Download
| Alert*
oval:org.secpod.oval:def:89045012
This update for openvswitch fixes the following issues: - CVE-2017-9263: OpenFlow role status message can cause a call to abort leading to application crash - CVE-2017-9265: Buffer over-read while parsing message could lead to crash or maybe arbitrary code execution - Do not restart the ovs-vswitc ... oval:org.secpod.oval:def:89002115 This update for openvswitch fixes the following issues: * CVE-2017-9263: While parsing an OpenFlow role status message, there is a call to the abort functio for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote Do ... oval:org.secpod.oval:def:51912 openvswitch: Ethernet virtual switch Several security issues were fixed in Open vSwitch. oval:org.secpod.oval:def:113321 Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic. oval:org.secpod.oval:def:703843 openvswitch: Ethernet virtual switch Several security issues were fixed in Open vSwitch. oval:org.secpod.oval:def:2001353 In Open vSwitch 2.7.0, while parsing an OpenFlow role status message, there is a call to the abort function for undefined role status reasons in the function `ofp_print_role_status_message` in `lib/ofp-print.c` that may be leveraged toward a remote DoS attack by a malicious switch. |