#VU55006 Use-after-free in Open vSwitch - CVE-2021-36980


Vulnerability identifier: #VU55006

Vulnerability risk: High

CVSSv4.0: 8.1 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:U/U:Amber]

CVE-ID: CVE-2021-36980

CWE-ID: CWE-416

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Open vSwitch
Hardware solutions / Firmware

Vendor: openvswitch.org

Description

The vulnerability allows a remote attacker to compromise vulnerable system.

The vulnerability exists due to a use-after-free error in decode_NXAST_RAW_ENCAP (called from ofpact_decode and ofpacts_decode) during the decoding of a RAW_ENCAP action. A remote attacker can send a specially crafted request to the system, trigger a use-after-free error and execute arbitrary code.

Successful exploitation of the vulnerability may allow an attacker to compromise vulnerable system.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Open vSwitch: 2.11.0 - 2.15.0

External links
http://github.com/openvswitch/ovs/commit/38744b1bcb022c611712527f039722115300f58f
http://bugs.chromium.org/p/oss-fuzz/issues/detail?id=27851
http://github.com/google/oss-fuzz-vulns/blob/main/vulns/openvswitch/OSV-2020-2197.yaml

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Gentoo update for Open vSwitch
SUSE update for openvswitch
SUSE update for openvswitch
Red Hat Enterprise Linux Fast Datapath 8 update for openvswitch2.11
Red Hat Enterprise Linux Fast Datapath 7 update for openvswitch2.11
Red Hat Enterprise Linux Fast Datapath 8 update for openvswitch2.13
Red Hat Enterprise Linux Fast Datapath 8 update for openvswitch2.15
Red Hat Enterprise Linux Fast Datapath 7 update for openvswitch2.13
SUSE update for openvswitch
SUSE update for openvswitch