 |
Home ▼ Bookkeeping
Online ▼ Security
Audits ▼
Managed
DNS ▼
About
Order
FAQ
Acceptable Use Policy
Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password Network
Monitor ▼
Enterprise Package
Advanced Package
Standard Package
Free Trial
FAQ
Price/Feature Summary
Order/Renew
Examples
Configure/Status Alert Profiles | ||
| CVE ID: | CVE-2018-17205 |
| Description: | An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While reinserting old flows, OvS has an assertion failure due to a check on rule state != RULE_INITIALIZED. This would work for new flows, but for an old flow the rule state is RULE_REMOVED. The assertion failure causes an OvS crash. |
| Test IDs: | None available |
| Cross References: |
Common Vulnerability Exposure (CVE) ID: CVE-2018-17205 https://github.com/openvswitch/ovs/commit/0befd1f3745055c32940f5faf9559be6a14395e6 RedHat Security Advisories: RHSA-2018:3500 https://access.redhat.com/errata/RHSA-2018:3500 RedHat Security Advisories: RHSA-2019:0053 https://access.redhat.com/errata/RHSA-2019:0053 RedHat Security Advisories: RHSA-2019:0081 https://access.redhat.com/errata/RHSA-2019:0081 https://usn.ubuntu.com/3873-1/ |