CVE-2018-17206
published 2018-09-19CVE-2018-17206: An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue…
medium4.9CVSS 3.1
AVNACLPRHUINSUCNINAH
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.
Affected
13 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| debian | debian_linux | — | — |
| debian | openvswitch | < openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 (bookworm) | openvswitch 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 (bookworm) |
| openvswitch | openvswitch | >= 0 < 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 | 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 |
| openvswitch | openvswitch | >= 0 < 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 | 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 |
| openvswitch | openvswitch | >= 0 < 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 | 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 |
| openvswitch | openvswitch | >= 0 < 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 | 2.10.0+2018.08.28+git.8ca7c82b7d+ds1-1 |
| openvswitch | openvswitch | >= 0 < 2.5.5-0ubuntu0.16.04.2 | 2.5.5-0ubuntu0.16.04.2 |
| openvswitch | openvswitch | >= 0 < 2.9.2-0ubuntu0.18.04.3 | 2.9.2-0ubuntu0.18.04.3 |
| openvswitch | openvswitch | 2.7.0 – 2.7.6 | — |
| redhat | openstack | — | — |
| redhat | openstack | — | — |
CVSS provenance
nvdv3.14.9MEDIUMCVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
osv4.9MEDIUM