CVE-2016-2074 — Improper Restriction of Operations within the Bounds of a Memory Buffer in Openvswitch

CWE-119 — Improper Restriction of Operations within the Bounds of a Memory Buffer CWE-121 — Stack-based Buffer Overflow9 documents7 sources

Severity

9.8CRITICALNVD

EPSS

7.5%

top 8.16%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openvswitch Redhat Openshift

Timeline

PublishedJul 3

Latest updateMay 14

Description

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages3 packages

▶Debianopenvswitch/openvswitch< 2.3.0+git20140819-4+3

▶NVDopenvswitch/openvswitch5 versions+4

▶NVDredhat/openshift3.1

Patches

Patch: openvswitch.org ↗Patch: openvswitch.org ↗

🔴Vulnerability Details

GHSA

GHSA-xfh5-4xfg-3g5f: Buffer overflow in lib/flow↗2022-05-14

▶

OSV

CVE-2016-2074: Buffer overflow in lib/flow↗2016-07-03

▶

CVEList

CVE-2016-2074: Buffer overflow in lib/flow↗2016-07-03

▶

📋Vendor Advisories

Red Hat

openvswitch: MPLS buffer overflow vulnerability↗2016-03-28

▶

Debian

CVE-2016-2074: openvswitch - Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x be...↗2016

▶

💬Community

Bugzilla

CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability [rdo]↗2016-04-28

▶

Bugzilla

CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability [fedora-all]↗2016-03-29

▶

Bugzilla

CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability↗2016-03-17

▶