CVE-2017-9214

In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function `ofputil_pull_queue_get_config_reply10` in `lib/ofp-util.c`.

CVSS v3 9.8 CRITICAL
CVSS v2.0 7.5 HIGH

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

7.5^/10

CVSS v2.0 : HIGH

V2 Legend

Vector : AV:N/AC:L/Au:N/C:P/I:P/A:P

Exploitability : 10.0 / Impact : 6.4

Access Vector NETWORK

Access Complexity LOW

Authentication NONE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact PARTIAL

References

Link	Resource
https://access.redhat.com/errata/RHSA-2017:2418	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2553	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2648	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2665	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2692	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2698	Third Party Advisory
https://access.redhat.com/errata/RHSA-2017:2727	Third Party Advisory
https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html	Mailing List Third Party Advisory
https://mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.html	Mailing List Patch Vendor Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:openvswitch:openvswitch:2.7.0:*:*:*:*:*:*:*

Configuration 2 (hide)

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:a:redhat:openstack:6.0:::::::*
	cpe:2.3:a:redhat:openstack:7.0:::::::*
	cpe:2.3:a:redhat:openstack:8:::::::*
	cpe:2.3:a:redhat:openstack:9:::::::*
	cpe:2.3:a:redhat:openstack:10:::::::*
	cpe:2.3:a:redhat:openstack:11:::::::*
	cpe:2.3:a:redhat:virtualization:4.1:::::::*
	cpe:2.3:a:redhat:virtualization_manager:4.1:::::::*

Configuration 4 (hide)

AND

cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

History

04 Aug 2021, 17:15

Type	Values Removed	Values Added
CPE	cpe:2.3:a:redhat:openstack:8.0:::::::*	cpe:2.3:a:redhat:openstack:8:::::::*

25 Feb 2021, 21:58

Type	Values Removed	Values Added
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:2553 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:2553 - Third Party Advisory
References	~~(MLIST) https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html -~~	(MLIST) https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html - Mailing List, Third Party Advisory
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:2698 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:2698 - Third Party Advisory
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:2692 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:2692 - Third Party Advisory
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:2727 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:2727 - Third Party Advisory
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:2418 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:2418 - Third Party Advisory
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:2648 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:2648 - Third Party Advisory
References	~~(REDHAT) https://access.redhat.com/errata/RHSA-2017:2665 -~~	(REDHAT) https://access.redhat.com/errata/RHSA-2017:2665 - Third Party Advisory
CPE		cpe:2.3:a:redhat:openstack:11:::::::* cpe:2.3:a:redhat:openstack:8.0:::::::* cpe:2.3:o:debian:debian_linux:9.0:::::::* cpe:2.3:o:redhat:enterprise_linux:7.0:::::::* cpe:2.3:a:redhat:openstack:10:::::::* cpe:2.3:a:redhat:openstack:7.0:::::::* cpe:2.3:a:redhat:virtualization:4.0:::::::* cpe:2.3:a:redhat:openstack:9:::::::* cpe:2.3:a:redhat:virtualization:4.1:::::::* cpe:2.3:a:redhat:openstack:6.0:::::::* cpe:2.3:a:redhat:virtualization_manager:4.1:::::::*

20 Feb 2021, 01:15

Type	Values Removed	Values Added
References		(MLIST) https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html -

Information

Published : 2017-05-23 17:29

Updated : 2023-12-10 12:15

NVD link : CVE-2017-9214

Mitre link : CVE-2017-9214

CVE.ORG link : CVE-2017-9214

JSON object : View

Products Affected

redhat

virtualization
openstack
enterprise_linux
virtualization_manager

debian

debian_linux

openvswitch

openvswitch

CWE

CWE-191

Integer Underflow (Wrap or Wraparound)

9.8 /10