Launchpad CVE tracker

CVE 2017-9214

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.

Related bugs and status

CVE-2017-9214 (Candidate) is related to these bugs:

Bug #1723480: openvswitch-switch package postinst modifies existing configuration

		In	Importance	Status
1723480	openvswitch-switch package postinst modifies existing configuration	OpenStack Neutron Open vSwitch Charm	Undecided	Invalid
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch	Undecided	Invalid
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Zesty)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Artful)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Xenial)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive newton	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive pike	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive mitaka	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive ocata	High	Fix Released

Bug #1737866: Too many open files when large number of routers on a host

		In	Importance	Status
1737866	Too many open files when large number of routers on a host	OpenStack Neutron Open vSwitch Charm	Undecided	Invalid
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Bionic)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Artful)	Medium	Won't Fix
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Xenial)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive	Undecided	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive mitaka	Medium	Fix Committed
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive ocata	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive pike	Medium	Fix Released

Bug #1787599: [SRU] openvswitch 2.6.3

Summary				In	Importance	Status
	1787599	[SRU] openvswitch 2.6.3		Ubuntu Cloud Archive	Undecided	Invalid
	1787599	[SRU] openvswitch 2.6.3		Ubuntu Cloud Archive ocata	Medium	Fix Released

Bug #1788103: [SRU] openvswitch 2.5.5

		In	Importance	Status
1788103	[SRU] openvswitch 2.5.5	openvswitch (Ubuntu)	Undecided	Invalid
1788103	[SRU] openvswitch 2.5.5	openvswitch (Ubuntu Xenial)	Medium	Fix Released
1788103	[SRU] openvswitch 2.5.5	Ubuntu Cloud Archive	Undecided	Invalid
1788103	[SRU] openvswitch 2.5.5	Ubuntu Cloud Archive mitaka	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2017-9214

References