Vulnerability CVE-2018-17204

Vulnerability Name:

CVE-2018-17204 (CCN-150473)

Assigned:

2018-07-06

Published:

2018-07-06

Updated:

2021-08-04

Summary:

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default.

CVSS v3 Severity:

4.3 Medium (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L)
3.8 Low (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): Low User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Low

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

4.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:S/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): Single_Instance
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-617

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-17204

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:3500

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:0053

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:0081

Source: XF
Type: UNKNOWN
openvswitch-cve201817204-dos(150473)

Source: CCN
Type: Open vSwitch GIT Repository
ofp-group: Don't assert-fail decoding bad OF1.5 group mod type or command

Source: MISC
Type: Patch, Third Party Advisory
https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde

Source: MLIST
Type: Mailing List, Third Party Advisory
[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update

Source: UBUNTU
Type: Third Party Advisory
USN-3873-1

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-17204

Vulnerable Configuration:

Configuration 1:

cpe:/a:openvswitch:openvswitch:*:*:*:*:*:*:*:* (Version >= 2.7.0 and <= 2.7.6)

Configuration 2:

cpe:/a:redhat:openstack:10:*:*:*:*:*:*:*

OR cpe:/a:redhat:openstack:13:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

Configuration 4:

cpe:/o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration CCN 1:

cpe:/a:openvswitch:openvswitch:2.7.6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201817204	V	CVE-2018-17204	2022-05-22
oval:org.opensuse.security:def:60442	P	Security update for libvpx (Moderate)	2021-12-23
oval:org.opensuse.security:def:23688	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:23676	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:61531	P	libksba-devel-1.3.5-2.14 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61404	P	automake-1.15.1-2.145 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61401	P	audit-devel-2.8.1-3.30 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:45666	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:62182	P	libnetpbm11-10.80.1-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62283	P	perl-DBI-1.642-3.9.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62054	P	cups-2.2.7-3.26.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:60321	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:45588	P	Security update for MozillaFirefox (Moderate)	2021-06-08
oval:org.opensuse.security:def:61154	P	ecryptfs-utils-111-2.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61371	P	tftp-5.2-3.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46562	P	python-imaging-1.1.7-21.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61278	P	librrd8-1.7.0-4.34 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46511	P	libpython3_4m1_0-3.4.1-2.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61240	P	libjansson-devel-2.9-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61213	P	libXrandr-devel-1.5.1-2.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61321	P	openvpn-2.4.3-3.39 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:59722	P	Security update for permissions (Important)	2021-04-29
oval:org.opensuse.security:def:23553	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:23724	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:23600	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:43694	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:61056	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:59700	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:59699	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:61736	P	enscript-1.6.6-1.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62375	P	containerd-1.2.10-5.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62462	P	libpango-1_0-0-32bit-1.40.14-1.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62512	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62413	P	gnome-settings-daemon-3.26.2-6.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62545	P	libass-devel-0.14.0-1.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:44759	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:45873	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:44675	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:45172	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:43974	P	Security update for squid (Moderate)	2020-12-01
oval:org.opensuse.security:def:45418	P	Security update for openvswitch (Moderate)	2020-12-01
oval:org.opensuse.security:def:23114	P	Security update for polkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:24362	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:22007	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:44281	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22583	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:44747	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:23346	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22217	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:60942	P	Security update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper (Moderate)	2020-12-01
oval:org.opensuse.security:def:22435	P	Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:44748	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:45810	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:21999	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:44646	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:45051	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:43809	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:60936	P	Security update for python-paramiko (Important)	2020-12-01
oval:org.opensuse.security:def:45370	P	Security update for exempi (Moderate)	2020-12-01
oval:org.opensuse.security:def:23061	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:45382	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:44164	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:22553	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:23300	P	Security update for librelp (Important)	2020-12-01
oval:org.opensuse.security:def:22153	P	Security update for smt, yast2-smt (Important)	2020-12-01
oval:org.opensuse.security:def:44540	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:23250	P	Security update for openvswitch (Moderate)	2020-12-01
oval:org.opensuse.security:def:60776	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:22310	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:23053	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:45781	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:60136	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:44595	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:44869	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:43705	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60635	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:44732	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:60753	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:45253	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:44089	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22541	P	Security update for net-snmp (Important)	2020-12-01
oval:org.opensuse.security:def:23230	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:24394	P	Security update for openvswitch (Moderate)	2020-12-01
oval:org.opensuse.security:def:22054	P	Security update for gcc10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:44470	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:23221	P	Security update for libjpeg-turbo (Moderate)	2020-12-01
oval:org.opensuse.security:def:60754	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:23411	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:43693	P	Recommended update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:22257	P	Security update for libsolv, libzypp, zypper (Moderate)	2020-12-01
oval:org.opensuse.security:def:45724	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:59882	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22474	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:85046	P	Security update for openvswitch (Moderate)	2018-12-14
oval:org.opensuse.security:def:86869	P	Security update for openvswitch (Moderate)	2018-12-14
oval:com.ubuntu.xenial:def:2018172040000000	V	CVE-2018-17204 on Ubuntu 16.04 LTS (xenial) - medium.	2018-09-19
oval:com.ubuntu.bionic:def:201817204000	V	CVE-2018-17204 on Ubuntu 18.04 LTS (bionic) - medium.	2018-09-19
oval:com.ubuntu.cosmic:def:201817204000	V	CVE-2018-17204 on Ubuntu 18.10 (cosmic) - medium.	2018-09-19
oval:com.ubuntu.cosmic:def:2018172040000000	V	CVE-2018-17204 on Ubuntu 18.10 (cosmic) - medium.	2018-09-19
oval:com.ubuntu.trusty:def:201817204000	V	CVE-2018-17204 on Ubuntu 14.04 LTS (trusty) - medium.	2018-09-19
oval:com.ubuntu.bionic:def:2018172040000000	V	CVE-2018-17204 on Ubuntu 18.04 LTS (bionic) - medium.	2018-09-19
oval:com.ubuntu.xenial:def:201817204000	V	CVE-2018-17204 on Ubuntu 16.04 LTS (xenial) - medium.	2018-09-19

BACK