cpe:/a:openvswitch:openvswitch:2.7.0 CVE-2017-9214 2017-05-23T13:29:00.257-04:00 2018-01-04T21:31:54.573-05:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov REDHAT RHSA-2017:2418 REDHAT RHSA-2017:2553 REDHAT RHSA-2017:2648 REDHAT RHSA-2017:2665 REDHAT RHSA-2017:2692 REDHAT RHSA-2017:2698 REDHAT RHSA-2017:2727 CONFIRM https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.