Oval Definition:	oval:org.opensuse.security:def:201817205
Revision Date: 2022-05-22 Version: 1 Title: CVE-2018-17205 Description: An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While reinserting old flows, OvS has an assertion failure due to a check on rule state != RULE_INITIALIZED. This would work for new flows, but for an old flow the rule state is RULE_REMOVED. The assertion failure causes an OvS crash. Family: unix Class: vulnerability Status: Reference(s): CVE-2018-17205 SUSE-SU-2018:4128-1 openSUSE-SU-2018:4148-1 Mitre CVE-2018-17205 SUSE CVE-2018-17205 SUSE-SU-2018:4128-1 openSUSE-SU-2018:4148-1 Platform(s): openSUSE Leap 42.3 SUSE Linux Enterprise High Performance Computing 15 SUSE Linux Enterprise Module for Server Applications 15 SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 15 SUSE Linux Enterprise Server for SAP Applications 12 SP3 SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA SUSE Linux Enterprise Server for SAP Applications 15 Product(s): Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND openvswitch-2.7.6-3.23 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND openvswitch-2.7.6-3.23 is installed Definition Synopsis openSUSE Leap 42.3 is installed AND Package Information openvswitch-2.7.6-19 is installed AND openvswitch is signed with openSUSE key OR openvswitch-devel-2.7.6-19 is installed AND openvswitch-devel is signed with openSUSE key OR openvswitch-ovn-central-2.7.6-19 is installed AND openvswitch-ovn-central is signed with openSUSE key OR openvswitch-ovn-common-2.7.6-19 is installed AND openvswitch-ovn-common is signed with openSUSE key OR openvswitch-ovn-docker-2.7.6-19 is installed AND openvswitch-ovn-docker is signed with openSUSE key OR openvswitch-ovn-host-2.7.6-19 is installed AND openvswitch-ovn-host is signed with openSUSE key OR openvswitch-ovn-vtep-2.7.6-19 is installed AND openvswitch-ovn-vtep is signed with openSUSE key OR openvswitch-pki-2.7.6-19 is installed AND openvswitch-pki is signed with openSUSE key OR openvswitch-test-2.7.6-19 is installed AND openvswitch-test is signed with openSUSE key OR openvswitch-vtep-2.7.6-19 is installed AND openvswitch-vtep is signed with openSUSE key OR python-openvswitch-2.7.6-19 is installed AND python-openvswitch is signed with openSUSE key OR python-openvswitch-test-2.7.6-19 is installed AND python-openvswitch-test is signed with openSUSE key Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed AND openvswitch-2.7.6-3.23.1 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND openvswitch-2.7.6-3.23.1 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server 12 SP3-TERADATA is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3-TERADATA is installed AND openvswitch-2.7.6-3.23 is installed Definition Synopsis Release Information SUSE Linux Enterprise Server 12 SP3 is installed OR SUSE Linux Enterprise Server for SAP Applications 12 SP3 is installed AND openvswitch-2.7.6-3.23.1 is installed OR Package Information SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND openvswitch-2.7.6-3.23.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 is installed AND openvswitch is not affected
BACK