Action not permitted
Modal body text goes here.
CVE-2016-2074
Vulnerability from cvelistv5
Published
2016-07-03 21:00
Modified
2024-08-05 23:17
Severity ?
EPSS score ?
Summary
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.
References
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T23:17:50.458Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html"
},
{
"name": "RHSA-2016:0537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html"
},
{
"name": "RHSA-2016:0524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"name": "DSA-3533",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN",
"x_transferred"
],
"url": "http://www.debian.org/security/2016/dsa-3533"
},
{
"name": "RHSA-2016:0615",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-2074"
},
{
"name": "GLSA-201701-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO",
"x_transferred"
],
"url": "https://security.gentoo.org/glsa/201701-07"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://support.citrix.com/article/CTX232655"
},
{
"name": "RHSA-2016:0523",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT",
"x_transferred"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html"
},
{
"name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available",
"tags": [
"mailing-list",
"x_refsource_MLIST",
"x_transferred"
],
"url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html"
},
{
"name": "85700",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/85700"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2016-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-03-22T09:57:01",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html"
},
{
"name": "RHSA-2016:0537",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html"
},
{
"name": "RHSA-2016:0524",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"name": "DSA-3533",
"tags": [
"vendor-advisory",
"x_refsource_DEBIAN"
],
"url": "http://www.debian.org/security/2016/dsa-3533"
},
{
"name": "RHSA-2016:0615",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-2074"
},
{
"name": "GLSA-201701-07",
"tags": [
"vendor-advisory",
"x_refsource_GENTOO"
],
"url": "https://security.gentoo.org/glsa/201701-07"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://support.citrix.com/article/CTX232655"
},
{
"name": "RHSA-2016:0523",
"tags": [
"vendor-advisory",
"x_refsource_REDHAT"
],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html"
},
{
"name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available",
"tags": [
"mailing-list",
"x_refsource_MLIST"
],
"url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html"
},
{
"name": "85700",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/85700"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch",
"refsource": "MLIST",
"url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html"
},
{
"name": "RHSA-2016:0537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html"
},
{
"name": "RHSA-2016:0524",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"name": "DSA-3533",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3533"
},
{
"name": "RHSA-2016:0615",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2016-2074",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2016-2074"
},
{
"name": "GLSA-201701-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-07"
},
{
"name": "https://support.citrix.com/article/CTX232655",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX232655"
},
{
"name": "RHSA-2016:0523",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html"
},
{
"name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available",
"refsource": "MLIST",
"url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html"
},
{
"name": "85700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85700"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2016-2074",
"datePublished": "2016-07-03T21:00:00",
"dateReserved": "2016-01-26T00:00:00",
"dateUpdated": "2024-08-05T23:17:50.458Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2016-2074\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-07-03T21:59:10.837\",\"lastModified\":\"2018-03-23T01:29:00.523\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer en lib/flow.c en ovs-vswitchd en Open vSwitch 2.2.x y 2.3.x en versiones anteriores a 2.3.3 y 2.4.x en versiones anteriores a 2.4.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de paquetes MPLS manipulados, seg\u00fan lo demostrado por una cadena larga en un comando ovs-appctl.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A796838-9780-419B-9EAD-2360626C4695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B37942A8-CBC2-4750-9299-E39076F1D6F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30BB36D5-5E72-40BC-8C38-1804F48E0D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D03F8D4-40DA-4B83-8C5A-571DF817081D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"166C64EF-1F33-4257-AA88-83B37C128B9D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"F8E35FAB-695F-44DA-945D-60B47C1F200B\"}]}]}],\"references\":[{\"url\":\"http://openvswitch.org/pipermail/announce/2016-March/000082.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://openvswitch.org/pipermail/announce/2016-March/000083.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0523.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0524.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0537.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3533\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/85700\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:0615\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1318553\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2016-2074\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/201701-07\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.citrix.com/article/CTX232655\",\"source\":\"cve@mitre.org\"}]}}"
}
}
rhsa-2016_0523
Vulnerability from csaf_redhat
Published
2016-03-30 01:25
Modified
2024-11-14 19:52
Summary
Red Hat Security Advisory: openvswitch security update
Notes
Topic
An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.
Security Fix(es):
* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)
Red Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0523",
"url": "https://access.redhat.com/errata/RHSA-2016:0523"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0523.json"
}
],
"title": "Red Hat Security Advisory: openvswitch security update",
"tracking": {
"current_release_date": "2024-11-14T19:52:13+00:00",
"generator": {
"date": "2024-11-14T19:52:13+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:0523",
"initial_release_date": "2016-03-30T01:25:21+00:00",
"revision_history": [
{
"date": "2016-03-30T01:25:21+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-03-30T01:25:21+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T19:52:13+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:5::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product_id": "openvswitch-0:2.4.0-2.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.src",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7",
"product_id": "7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
},
"product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-5.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Open vSwitch project"
]
},
{
"names": [
"Bhargava Shastry",
"Kashyap Thimmaraju"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2074",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2016-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1318553"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openvswitch: MPLS buffer overflow vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2074"
},
{
"category": "external",
"summary": "RHBZ#1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074"
}
],
"release_date": "2016-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-30T01:25:21+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0523"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openvswitch: MPLS buffer overflow vulnerability"
}
]
}
rhsa-2016_0615
Vulnerability from csaf_redhat
Published
2016-04-11 18:54
Modified
2024-11-14 19:52
Summary
Red Hat Security Advisory: openvswitch security update
Notes
Topic
Updated openvswitch packages that fix one security issue are now available
for Red Hat OpenShift Enterprise 3.1.
Red Hat Product Security has rated this update as having Important security
impact. A Common Vulnerability Scoring System (CVSS) base score, which
gives a detailed severity rating, is available from the CVE link in the
References section.
Details
OpenShift Enterprise by Red Hat is the company's cloud computing
Platform-as-a-Service (PaaS) solution designed for on-premise or private
cloud deployments.
A buffer overflow flaw was discovered in the OVS processing of MPLS labels.
A remote attacker able to deliver a frame containing a malicious MPLS label
that would be processed by OVS could trigger the flaw and use the resulting
memory corruption to cause a denial of service (DoS) or, possibly, execute
arbitrary code. (CVE-2016-2074)
Red Hat would like to thank the Open vSwitch Project for reporting these
issues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as
the original reporters of CVE-2016-2074.
This update includes the following images:
openshift3/openvswitch:v3.1.1.6-9
aep3_beta/openvswitch:v3.1.1.6-9
openshift3/node:v3.1.1.6-16
aep3_beta/node:v3.1.1.6-16
All openvswitch users are advised to upgrade to this updated package, which
contains a backported patch to correct this issue.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "Updated openvswitch packages that fix one security issue are now available \nfor Red Hat OpenShift Enterprise 3.1.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.",
"title": "Topic"
},
{
"category": "general",
"text": "OpenShift Enterprise by Red Hat is the company\u0027s cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments.\n\nA buffer overflow flaw was discovered in the OVS processing of MPLS labels. \nA remote attacker able to deliver a frame containing a malicious MPLS label \nthat would be processed by OVS could trigger the flaw and use the resulting \nmemory corruption to cause a denial of service (DoS) or, possibly, execute \narbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch Project for reporting these \nissues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as \nthe original reporters of CVE-2016-2074.\n\nThis update includes the following images:\n\nopenshift3/openvswitch:v3.1.1.6-9\naep3_beta/openvswitch:v3.1.1.6-9\nopenshift3/node:v3.1.1.6-16\naep3_beta/node:v3.1.1.6-16\n\nAll openvswitch users are advised to upgrade to this updated package, which \ncontains a backported patch to correct this issue.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0615",
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0615.json"
}
],
"title": "Red Hat Security Advisory: openvswitch security update",
"tracking": {
"current_release_date": "2024-11-14T19:52:35+00:00",
"generator": {
"date": "2024-11-14T19:52:35+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:0615",
"initial_release_date": "2016-04-11T18:54:30+00:00",
"revision_history": [
{
"date": "2016-04-11T18:54:30+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-04-11T18:54:30+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T19:52:35+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat OpenShift Enterprise 3.1",
"product": {
"name": "Red Hat OpenShift Enterprise 3.1",
"product_id": "7Server-RH7-RHOSE-3.1",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openshift:3.1::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch"
}
}
},
{
"category": "product_version",
"name": "openvswitch-test-0:2.4.0-2.el7_2.noarch",
"product": {
"name": "openvswitch-test-0:2.4.0-2.el7_2.noarch",
"product_id": "openvswitch-test-0:2.4.0-2.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-test@2.4.0-2.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-devel@2.4.0-2.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product_id": "openvswitch-0:2.4.0-2.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat OpenShift Enterprise 3.1",
"product_id": "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.src",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat OpenShift Enterprise 3.1",
"product_id": "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat OpenShift Enterprise 3.1",
"product_id": "7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat OpenShift Enterprise 3.1",
"product_id": "7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-test-0:2.4.0-2.el7_2.noarch as a component of Red Hat OpenShift Enterprise 3.1",
"product_id": "7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch"
},
"product_reference": "openvswitch-test-0:2.4.0-2.el7_2.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.1"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat OpenShift Enterprise 3.1",
"product_id": "7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch"
},
"product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"relates_to_product_reference": "7Server-RH7-RHOSE-3.1"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Open vSwitch project"
]
},
{
"names": [
"Bhargava Shastry",
"Kashyap Thimmaraju"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2074",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2016-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1318553"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openvswitch: MPLS buffer overflow vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch",
"7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2074"
},
{
"category": "external",
"summary": "RHBZ#1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074"
}
],
"release_date": "2016-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-04-11T18:54:30+00:00",
"details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch",
"7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch",
"7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openvswitch: MPLS buffer overflow vulnerability"
}
]
}
rhsa-2016_0524
Vulnerability from csaf_redhat
Published
2016-03-30 01:25
Modified
2024-11-14 19:52
Summary
Red Hat Security Advisory: openvswitch security update
Notes
Topic
An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.
Security Fix(es):
* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)
Red Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0524",
"url": "https://access.redhat.com/errata/RHSA-2016:0524"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0524.json"
}
],
"title": "Red Hat Security Advisory: openvswitch security update",
"tracking": {
"current_release_date": "2024-11-14T19:52:18+00:00",
"generator": {
"date": "2024-11-14T19:52:18+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:0524",
"initial_release_date": "2016-03-30T01:25:12+00:00",
"revision_history": [
{
"date": "2016-03-30T01:25:12+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-03-30T01:25:12+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T19:52:18+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:6::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product_id": "openvswitch-0:2.4.0-2.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.src",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7",
"product_id": "7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
},
"product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-6.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Open vSwitch project"
]
},
{
"names": [
"Bhargava Shastry",
"Kashyap Thimmaraju"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2074",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2016-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1318553"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openvswitch: MPLS buffer overflow vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2074"
},
{
"category": "external",
"summary": "RHBZ#1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074"
}
],
"release_date": "2016-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-30T01:25:12+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0524"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openvswitch: MPLS buffer overflow vulnerability"
}
]
}
rhsa-2016_0537
Vulnerability from csaf_redhat
Published
2016-03-30 20:43
Modified
2024-11-14 19:52
Summary
Red Hat Security Advisory: openvswitch security update
Notes
Topic
An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7.
Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.
Security Fix(es):
* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)
Red Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Important"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2016:0537",
"url": "https://access.redhat.com/errata/RHSA-2016:0537"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#important",
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"category": "external",
"summary": "1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0537.json"
}
],
"title": "Red Hat Security Advisory: openvswitch security update",
"tracking": {
"current_release_date": "2024-11-14T19:52:24+00:00",
"generator": {
"date": "2024-11-14T19:52:24+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.2.1"
}
},
"id": "RHSA-2016:0537",
"initial_release_date": "2016-03-30T20:43:00+00:00",
"revision_history": [
{
"date": "2016-03-30T20:43:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2016-03-30T20:43:00+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2024-11-14T19:52:24+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product": {
"name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:openstack:7::el7"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenStack Platform"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"product": {
"name": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"product_id": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-dpdk-debuginfo@2.4.0-0.10346.git97bab959.3.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"product": {
"name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"product_id": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-dpdk@2.4.0-0.10346.git97bab959.3.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src",
"product": {
"name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src",
"product_id": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch-dpdk@2.4.0-0.10346.git97bab959.3.el7_2?arch=src"
}
}
},
{
"category": "product_version",
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product": {
"name": "openvswitch-0:2.4.0-2.el7_2.src",
"product_id": "openvswitch-0:2.4.0-2.el7_2.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch"
}
}
}
],
"category": "architecture",
"name": "noarch"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64"
},
"product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src"
},
"product_reference": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64"
},
"product_reference": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64"
},
"product_reference": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7",
"product_id": "7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
},
"product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch",
"relates_to_product_reference": "7Server-RH7-RHOS-7.0"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"the Open vSwitch project"
]
},
{
"names": [
"Bhargava Shastry",
"Kashyap Thimmaraju"
],
"summary": "Acknowledged by upstream."
}
],
"cve": "CVE-2016-2074",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2016-03-16T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "1318553"
}
],
"notes": [
{
"category": "description",
"text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "openvswitch: MPLS buffer overflow vulnerability",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2016-2074"
},
{
"category": "external",
"summary": "RHBZ#1318553",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074",
"url": "https://www.cve.org/CVERecord?id=CVE-2016-2074"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074"
}
],
"release_date": "2016-03-28T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2016-03-30T20:43:00+00:00",
"details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258",
"product_ids": [
"7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2016:0537"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "ADJACENT_NETWORK",
"authentication": "SINGLE",
"availabilityImpact": "COMPLETE",
"baseScore": 7.4,
"confidentialityImpact": "COMPLETE",
"integrityImpact": "COMPLETE",
"vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C",
"version": "2.0"
},
"products": [
"7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src",
"7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64",
"7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch"
]
}
],
"threats": [
{
"category": "impact",
"details": "Important"
}
],
"title": "openvswitch: MPLS buffer overflow vulnerability"
}
]
}
var-201607-0547
Vulnerability from variot
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. Open vSwitch is prone to multiple remote buffer-overflow vulnerabilities because it fails to adequately bounds check user-supplied data before copying it into an insufficiently sized buffer. Successful exploits may allow attackers to execute arbitrary code or cause denial-of-service conditions. It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. The following versions are affected: OVS Version 2.2.x, Version 2.3.x, Version 2.4.x.
Background
Open vSwitch is a production quality multilayer virtual switch.
Workaround
There is no known workaround at this time.
Resolution
All Open vSwitch users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openvswitch-2.5.0"
References
[ 1 ] CVE-2016-2074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2074
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201701-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--FOwRaKoxFb5txc6jCpaFu8xVgvCjK1wAH--
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openvswitch security update Advisory ID: RHSA-2016:0615-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2016:0615 Issue date: 2016-04-11 CVE Names: CVE-2016-2074 =====================================================================
- Summary:
Updated openvswitch packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.1.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat OpenShift Enterprise 3.1 - noarch, x86_64
- Description:
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)
Red Hat would like to thank the Open vSwitch Project for reporting these issues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters of CVE-2016-2074.
This update includes the following images:
openshift3/openvswitch:v3.1.1.6-9 aep3_beta/openvswitch:v3.1.1.6-9 openshift3/node:v3.1.1.6-16 aep3_beta/node:v3.1.1.6-16
All openvswitch users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1318553 - CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability
- Package List:
Red Hat OpenShift Enterprise 3.1:
Source: openvswitch-2.4.0-2.el7_2.src.rpm
noarch: openvswitch-test-2.4.0-2.el7_2.noarch.rpm python-openvswitch-2.4.0-2.el7_2.noarch.rpm
x86_64: openvswitch-2.4.0-2.el7_2.x86_64.rpm openvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm openvswitch-devel-2.4.0-2.el7_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2074 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXDKHJXlSAg2UNWIIRArVMAJ9kWC3bedooegoZ6ADWrLKD9xKzCQCfUQmK /IpUBYvFD22Fc2VwgoAoq2g= =EyZn -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
For the stable distribution (jessie), this problem has been fixed in version 2.3.0+git20140819-3+deb8u1.
For the unstable distribution (sid), this problem has been fixed in version 2.3.0+git20140819-4.
We recommend that you upgrade your openvswitch packages. Description:
Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic
Show details on source website{
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
"affected_products": {
"@id": "https://www.variotdbs.pl/ref/affected_products"
},
"configurations": {
"@id": "https://www.variotdbs.pl/ref/configurations"
},
"credits": {
"@id": "https://www.variotdbs.pl/ref/credits"
},
"cvss": {
"@id": "https://www.variotdbs.pl/ref/cvss/"
},
"description": {
"@id": "https://www.variotdbs.pl/ref/description/"
},
"exploit_availability": {
"@id": "https://www.variotdbs.pl/ref/exploit_availability/"
},
"external_ids": {
"@id": "https://www.variotdbs.pl/ref/external_ids/"
},
"iot": {
"@id": "https://www.variotdbs.pl/ref/iot/"
},
"iot_taxonomy": {
"@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
},
"patch": {
"@id": "https://www.variotdbs.pl/ref/patch/"
},
"problemtype_data": {
"@id": "https://www.variotdbs.pl/ref/problemtype_data/"
},
"references": {
"@id": "https://www.variotdbs.pl/ref/references/"
},
"sources": {
"@id": "https://www.variotdbs.pl/ref/sources/"
},
"sources_release_date": {
"@id": "https://www.variotdbs.pl/ref/sources_release_date/"
},
"sources_update_date": {
"@id": "https://www.variotdbs.pl/ref/sources_update_date/"
},
"threat_type": {
"@id": "https://www.variotdbs.pl/ref/threat_type/"
},
"title": {
"@id": "https://www.variotdbs.pl/ref/title/"
},
"type": {
"@id": "https://www.variotdbs.pl/ref/type/"
}
},
"@id": "https://www.variotdbs.pl/vuln/VAR-201607-0547",
"affected_products": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/affected_products#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"model": "openshift",
"scope": "eq",
"trust": 1.6,
"vendor": "redhat",
"version": "3.1"
},
{
"model": "openvswitch",
"scope": "eq",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.3.0"
},
{
"model": "openvswitch",
"scope": "eq",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.4.0"
},
{
"model": "openvswitch",
"scope": "eq",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.3.1"
},
{
"model": "openvswitch",
"scope": "eq",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.2.0"
},
{
"model": "openvswitch",
"scope": "eq",
"trust": 1.0,
"vendor": "openvswitch",
"version": "2.3.2"
},
{
"model": "open vswitch",
"scope": "lt",
"trust": 0.8,
"vendor": "open vswitch",
"version": "2.4.x"
},
{
"model": "open vswitch",
"scope": "lt",
"trust": 0.8,
"vendor": "open vswitch",
"version": "2.3.x"
},
{
"model": "openshift",
"scope": "eq",
"trust": 0.8,
"vendor": "red hat",
"version": "enterprise"
},
{
"model": "open vswitch",
"scope": "eq",
"trust": 0.8,
"vendor": "open vswitch",
"version": "2.3.3"
},
{
"model": "open vswitch",
"scope": "eq",
"trust": 0.8,
"vendor": "open vswitch",
"version": "2.2.x"
},
{
"model": "open vswitch",
"scope": "eq",
"trust": 0.8,
"vendor": "open vswitch",
"version": "2.4.1"
},
{
"model": "openstack",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "7.0"
},
{
"model": "enterprise linux openstack platform for rhel",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "75.0"
},
{
"model": "vswitch open vswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "open",
"version": "2.4"
},
{
"model": "vswitch open vswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "open",
"version": "2.3"
},
{
"model": "vswitch open vswitch",
"scope": "eq",
"trust": 0.3,
"vendor": "open",
"version": "2.2"
},
{
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "6.0"
},
{
"model": "xenserver cu1",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "7.1"
},
{
"model": "xenserver",
"scope": "eq",
"trust": 0.3,
"vendor": "citrix",
"version": "7.0"
},
{
"model": "vswitch open vswitch",
"scope": "ne",
"trust": 0.3,
"vendor": "open",
"version": "2.5"
}
],
"sources": [
{
"db": "BID",
"id": "85700"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
]
},
"configurations": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/configurations#",
"children": {
"@container": "@list"
},
"cpe_match": {
"@container": "@list"
},
"data": {
"@container": "@list"
},
"nodes": {
"@container": "@list"
}
},
"data": [
{
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
}
],
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2074"
}
]
},
"credits": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/credits#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Red Hat",
"sources": [
{
"db": "PACKETSTORM",
"id": "136659"
},
{
"db": "PACKETSTORM",
"id": "136470"
},
{
"db": "PACKETSTORM",
"id": "136469"
},
{
"db": "PACKETSTORM",
"id": "136483"
}
],
"trust": 0.4
},
"cve": "CVE-2016-2074",
"cvss": {
"@context": {
"cvssV2": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
},
"cvssV3": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
},
"severity": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/cvss/severity#"
},
"@id": "https://www.variotdbs.pl/ref/cvss/severity"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
},
"@id": "https://www.variotdbs.pl/ref/sources"
}
},
"data": [
{
"cvssV2": [
{
"acInsufInfo": false,
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "NVD",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"trust": 1.0,
"userInteractionRequired": false,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"acInsufInfo": null,
"accessComplexity": "Low",
"accessVector": "Network",
"authentication": "None",
"author": "NVD",
"availabilityImpact": "Partial",
"baseScore": 7.5,
"confidentialityImpact": "Partial",
"exploitabilityScore": null,
"id": "CVE-2016-2074",
"impactScore": null,
"integrityImpact": "Partial",
"obtainAllPrivilege": null,
"obtainOtherPrivilege": null,
"obtainUserPrivilege": null,
"severity": "High",
"trust": 0.9,
"userInteractionRequired": null,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "VULHUB",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"exploitabilityScore": 10.0,
"id": "VHN-90893",
"impactScore": 6.4,
"integrityImpact": "PARTIAL",
"severity": "HIGH",
"trust": 0.1,
"vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [
{
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"author": "NVD",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"exploitabilityScore": 3.9,
"impactScore": 5.9,
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"trust": 1.0,
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
{
"attackComplexity": "Low",
"attackVector": "Network",
"author": "NVD",
"availabilityImpact": "High",
"baseScore": 9.8,
"baseSeverity": "Critical",
"confidentialityImpact": "High",
"exploitabilityScore": null,
"id": "CVE-2016-2074",
"impactScore": null,
"integrityImpact": "High",
"privilegesRequired": "None",
"scope": "Unchanged",
"trust": 0.8,
"userInteraction": "None",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
}
],
"severity": [
{
"author": "NVD",
"id": "CVE-2016-2074",
"trust": 1.8,
"value": "CRITICAL"
},
{
"author": "CNNVD",
"id": "CNNVD-201603-406",
"trust": 0.6,
"value": "HIGH"
},
{
"author": "VULHUB",
"id": "VHN-90893",
"trust": 0.1,
"value": "HIGH"
},
{
"author": "VULMON",
"id": "CVE-2016-2074",
"trust": 0.1,
"value": "HIGH"
}
]
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90893"
},
{
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
]
},
"description": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/description#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. Open vSwitch is prone to multiple remote buffer-overflow vulnerabilities because it fails to adequately bounds check user-supplied data before copying it into an insufficiently sized buffer. \nSuccessful exploits may allow attackers to execute arbitrary code or cause denial-of-service conditions. It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. The following versions are affected: OVS Version 2.2.x, Version 2.3.x, Version 2.4.x. \n\nBackground\n==========\n\nOpen vSwitch is a production quality multilayer virtual switch. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Open vSwitch users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/openvswitch-2.5.0\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2074\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2074\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201701-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n--FOwRaKoxFb5txc6jCpaFu8xVgvCjK1wAH--\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openvswitch security update\nAdvisory ID: RHSA-2016:0615-01\nProduct: Red Hat OpenShift Enterprise\nAdvisory URL: https://access.redhat.com/errata/RHSA-2016:0615\nIssue date: 2016-04-11\nCVE Names: CVE-2016-2074 \n=====================================================================\n\n1. Summary:\n\nUpdated openvswitch packages that fix one security issue are now available \nfor Red Hat OpenShift Enterprise 3.1. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat OpenShift Enterprise 3.1 - noarch, x86_64\n\n3. Description:\n\nOpenShift Enterprise by Red Hat is the company\u0027s cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments. \n\nA buffer overflow flaw was discovered in the OVS processing of MPLS labels. \nA remote attacker able to deliver a frame containing a malicious MPLS label\nthat would be processed by OVS could trigger the flaw and use the resulting\nmemory corruption to cause a denial of service (DoS) or, possibly, execute \narbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch Project for reporting these \nissues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as \nthe original reporters of CVE-2016-2074. \n\nThis update includes the following images:\n\nopenshift3/openvswitch:v3.1.1.6-9\naep3_beta/openvswitch:v3.1.1.6-9\nopenshift3/node:v3.1.1.6-16\naep3_beta/node:v3.1.1.6-16\n\nAll openvswitch users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1318553 - CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability\n\n6. Package List:\n\nRed Hat OpenShift Enterprise 3.1:\n\nSource:\nopenvswitch-2.4.0-2.el7_2.src.rpm\n\nnoarch:\nopenvswitch-test-2.4.0-2.el7_2.noarch.rpm\npython-openvswitch-2.4.0-2.el7_2.noarch.rpm\n\nx86_64:\nopenvswitch-2.4.0-2.el7_2.x86_64.rpm\nopenvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm\nopenvswitch-devel-2.4.0-2.el7_2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2074\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXDKHJXlSAg2UNWIIRArVMAJ9kWC3bedooegoZ6ADWrLKD9xKzCQCfUQmK\n/IpUBYvFD22Fc2VwgoAoq2g=\n=EyZn\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.3.0+git20140819-3+deb8u1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.3.0+git20140819-4. \n\nWe recommend that you upgrade your openvswitch packages. Description:\n\nOpen vSwitch provides standard network bridging functions and support for\nthe OpenFlow protocol for remote per-flow control of traffic",
"sources": [
{
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"db": "BID",
"id": "85700"
},
{
"db": "VULHUB",
"id": "VHN-90893"
},
{
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"db": "PACKETSTORM",
"id": "140320"
},
{
"db": "PACKETSTORM",
"id": "136659"
},
{
"db": "PACKETSTORM",
"id": "136470"
},
{
"db": "PACKETSTORM",
"id": "136464"
},
{
"db": "PACKETSTORM",
"id": "136469"
},
{
"db": "PACKETSTORM",
"id": "136483"
}
],
"trust": 2.61
},
"external_ids": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/external_ids#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"db": "NVD",
"id": "CVE-2016-2074",
"trust": 3.5
},
{
"db": "BID",
"id": "85700",
"trust": 1.5
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485",
"trust": 0.8
},
{
"db": "OPENWALL",
"id": "OSS-SECURITY/2016/03/29/1",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-201603-406",
"trust": 0.6
},
{
"db": "PACKETSTORM",
"id": "136483",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136470",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136659",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136469",
"trust": 0.2
},
{
"db": "PACKETSTORM",
"id": "136464",
"trust": 0.2
},
{
"db": "VULHUB",
"id": "VHN-90893",
"trust": 0.1
},
{
"db": "VULMON",
"id": "CVE-2016-2074",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "140320",
"trust": 0.1
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90893"
},
{
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"db": "BID",
"id": "85700"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"db": "PACKETSTORM",
"id": "140320"
},
{
"db": "PACKETSTORM",
"id": "136659"
},
{
"db": "PACKETSTORM",
"id": "136470"
},
{
"db": "PACKETSTORM",
"id": "136464"
},
{
"db": "PACKETSTORM",
"id": "136469"
},
{
"db": "PACKETSTORM",
"id": "136483"
},
{
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
]
},
"id": "VAR-201607-0547",
"iot": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/iot#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": true,
"sources": [
{
"db": "VULHUB",
"id": "VHN-90893"
}
],
"trust": 0.725
},
"last_update_date": "2023-12-18T13:19:40.697000Z",
"patch": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/patch#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"title": "[ovs-announce] Open vSwitch 2.4.1 and 2.3.3 Available",
"trust": 0.8,
"url": "http://openvswitch.org/pipermail/announce/2016-march/000083.html"
},
{
"title": "Top Page",
"trust": 0.8,
"url": "http://openvswitch.org/"
},
{
"title": "[ovs-announce] CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch",
"trust": 0.8,
"url": "http://openvswitch.org/pipermail/announce/2016-march/000082.html"
},
{
"title": "Bug 1318553",
"trust": 0.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"title": "RHSA-2016:0615",
"trust": 0.8,
"url": "https://access.redhat.com/errata/rhsa-2016:0615"
},
{
"title": "CVE-2016-2074",
"trust": 0.8,
"url": "https://security-tracker.debian.org/tracker/cve-2016-2074"
},
{
"title": "Debian Security Advisories: DSA-3533-1 openvswitch -- security update",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=315e4d420e18888a1f323d0bb1f6011f"
},
{
"title": "Red Hat: CVE-2016-2074",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2074"
},
{
"title": "Citrix Security Bulletins: Citrix XenServer Multiple Security Updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=181b7d97210e9284f8fa51fda2290181"
},
{
"title": "secure-vhost",
"trust": 0.1,
"url": "https://github.com/ictyangye/secure-vhost "
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
}
]
},
"problemtype_data": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"problemtype": "CWE-119",
"trust": 1.9
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90893"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"db": "NVD",
"id": "CVE-2016-2074"
}
]
},
"references": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/references#",
"data": {
"@container": "@list"
},
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": [
{
"trust": 1.8,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"trust": 1.8,
"url": "https://security-tracker.debian.org/tracker/cve-2016-2074"
},
{
"trust": 1.8,
"url": "http://openvswitch.org/pipermail/announce/2016-march/000082.html"
},
{
"trust": 1.8,
"url": "http://openvswitch.org/pipermail/announce/2016-march/000083.html"
},
{
"trust": 1.5,
"url": "https://support.citrix.com/article/ctx232655"
},
{
"trust": 1.3,
"url": "http://www.securityfocus.com/bid/85700"
},
{
"trust": 1.3,
"url": "https://security.gentoo.org/glsa/201701-07"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0523.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0524.html"
},
{
"trust": 1.3,
"url": "http://rhn.redhat.com/errata/rhsa-2016-0537.html"
},
{
"trust": 1.3,
"url": "https://access.redhat.com/errata/rhsa-2016:0615"
},
{
"trust": 1.2,
"url": "http://www.debian.org/security/2016/dsa-3533"
},
{
"trust": 0.9,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2074"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2074"
},
{
"trust": 0.6,
"url": "http://www.openwall.com/lists/oss-security/2016/03/29/1"
},
{
"trust": 0.5,
"url": "https://nvd.nist.gov/vuln/detail/cve-2016-2074"
},
{
"trust": 0.4,
"url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
},
{
"trust": 0.4,
"url": "https://bugzilla.redhat.com/):"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/key/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/articles/11258"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/cve/cve-2016-2074"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/team/contact/"
},
{
"trust": 0.4,
"url": "https://access.redhat.com/security/updates/classification/#important"
},
{
"trust": 0.3,
"url": "http://openvswitch.org/"
},
{
"trust": 0.3,
"url": "http://seclists.org/oss-sec/2016/q1/706"
},
{
"trust": 0.3,
"url": "https://access.redhat.com/errata/rhsa-2016:0537"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/119.html"
},
{
"trust": 0.1,
"url": "https://github.com/ictyangye/secure-vhost"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/./dsa-3533"
},
{
"trust": 0.1,
"url": "http://creativecommons.org/licenses/by-sa/2.5"
},
{
"trust": 0.1,
"url": "https://security.gentoo.org/"
},
{
"trust": 0.1,
"url": "https://bugs.gentoo.org."
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "https://www.debian.org/security/faq"
}
],
"sources": [
{
"db": "VULHUB",
"id": "VHN-90893"
},
{
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"db": "BID",
"id": "85700"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"db": "PACKETSTORM",
"id": "140320"
},
{
"db": "PACKETSTORM",
"id": "136659"
},
{
"db": "PACKETSTORM",
"id": "136470"
},
{
"db": "PACKETSTORM",
"id": "136464"
},
{
"db": "PACKETSTORM",
"id": "136469"
},
{
"db": "PACKETSTORM",
"id": "136483"
},
{
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
]
},
"sources": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#",
"data": {
"@container": "@list"
}
},
"data": [
{
"db": "VULHUB",
"id": "VHN-90893"
},
{
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"db": "BID",
"id": "85700"
},
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"db": "PACKETSTORM",
"id": "140320"
},
{
"db": "PACKETSTORM",
"id": "136659"
},
{
"db": "PACKETSTORM",
"id": "136470"
},
{
"db": "PACKETSTORM",
"id": "136464"
},
{
"db": "PACKETSTORM",
"id": "136469"
},
{
"db": "PACKETSTORM",
"id": "136483"
},
{
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
]
},
"sources_release_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2016-07-03T00:00:00",
"db": "VULHUB",
"id": "VHN-90893"
},
{
"date": "2016-07-03T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"date": "2016-03-28T00:00:00",
"db": "BID",
"id": "85700"
},
{
"date": "2016-07-11T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"date": "2017-01-02T16:48:46",
"db": "PACKETSTORM",
"id": "140320"
},
{
"date": "2016-04-12T15:13:15",
"db": "PACKETSTORM",
"id": "136659"
},
{
"date": "2016-03-30T15:10:59",
"db": "PACKETSTORM",
"id": "136470"
},
{
"date": "2016-03-29T15:15:27",
"db": "PACKETSTORM",
"id": "136464"
},
{
"date": "2016-03-30T15:10:48",
"db": "PACKETSTORM",
"id": "136469"
},
{
"date": "2016-03-30T23:29:15",
"db": "PACKETSTORM",
"id": "136483"
},
{
"date": "2016-07-03T21:59:10.837000",
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"date": "2016-03-29T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
]
},
"sources_update_date": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
"data": {
"@container": "@list"
}
},
"data": [
{
"date": "2018-03-23T00:00:00",
"db": "VULHUB",
"id": "VHN-90893"
},
{
"date": "2018-03-23T00:00:00",
"db": "VULMON",
"id": "CVE-2016-2074"
},
{
"date": "2018-03-23T08:00:00",
"db": "BID",
"id": "85700"
},
{
"date": "2016-09-05T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2016-003485"
},
{
"date": "2018-03-23T01:29:00.523000",
"db": "NVD",
"id": "CVE-2016-2074"
},
{
"date": "2016-07-04T00:00:00",
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
]
},
"threat_type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/threat_type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "140320"
},
{
"db": "PACKETSTORM",
"id": "136659"
},
{
"db": "PACKETSTORM",
"id": "136470"
},
{
"db": "PACKETSTORM",
"id": "136464"
},
{
"db": "PACKETSTORM",
"id": "136469"
},
{
"db": "PACKETSTORM",
"id": "136483"
},
{
"db": "CNNVD",
"id": "CNNVD-201603-406"
}
],
"trust": 1.2
},
"title": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/title#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "Open vSwitch of ovs-vswitchd of lib/flow.c Vulnerable to buffer overflow",
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2016-003485"
}
],
"trust": 0.8
},
"type": {
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/type#",
"sources": {
"@container": "@list",
"@context": {
"@vocab": "https://www.variotdbs.pl/ref/sources#"
}
}
},
"data": "overflow, arbitrary",
"sources": [
{
"db": "PACKETSTORM",
"id": "140320"
},
{
"db": "PACKETSTORM",
"id": "136659"
},
{
"db": "PACKETSTORM",
"id": "136470"
},
{
"db": "PACKETSTORM",
"id": "136464"
},
{
"db": "PACKETSTORM",
"id": "136469"
},
{
"db": "PACKETSTORM",
"id": "136483"
}
],
"trust": 0.6
}
}
ghsa-xfh5-4xfg-3g5f
Vulnerability from github
Published
2022-05-14 03:35
Modified
2022-05-14 03:35
Severity ?
Details
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.
{
"affected": [],
"aliases": [
"CVE-2016-2074"
],
"database_specific": {
"cwe_ids": [
"CWE-119"
],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2016-07-03T21:59:00Z",
"severity": "CRITICAL"
},
"details": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.",
"id": "GHSA-xfh5-4xfg-3g5f",
"modified": "2022-05-14T03:35:57Z",
"published": "2022-05-14T03:35:57Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074"
},
{
"type": "WEB",
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"type": "WEB",
"url": "https://security-tracker.debian.org/tracker/CVE-2016-2074"
},
{
"type": "WEB",
"url": "https://security.gentoo.org/glsa/201701-07"
},
{
"type": "WEB",
"url": "https://support.citrix.com/article/CTX232655"
},
{
"type": "WEB",
"url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html"
},
{
"type": "WEB",
"url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html"
},
{
"type": "WEB",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2016/dsa-3533"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/85700"
}
],
"schema_version": "1.4.0",
"severity": [
{
"score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"type": "CVSS_V3"
}
]
}
gsd-2016-2074
Vulnerability from gsd
Modified
2023-12-13 01:21
Details
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2016-2074",
"description": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.",
"id": "GSD-2016-2074",
"references": [
"https://www.suse.com/security/cve/CVE-2016-2074.html",
"https://www.debian.org/security/2016/dsa-3533",
"https://access.redhat.com/errata/RHSA-2016:0615",
"https://access.redhat.com/errata/RHSA-2016:0537",
"https://access.redhat.com/errata/RHSA-2016:0524",
"https://access.redhat.com/errata/RHSA-2016:0523"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2016-2074"
],
"details": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.",
"id": "GSD-2016-2074",
"modified": "2023-12-13T01:21:19.416119Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2074",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch",
"refsource": "MLIST",
"url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html"
},
{
"name": "RHSA-2016:0537",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html"
},
{
"name": "RHSA-2016:0524",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"name": "DSA-3533",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2016/dsa-3533"
},
{
"name": "RHSA-2016:0615",
"refsource": "REDHAT",
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2016-2074",
"refsource": "CONFIRM",
"url": "https://security-tracker.debian.org/tracker/CVE-2016-2074"
},
{
"name": "GLSA-201701-07",
"refsource": "GENTOO",
"url": "https://security.gentoo.org/glsa/201701-07"
},
{
"name": "https://support.citrix.com/article/CTX232655",
"refsource": "CONFIRM",
"url": "https://support.citrix.com/article/CTX232655"
},
{
"name": "RHSA-2016:0523",
"refsource": "REDHAT",
"url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html"
},
{
"name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available",
"refsource": "MLIST",
"url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html"
},
{
"name": "85700",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/85700"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.4.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
},
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2016-2074"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "CWE-119"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch",
"refsource": "MLIST",
"tags": [
"Vendor Advisory"
],
"url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
},
{
"name": "https://security-tracker.debian.org/tracker/CVE-2016-2074",
"refsource": "CONFIRM",
"tags": [],
"url": "https://security-tracker.debian.org/tracker/CVE-2016-2074"
},
{
"name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available",
"refsource": "MLIST",
"tags": [
"Patch"
],
"url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html"
},
{
"name": "RHSA-2016:0615",
"refsource": "REDHAT",
"tags": [],
"url": "https://access.redhat.com/errata/RHSA-2016:0615"
},
{
"name": "85700",
"refsource": "BID",
"tags": [],
"url": "http://www.securityfocus.com/bid/85700"
},
{
"name": "GLSA-201701-07",
"refsource": "GENTOO",
"tags": [],
"url": "https://security.gentoo.org/glsa/201701-07"
},
{
"name": "DSA-3533",
"refsource": "DEBIAN",
"tags": [],
"url": "http://www.debian.org/security/2016/dsa-3533"
},
{
"name": "RHSA-2016:0537",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html"
},
{
"name": "RHSA-2016:0524",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html"
},
{
"name": "RHSA-2016:0523",
"refsource": "REDHAT",
"tags": [],
"url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html"
},
{
"name": "https://support.citrix.com/article/CTX232655",
"refsource": "CONFIRM",
"tags": [],
"url": "https://support.citrix.com/article/CTX232655"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 6.4,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "HIGH",
"userInteractionRequired": false
},
"baseMetricV3": {
"cvssV3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"exploitabilityScore": 3.9,
"impactScore": 5.9
}
},
"lastModifiedDate": "2018-03-23T01:29Z",
"publishedDate": "2016-07-03T21:59Z"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.