzuAJ9Dngapo5j66itwFnpsvl92GKMAywCfb2Ah\nV7og7GgSn4a1oFzQjIZHeXk=\n=qOi+\n-----END PGP SIGNATURE-----\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "db": "PACKETSTORM",
        "id": "143959"
      },
      {
        "db": "PACKETSTORM",
        "id": "144028"
      },
      {
        "db": "PACKETSTORM",
        "id": "144137"
      },
      {
        "db": "PACKETSTORM",
        "id": "144026"
      },
      {
        "db": "PACKETSTORM",
        "id": "144124"
      },
      {
        "db": "PACKETSTORM",
        "id": "143646"
      },
      {
        "db": "PACKETSTORM",
        "id": "144115"
      }
    ],
    "trust": 2.34
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2017-9214",
        "trust": 2.6
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434",
        "trust": 0.8
      },
      {
        "db": "PACKETSTORM",
        "id": "144028",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "143959",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144137",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144115",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144124",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144026",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "143646",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "144576",
        "trust": 0.1
      },
      {
        "db": "BID",
        "id": "98625",
        "trust": 0.1
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201705-1093",
        "trust": 0.1
      },
      {
        "db": "VULHUB",
        "id": "VHN-117417",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "db": "PACKETSTORM",
        "id": "143959"
      },
      {
        "db": "PACKETSTORM",
        "id": "144028"
      },
      {
        "db": "PACKETSTORM",
        "id": "144137"
      },
      {
        "db": "PACKETSTORM",
        "id": "144026"
      },
      {
        "db": "PACKETSTORM",
        "id": "144124"
      },
      {
        "db": "PACKETSTORM",
        "id": "143646"
      },
      {
        "db": "PACKETSTORM",
        "id": "144115"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "id": "VAR-201705-3873",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117417"
      }
    ],
    "trust": 0.01
  },
  "last_update_date": "2024-07-23T20:17:09.711000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "[ovs-dev] [PATCH] ofp-util: Fix buffer overrread in ofputil_pull_queue_get_config_reply10().",
        "trust": 0.8,
        "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-may/332711.html"
      }
    ],
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-191",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9214"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2418"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2553"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2648"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2665"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2692"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2698"
      },
      {
        "trust": 1.2,
        "url": "https://access.redhat.com/errata/rhsa-2017:2727"
      },
      {
        "trust": 1.1,
        "url": "https://mail.openvswitch.org/pipermail/ovs-dev/2017-may/332711.html"
      },
      {
        "trust": 1.1,
        "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"
      },
      {
        "trust": 0.8,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-9214"
      },
      {
        "trust": 0.7,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9263"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2017-9265"
      },
      {
        "trust": 0.7,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9265"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2017-9263"
      },
      {
        "trust": 0.7,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/cve/cve-2017-9214"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/updates/classification/#moderate"
      },
      {
        "trust": 0.7,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.3,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2017-9264"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/security/cve/cve-2017-9264"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "db": "PACKETSTORM",
        "id": "143959"
      },
      {
        "db": "PACKETSTORM",
        "id": "144028"
      },
      {
        "db": "PACKETSTORM",
        "id": "144137"
      },
      {
        "db": "PACKETSTORM",
        "id": "144026"
      },
      {
        "db": "PACKETSTORM",
        "id": "144124"
      },
      {
        "db": "PACKETSTORM",
        "id": "143646"
      },
      {
        "db": "PACKETSTORM",
        "id": "144115"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "db": "PACKETSTORM",
        "id": "143959"
      },
      {
        "db": "PACKETSTORM",
        "id": "144028"
      },
      {
        "db": "PACKETSTORM",
        "id": "144137"
      },
      {
        "db": "PACKETSTORM",
        "id": "144026"
      },
      {
        "db": "PACKETSTORM",
        "id": "144124"
      },
      {
        "db": "PACKETSTORM",
        "id": "143646"
      },
      {
        "db": "PACKETSTORM",
        "id": "144115"
      },
      {
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2017-05-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "date": "2017-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "date": "2017-08-30T10:11:00",
        "db": "PACKETSTORM",
        "id": "143959"
      },
      {
        "date": "2017-09-06T17:22:00",
        "db": "PACKETSTORM",
        "id": "144028"
      },
      {
        "date": "2017-09-14T19:51:05",
        "db": "PACKETSTORM",
        "id": "144137"
      },
      {
        "date": "2017-09-06T17:18:00",
        "db": "PACKETSTORM",
        "id": "144026"
      },
      {
        "date": "2017-09-13T05:13:56",
        "db": "PACKETSTORM",
        "id": "144124"
      },
      {
        "date": "2017-08-04T05:19:21",
        "db": "PACKETSTORM",
        "id": "143646"
      },
      {
        "date": "2017-09-13T05:11:26",
        "db": "PACKETSTORM",
        "id": "144115"
      },
      {
        "date": "2017-05-23T17:29:00.257000",
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-01-05T00:00:00",
        "db": "VULHUB",
        "id": "VHN-117417"
      },
      {
        "date": "2017-06-26T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      },
      {
        "date": "2021-08-04T17:15:17.903000",
        "db": "NVD",
        "id": "CVE-2017-9214"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "143959"
      },
      {
        "db": "PACKETSTORM",
        "id": "144028"
      },
      {
        "db": "PACKETSTORM",
        "id": "144137"
      },
      {
        "db": "PACKETSTORM",
        "id": "144026"
      },
      {
        "db": "PACKETSTORM",
        "id": "144124"
      },
      {
        "db": "PACKETSTORM",
        "id": "143646"
      },
      {
        "db": "PACKETSTORM",
        "id": "144115"
      }
    ],
    "trust": 0.7
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Open vSwitch Vulnerable to integer underflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2017-004434"
      }
    ],
    "trust": 0.8
  }
}

Sightings

Author	Source	Type	Date	Other

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

CVE-2017-9214 (GCVE-0-2017-9214)

VAR-201705-3873

Tags

Sightings

Nomenclature