Oval Definition:	oval:org.opensuse.security:def:201817204
Revision Date: 2022-05-22 Version: 1 Title: CVE-2018-17204 Description: An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-17204 SUSE-SU-2018:4128-1 openSUSE-SU-2018:4148-1 Mitre CVE-2018-17204 SUSE CVE-2018-17204 SUSE-SU-2018:4128-1 openSUSE-SU-2018:4148-1 Platform(s): openSUSE Leap 42.3 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 15 Product(s): Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND openvswitch-2.7.6-3.23 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND openvswitch-2.7.6-3.23 is installed Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information openvswitch-2.7.6-19 is installed AND openvswitch is signed with openSUSE key OR openvswitch-devel-2.7.6-19 is installed AND openvswitch-devel is signed with openSUSE key OR openvswitch-ovn-central-2.7.6-19 is installed AND openvswitch-ovn-central is signed with openSUSE key OR openvswitch-ovn-common-2.7.6-19 is installed AND openvswitch-ovn-common is signed with openSUSE key OR openvswitch-ovn-docker-2.7.6-19 is installed AND openvswitch-ovn-docker is signed with openSUSE key OR openvswitch-ovn-host-2.7.6-19 is installed AND openvswitch-ovn-host is signed with openSUSE key OR openvswitch-ovn-vtep-2.7.6-19 is installed AND openvswitch-ovn-vtep is signed with openSUSE key OR openvswitch-pki-2.7.6-19 is installed AND openvswitch-pki is signed with openSUSE key OR openvswitch-test-2.7.6-19 is installed AND openvswitch-test is signed with openSUSE key OR openvswitch-vtep-2.7.6-19 is installed AND openvswitch-vtep is signed with openSUSE key OR python-openvswitch-2.7.6-19 is installed AND python-openvswitch is signed with openSUSE key OR python-openvswitch-test-2.7.6-19 is installed AND python-openvswitch-test is signed with openSUSE key Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND openvswitch-2.7.6-3.23.1 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND openvswitch-2.7.6-3.23.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND openvswitch-2.7.6-3.23 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND openvswitch-2.7.6-3.23.1 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND openvswitch-2.7.6-3.23.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND openvswitch is not affected
BACK