SB2018121811 - OpenSUSE Linux update for openvswitch
Published: December 18, 2018
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 3 secuirty vulnerabilities.
1) Assertion failure (CVE-ID: CVE-2018-17204)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in parse_group_prop_ntr_selection_method in lib/ofp-util.c due to validation of the group type and command after the whole group mod has been decoded. A remote attacker can trigger an an assertion failure via OVS_NOT_REACHED when the OF1.5 decoder tries to use the type and command earlier, when it might still be invalid.
2) Assertion failure (CVE-ID: CVE-2018-17205)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists in ofproto_rule_insert__ in ofproto/ofproto.c due to flows that are added in a bundle are applied to ofproto in order during bundle commit. A remote attacker can trigger an an assertion failure due to a check on rule state != RULE_INITIALIZED while reinserting old flows and cause the service to crash.
3) Buffer over-read (CVE-ID: CVE-2018-17206)
The vulnerability allows a remote attacker to cause DoS condition on the target system.
The vulnerability exists due to buffer over-read issue during BUNDLE action decoding in the decode_bundle function inside lib/ofp-actions.c. A remote attacker can trigger memory corruption and cause the service to crash.
Remediation
Install update from vendor's website.