#VU8433 Integer underflow in Red Hat OpenStack - CVE-2017-9214


Vulnerability identifier: #VU8433

Vulnerability risk: Low

CVSSv4.0: 2.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2017-9214

CWE-ID: CWE-191

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Red Hat OpenStack
Server applications / Other server solutions

Vendor: Red Hat Inc.

Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in the Open vSwitch (OvS) component due to unsigned integer underflow in the function ofputil_pull_queue_get_config_reply10 in lib/ofp-util.c. when parsing of OFPT_QUEUE_GET_CONFIG_REPLY messages. A remote attacker can send a specially crafted OFPT_QUEUE_GET_CONFIG_REPLY message, trigger buffer over-read and cause the application to crash.

Successful exploitation of the vulnerability results in denial of service.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Red Hat OpenStack: 7.0

External links
https://access.redhat.com/errata/RHSA-2017:2698

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Ubuntu update for Open vSwitch
Multiple vulnerabilities in Red Hat OpenStack
Multiple vulnerabilities in Red Hat OpenStack 11.0 packages
Red Hat update for openvswitch
Red Hat Enterprise Linux OpenStack Platform 6 update for openvswitch
Multiple vulnerabilities in Red Hat OpenStack 10.0 packages
Red Hat update for openvswitch
Fast Datapath for Red Hat Enterprise Linux 7 update for openvswitch
Fedora 26 update for openvswitch
Fedora 26 update for openvswitch