Launchpad CVE tracker

CVE 2017-9265

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.

Related bugs and status

CVE-2017-9265 (Candidate) is related to these bugs:

Bug #1723480: openvswitch-switch package postinst modifies existing configuration

		In	Importance	Status
1723480	openvswitch-switch package postinst modifies existing configuration	OpenStack Neutron Open vSwitch Charm	Undecided	Invalid
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch	Undecided	Invalid
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Zesty)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Artful)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	openvswitch (Ubuntu Xenial)	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive newton	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive pike	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive mitaka	High	Fix Released
1723480	openvswitch-switch package postinst modifies existing configuration	Ubuntu Cloud Archive ocata	High	Fix Released

Bug #1726927: [SRU] openvswitch 2.5.4

		In	Importance	Status
1726927	[SRU] openvswitch 2.5.4	openvswitch (Ubuntu)	Undecided	Invalid
1726927	[SRU] openvswitch 2.5.4	openvswitch (Ubuntu Xenial)	Medium	Fix Released
1726927	[SRU] openvswitch 2.5.4	Ubuntu Cloud Archive	Undecided	Invalid
1726927	[SRU] openvswitch 2.5.4	Ubuntu Cloud Archive mitaka	High	Fix Released

Bug #1737866: Too many open files when large number of routers on a host

		In	Importance	Status
1737866	Too many open files when large number of routers on a host	OpenStack Neutron Open vSwitch Charm	Undecided	Invalid
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Bionic)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Artful)	Medium	Won't Fix
1737866	Too many open files when large number of routers on a host	openvswitch (Ubuntu Xenial)	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive	Undecided	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive mitaka	Medium	Fix Committed
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive ocata	Medium	Fix Released
1737866	Too many open files when large number of routers on a host	Ubuntu Cloud Archive pike	Medium	Fix Released

Bug #1787599: [SRU] openvswitch 2.6.3

Summary				In	Importance	Status
	1787599	[SRU] openvswitch 2.6.3		Ubuntu Cloud Archive	Undecided	Invalid
	1787599	[SRU] openvswitch 2.6.3		Ubuntu Cloud Archive ocata	Medium	Fix Released

See the

CVE page on Mitre.org for more details.

Launchpad.net

CVE 2017-9265

References