Launchpad CVE tracker

CVE 2017-9264

In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be triggered remotely.

Related bugs and status

CVE-2017-9264 (Candidate) is related to these bugs:

Bug #1723480: openvswitch-switch package postinst modifies existing configuration

		In	Importance	Status
1723480	openvswitch-switch package postinst modifies existing configuration	OpenStack Neutron Open vSwitch Charm	Undecided	Invalid
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch	Undecided	Invalid
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Zesty)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Artful)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Xenial)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive newton	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive pike	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive mitaka	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive ocata	High	Fix Released

Bug #1737866: Too many open files when large number of routers on a host

		In	Importance	Status
1737866	Too many open files when large number of routers on a host	OpenStack Neutron Open vSwitch Charm	Undecided	Invalid
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Bionic)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Artful)	Medium	Won't Fix
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Xenial)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive	Undecided	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive mitaka	Medium	Fix Committed
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive ocata	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive pike	Medium	Fix Released

Bug #1787599: [SRU] openvswitch 2.6.3

Summary				In	Importance	Status
	1787599	[SRU] openvswitch 2.6.3		Ubuntu Cloud Archive	Undecided	Invalid
	1787599	[SRU] openvswitch 2.6.3		Ubuntu Cloud Archive ocata	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2017-9264

References