Vulnerability CVE-2018-17205

Vulnerability Name:

CVE-2018-17205 (CCN-150474)

Assigned:

2018-06-17

Published:

2018-06-17

Updated:

2021-08-04

Summary:

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While reinserting old flows, OvS has an assertion failure due to a check on rule state != RULE_INITIALIZED. This would work for new flows, but for an old flow the rule state is RULE_REMOVED. The assertion failure causes an OvS crash.

CVSS v3 Severity:

7.5 High (CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

7.5 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H)
6.5 Medium (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C)

Exploitability Metrics:	Attack Vector (AV): Network Attack Complexity (AC): Low Privileges Required (PR): None User Interaction (UI): None
Scope:	Scope (S): Unchanged
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): High

CVSS v2 Severity:

5.0 Medium (CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Authentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Partial

7.8 High (CCN CVSS v2 Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C)

Exploitability Metrics:	Access Vector (AV): Network Access Complexity (AC): Low Athentication (Au): None
Impact Metrics:	Confidentiality (C): None Integrity (I): None Availibility (A): Complete

Vulnerability Type:

CWE-617

Vulnerability Consequences:

Denial of Service

References:

Source: MITRE
Type: CNA
CVE-2018-17205

Source: REDHAT
Type: Third Party Advisory
RHSA-2018:3500

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:0053

Source: REDHAT
Type: Third Party Advisory
RHSA-2019:0081

Source: XF
Type: UNKNOWN
openvswitch-cve201817205-dos(150474)

Source: CCN
Type: Open vSwitch GIT Repository
ofproto: Fix OVS crash when reverting old flows in bundle commit

Source: MISC
Type: Exploit, Patch, Third Party Advisory
https://github.com/openvswitch/ovs/commit/0befd1f3745055c32940f5faf9559be6a14395e6

Source: UBUNTU
Type: Third Party Advisory
USN-3873-1

Source: CCN
Type: WhiteSource Vulnerability Database
CVE-2018-17205

Vulnerable Configuration:

Configuration 1:

cpe:/a:openvswitch:openvswitch:*:*:*:*:*:*:*:* (Version >= 2.7.0 and <= 2.7.6)

Configuration 2:

cpe:/a:redhat:openstack:13:*:*:*:*:*:*:*

OR cpe:/a:redhat:openstack:10:*:*:*:*:*:*:*

Configuration 3:

cpe:/o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*

OR cpe:/o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

Configuration CCN 1:

cpe:/a:openvswitch:openvswitch:2.7.6:*:*:*:*:*:*:*

Denotes that component is vulnerable

Oval Definitions

Definition ID	Class	Title	Last Modified
oval:org.opensuse.security:def:201817205	V	CVE-2018-17205	2022-05-22
oval:org.opensuse.security:def:60442	P	Security update for libvpx (Moderate)	2021-12-23
oval:org.opensuse.security:def:23688	P	Security update for the Linux Kernel (Live Patch 39 for SLE 12 SP3) (Important)	2021-10-18
oval:org.opensuse.security:def:23676	P	Security update for the Linux Kernel (Live Patch 38 for SLE 12 SP3) (Important)	2021-09-23
oval:org.opensuse.security:def:61531	P	libksba-devel-1.3.5-2.14 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61404	P	automake-1.15.1-2.145 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:61401	P	audit-devel-2.8.1-3.30 on GA media (Moderate)	2021-09-21
oval:org.opensuse.security:def:45666	P	Security update for cpio (Important)	2021-08-23
oval:org.opensuse.security:def:62182	P	libnetpbm11-10.80.1-3.11.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62283	P	perl-DBI-1.642-3.9.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:62054	P	cups-2.2.7-3.26.1 on GA media (Moderate)	2021-08-09
oval:org.opensuse.security:def:60321	P	Security update for libsndfile (Critical)	2021-08-05
oval:org.opensuse.security:def:45588	P	Security update for MozillaFirefox (Moderate)	2021-06-08
oval:org.opensuse.security:def:61154	P	ecryptfs-utils-111-2.31 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61371	P	tftp-5.2-3.22 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46562	P	python-imaging-1.1.7-21.15 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61278	P	librrd8-1.7.0-4.34 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:46511	P	libpython3_4m1_0-3.4.1-2.14 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61240	P	libjansson-devel-2.9-1.24 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61213	P	libXrandr-devel-1.5.1-2.17 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:61321	P	openvpn-2.4.3-3.39 on GA media (Moderate)	2021-06-08
oval:org.opensuse.security:def:59722	P	Security update for permissions (Important)	2021-04-29
oval:org.opensuse.security:def:23553	P	Security update for MozillaFirefox (Important)	2021-04-27
oval:org.opensuse.security:def:23724	P	Security update for the Linux Kernel (Live Patch 36 for SLE 12 SP3) (Important)	2021-02-10
oval:org.opensuse.security:def:23600	P	Security update for ImageMagick (Important)	2021-01-22
oval:org.opensuse.security:def:43694	P	Security update for openldap2 (Moderate)	2021-01-14
oval:org.opensuse.security:def:61056	P	Security update for python (Important)	2020-12-11
oval:org.opensuse.security:def:59700	P	Security update for mutt (Important)	2020-12-07
oval:org.opensuse.security:def:59699	P	Security update for postgresql12 (Important)	2020-12-04
oval:org.opensuse.security:def:61736	P	enscript-1.6.6-1.17 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62375	P	containerd-1.2.10-5.19.1 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62462	P	libpango-1_0-0-32bit-1.40.14-1.41 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62512	P	emacs-x11-25.3-3.3.18 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62413	P	gnome-settings-daemon-3.26.2-6.12 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:62545	P	libass-devel-0.14.0-1.25 on GA media (Moderate)	2020-12-03
oval:org.opensuse.security:def:44759	P	Security update for krb5 (Important)	2020-12-01
oval:org.opensuse.security:def:45873	P	Security update for glibc (Moderate)	2020-12-01
oval:org.opensuse.security:def:44675	P	Security update for libvirt (Moderate)	2020-12-01
oval:org.opensuse.security:def:45172	P	Security update for spice (Important)	2020-12-01
oval:org.opensuse.security:def:43974	P	Security update for squid (Moderate)	2020-12-01
oval:org.opensuse.security:def:45418	P	Security update for openvswitch (Moderate)	2020-12-01
oval:org.opensuse.security:def:23114	P	Security update for polkit (Moderate)	2020-12-01
oval:org.opensuse.security:def:24362	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:22007	P	Security update for dovecot22 (Important)	2020-12-01
oval:org.opensuse.security:def:44281	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22583	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:44747	P	Security update for xen (Important)	2020-12-01
oval:org.opensuse.security:def:23346	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22217	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:60942	P	Security update for ardana-ansible, ardana-barbican, ardana-db, ardana-monasca, ardana-mq, ardana-neutron, ardana-octavia, ardana-tempest, crowbar-core, crowbar-ha, crowbar-openstack, documentation-suse-openstack-cloud, memcached, openstack-manila, openstack-neutron, openstack-nova, pdns, python-amqp, rubygem-puma, zookeeper (Moderate)	2020-12-01
oval:org.opensuse.security:def:22435	P	Security update for postgresql, postgresql96, postgresql10 and postgresql12 (Moderate)	2020-12-01
oval:org.opensuse.security:def:44748	P	Security update for curl (Moderate)	2020-12-01
oval:org.opensuse.security:def:45810	P	Security update for openldap2 (Important)	2020-12-01
oval:org.opensuse.security:def:21999	P	Security update for libX11 (Important)	2020-12-01
oval:org.opensuse.security:def:44646	P	Security update for git (Important)	2020-12-01
oval:org.opensuse.security:def:45051	P	Security update for java-1_7_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:43809	P	Security update for openexr (Moderate)	2020-12-01
oval:org.opensuse.security:def:60936	P	Security update for python-paramiko (Important)	2020-12-01
oval:org.opensuse.security:def:45370	P	Security update for exempi (Moderate)	2020-12-01
oval:org.opensuse.security:def:23061	P	Security update for gd (Moderate)	2020-12-01
oval:org.opensuse.security:def:45382	P	Security update for audiofile (Moderate)	2020-12-01
oval:org.opensuse.security:def:44164	P	Security update for grub2 (Important)	2020-12-01
oval:org.opensuse.security:def:22553	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:23300	P	Security update for librelp (Important)	2020-12-01
oval:org.opensuse.security:def:22153	P	Security update for smt, yast2-smt (Important)	2020-12-01
oval:org.opensuse.security:def:44540	P	Security update for mozilla-nspr, mozilla-nss (Important)	2020-12-01
oval:org.opensuse.security:def:23250	P	Security update for openvswitch (Moderate)	2020-12-01
oval:org.opensuse.security:def:60776	P	Security update for libproxy (Important)	2020-12-01
oval:org.opensuse.security:def:22310	P	Security update for webkit2gtk3 (Important)	2020-12-01
oval:org.opensuse.security:def:23053	P	Security update for ImageMagick (Important)	2020-12-01
oval:org.opensuse.security:def:45781	P	Security update for ruby2.1 (Important)	2020-12-01
oval:org.opensuse.security:def:60136	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:44595	P	Security update for java-1_8_0-openjdk (Important)	2020-12-01
oval:org.opensuse.security:def:44869	P	Security update for the Linux Kernel (Live Patch 32 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:43705	P	Security update for the Linux Kernel (Live Patch 21 for SLE 12 SP2) (Important)	2020-12-01
oval:org.opensuse.security:def:60635	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:44732	P	Security update for java-1_8_0-ibm (Important)	2020-12-01
oval:org.opensuse.security:def:60753	P	Security update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:45253	P	Security update for mariadb (Important)	2020-12-01
oval:org.opensuse.security:def:44089	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22541	P	Security update for net-snmp (Important)	2020-12-01
oval:org.opensuse.security:def:23230	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:24394	P	Security update for openvswitch (Moderate)	2020-12-01
oval:org.opensuse.security:def:22054	P	Security update for gcc10 (Moderate)	2020-12-01
oval:org.opensuse.security:def:44470	P	Security update for systemd (Important)	2020-12-01
oval:org.opensuse.security:def:23221	P	Security update for libjpeg-turbo (Moderate)	2020-12-01
oval:org.opensuse.security:def:60754	P	Security update for java-1_8_0-ibm (Moderate)	2020-12-01
oval:org.opensuse.security:def:23411	P	Security update for the Linux Kernel (Important)	2020-12-01
oval:org.opensuse.security:def:43693	P	Recommended update for apache2 (Moderate)	2020-12-01
oval:org.opensuse.security:def:22257	P	Security update for libsolv, libzypp, zypper (Moderate)	2020-12-01
oval:org.opensuse.security:def:45724	P	Security update for ucode-intel (Moderate)	2020-12-01
oval:org.opensuse.security:def:59882	P	Security update for MozillaFirefox (Important)	2020-12-01
oval:org.opensuse.security:def:22474	P	Security update for mozilla-nspr, mozilla-nss (Moderate)	2020-12-01
oval:org.opensuse.security:def:85046	P	Security update for openvswitch (Moderate)	2018-12-14
oval:org.opensuse.security:def:86869	P	Security update for openvswitch (Moderate)	2018-12-14
oval:com.ubuntu.xenial:def:2018172050000000	V	CVE-2018-17205 on Ubuntu 16.04 LTS (xenial) - medium.	2018-09-19
oval:com.ubuntu.bionic:def:201817205000	V	CVE-2018-17205 on Ubuntu 18.04 LTS (bionic) - medium.	2018-09-19
oval:com.ubuntu.cosmic:def:201817205000	V	CVE-2018-17205 on Ubuntu 18.10 (cosmic) - medium.	2018-09-19
oval:com.ubuntu.cosmic:def:2018172050000000	V	CVE-2018-17205 on Ubuntu 18.10 (cosmic) - medium.	2018-09-19
oval:com.ubuntu.trusty:def:201817205000	V	CVE-2018-17205 on Ubuntu 14.04 LTS (trusty) - medium.	2018-09-19
oval:com.ubuntu.bionic:def:2018172050000000	V	CVE-2018-17205 on Ubuntu 18.04 LTS (bionic) - medium.	2018-09-19
oval:com.ubuntu.xenial:def:201817205000	V	CVE-2018-17205 on Ubuntu 16.04 LTS (xenial) - medium.	2018-09-19

BACK