CVE-2016-10377
published 2017-05-29CVE-2016-10377: In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in…
high8.8CVSS 3.0
AVAACLPRNUINSUCHIHAH
In Open vSwitch (OvS) 2.5.0, a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| debian | openvswitch | < openvswitch 2.6.1+git20161123-1 (bookworm) | openvswitch 2.6.1+git20161123-1 (bookworm) |
| openvswitch | openvswitch | — | — |
| openvswitch | openvswitch | >= 0 < 2.6.1+git20161123-1 | 2.6.1+git20161123-1 |
| openvswitch | openvswitch | >= 0 < 2.6.1+git20161123-1 | 2.6.1+git20161123-1 |
| openvswitch | openvswitch | >= 0 < 2.6.1+git20161123-1 | 2.6.1+git20161123-1 |
| openvswitch | openvswitch | >= 0 < 2.6.1+git20161123-1 | 2.6.1+git20161123-1 |
CVSS provenance
nvdv3.08.8HIGHCVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
osv8.8HIGH