Action not permitted
Modal body text goes here.
cve-2016-2074
Vulnerability from cvelistv5
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:17:50.458Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html" }, { "name": "RHSA-2016:0537", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html" }, { "name": "RHSA-2016:0524", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "name": "DSA-3533", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3533" }, { "name": "RHSA-2016:0615", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:0615" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security-tracker.debian.org/tracker/CVE-2016-2074" }, { "name": "GLSA-201701-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201701-07" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX232655" }, { "name": "RHSA-2016:0523", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html" }, { "name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html" }, { "name": "85700", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/85700" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-03-28T00:00:00", "descriptions": [ { "lang": "en", "value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2018-03-22T09:57:01", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html" }, { "name": "RHSA-2016:0537", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html" }, { "name": "RHSA-2016:0524", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "name": "DSA-3533", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3533" }, { "name": "RHSA-2016:0615", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:0615" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security-tracker.debian.org/tracker/CVE-2016-2074" }, { "name": "GLSA-201701-07", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201701-07" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX232655" }, { "name": "RHSA-2016:0523", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html" }, { "name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html" }, { "name": "85700", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/85700" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-2074", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch", "refsource": "MLIST", "url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html" }, { "name": "RHSA-2016:0537", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html" }, { "name": "RHSA-2016:0524", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "name": "DSA-3533", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3533" }, { "name": "RHSA-2016:0615", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:0615" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2016-2074", "refsource": "CONFIRM", "url": "https://security-tracker.debian.org/tracker/CVE-2016-2074" }, { "name": "GLSA-201701-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-07" }, { "name": "https://support.citrix.com/article/CTX232655", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX232655" }, { "name": "RHSA-2016:0523", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html" }, { "name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available", "refsource": "MLIST", "url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html" }, { "name": "85700", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85700" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-2074", "datePublished": "2016-07-03T21:00:00", "dateReserved": "2016-01-26T00:00:00", "dateUpdated": "2024-08-05T23:17:50.458Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2016-2074\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2016-07-03T21:59:10.837\",\"lastModified\":\"2018-03-23T01:29:00.523\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.\"},{\"lang\":\"es\",\"value\":\"Desbordamiento de buffer en lib/flow.c en ovs-vswitchd en Open vSwitch 2.2.x y 2.3.x en versiones anteriores a 2.3.3 y 2.4.x en versiones anteriores a 2.4.1 permite a atacantes remotos ejecutar c\u00f3digo arbitrario a trav\u00e9s de paquetes MPLS manipulados, seg\u00fan lo demostrado por una cadena larga en un comando ovs-appctl.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\",\"baseScore\":9.8,\"baseSeverity\":\"CRITICAL\"},\"exploitabilityScore\":3.9,\"impactScore\":5.9}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:P/I:P/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":7.5},\"baseSeverity\":\"HIGH\",\"exploitabilityScore\":10.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-119\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4A796838-9780-419B-9EAD-2360626C4695\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.3.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B37942A8-CBC2-4750-9299-E39076F1D6F1\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.3.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"30BB36D5-5E72-40BC-8C38-1804F48E0D30\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.3.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"8D03F8D4-40DA-4B83-8C5A-571DF817081D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:openvswitch:openvswitch:2.4.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"166C64EF-1F33-4257-AA88-83B37C128B9D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*\",\"matchCriteriaId\":\"F8E35FAB-695F-44DA-945D-60B47C1F200B\"}]}]}],\"references\":[{\"url\":\"http://openvswitch.org/pipermail/announce/2016-March/000082.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://openvswitch.org/pipermail/announce/2016-March/000083.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0523.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0524.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://rhn.redhat.com/errata/RHSA-2016-0537.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2016/dsa-3533\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/85700\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://access.redhat.com/errata/RHSA-2016:0615\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=1318553\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security-tracker.debian.org/tracker/CVE-2016-2074\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://security.gentoo.org/glsa/201701-07\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.citrix.com/article/CTX232655\",\"source\":\"cve@mitre.org\"}]}}" } }
rhsa-2016_0524
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2016:0524", "url": "https://access.redhat.com/errata/RHSA-2016:0524" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0524.json" } ], "title": "Red Hat Security Advisory: openvswitch security update", "tracking": { "current_release_date": "2024-11-14T19:52:18+00:00", "generator": { "date": "2024-11-14T19:52:18+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2016:0524", "initial_release_date": "2016-03-30T01:25:12+00:00", "revision_history": [ { "date": "2016-03-30T01:25:12+00:00", "number": "1", "summary": "Initial version" }, { "date": "2016-03-30T01:25:12+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T19:52:18+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "product": { "name": "Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "product_id": "7Server-RH7-RHOS-6.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:openstack:6::el7" } } } ], "category": "product_family", "name": "Red Hat OpenStack Platform" }, { "branches": [ { "category": "product_version", "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.src", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.src", "product_id": "openvswitch-0:2.4.0-2.el7_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64" } } }, { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "product_id": "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.src", "relates_to_product_reference": "7Server-RH7-RHOS-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "product_id": "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "product_id": "7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-6.0" }, { "category": "default_component_of", "full_product_name": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 6.0 (Juno) for RHEL 7", "product_id": "7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" }, "product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "relates_to_product_reference": "7Server-RH7-RHOS-6.0" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Open vSwitch project" ] }, { "names": [ "Bhargava Shastry", "Kashyap Thimmaraju" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2074", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2016-03-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1318553" } ], "notes": [ { "category": "description", "text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "openvswitch: MPLS buffer overflow vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2074" }, { "category": "external", "summary": "RHBZ#1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2074" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074" } ], "release_date": "2016-03-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-03-30T01:25:12+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:0524" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-6.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-6.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-6.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "openvswitch: MPLS buffer overflow vulnerability" } ] }
rhsa-2016_0523
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2016:0523", "url": "https://access.redhat.com/errata/RHSA-2016:0523" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0523.json" } ], "title": "Red Hat Security Advisory: openvswitch security update", "tracking": { "current_release_date": "2024-11-14T19:52:13+00:00", "generator": { "date": "2024-11-14T19:52:13+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2016:0523", "initial_release_date": "2016-03-30T01:25:21+00:00", "revision_history": [ { "date": "2016-03-30T01:25:21+00:00", "number": "1", "summary": "Initial version" }, { "date": "2016-03-30T01:25:21+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T19:52:13+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "product": { "name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "product_id": "7Server-RH7-RHOS-5.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:openstack:5::el7" } } } ], "category": "product_family", "name": "Red Hat OpenStack Platform" }, { "branches": [ { "category": "product_version", "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.src", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.src", "product_id": "openvswitch-0:2.4.0-2.el7_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64" } } }, { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "product_id": "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.src", "relates_to_product_reference": "7Server-RH7-RHOS-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "product_id": "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "product_id": "7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-5.0" }, { "category": "default_component_of", "full_product_name": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "product_id": "7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" }, "product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "relates_to_product_reference": "7Server-RH7-RHOS-5.0" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Open vSwitch project" ] }, { "names": [ "Bhargava Shastry", "Kashyap Thimmaraju" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2074", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2016-03-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1318553" } ], "notes": [ { "category": "description", "text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "openvswitch: MPLS buffer overflow vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2074" }, { "category": "external", "summary": "RHBZ#1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2074" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074" } ], "release_date": "2016-03-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-03-30T01:25:21+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:0523" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-5.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-5.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-5.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "openvswitch: MPLS buffer overflow vulnerability" } ] }
rhsa-2016_0615
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "Updated openvswitch packages that fix one security issue are now available \nfor Red Hat OpenShift Enterprise 3.1.\n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section.", "title": "Topic" }, { "category": "general", "text": "OpenShift Enterprise by Red Hat is the company\u0027s cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments.\n\nA buffer overflow flaw was discovered in the OVS processing of MPLS labels. \nA remote attacker able to deliver a frame containing a malicious MPLS label \nthat would be processed by OVS could trigger the flaw and use the resulting \nmemory corruption to cause a denial of service (DoS) or, possibly, execute \narbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch Project for reporting these \nissues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as \nthe original reporters of CVE-2016-2074.\n\nThis update includes the following images:\n\nopenshift3/openvswitch:v3.1.1.6-9\naep3_beta/openvswitch:v3.1.1.6-9\nopenshift3/node:v3.1.1.6-16\naep3_beta/node:v3.1.1.6-16\n\nAll openvswitch users are advised to upgrade to this updated package, which \ncontains a backported patch to correct this issue.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2016:0615", "url": "https://access.redhat.com/errata/RHSA-2016:0615" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0615.json" } ], "title": "Red Hat Security Advisory: openvswitch security update", "tracking": { "current_release_date": "2024-11-14T19:52:35+00:00", "generator": { "date": "2024-11-14T19:52:35+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2016:0615", "initial_release_date": "2016-04-11T18:54:30+00:00", "revision_history": [ { "date": "2016-04-11T18:54:30+00:00", "number": "1", "summary": "Initial version" }, { "date": "2016-04-11T18:54:30+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T19:52:35+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat OpenShift Enterprise 3.1", "product": { "name": "Red Hat OpenShift Enterprise 3.1", "product_id": "7Server-RH7-RHOSE-3.1", "product_identification_helper": { "cpe": "cpe:/a:redhat:openshift:3.1::el7" } } } ], "category": "product_family", "name": "Red Hat OpenShift Enterprise" }, { "branches": [ { "category": "product_version", "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch" } } }, { "category": "product_version", "name": "openvswitch-test-0:2.4.0-2.el7_2.noarch", "product": { "name": "openvswitch-test-0:2.4.0-2.el7_2.noarch", "product_id": "openvswitch-test-0:2.4.0-2.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-test@2.4.0-2.el7_2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" }, { "branches": [ { "category": "product_version", "name": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-devel@2.4.0-2.el7_2?arch=x86_64" } } }, { "category": "product_version", "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64" } } }, { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.src", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.src", "product_id": "openvswitch-0:2.4.0-2.el7_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src" } } } ], "category": "architecture", "name": "src" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat OpenShift Enterprise 3.1", "product_id": "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.src", "relates_to_product_reference": "7Server-RH7-RHOSE-3.1" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat OpenShift Enterprise 3.1", "product_id": "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.1" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat OpenShift Enterprise 3.1", "product_id": "7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.1" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat OpenShift Enterprise 3.1", "product_id": "7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-devel-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOSE-3.1" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-test-0:2.4.0-2.el7_2.noarch as a component of Red Hat OpenShift Enterprise 3.1", "product_id": "7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch" }, "product_reference": "openvswitch-test-0:2.4.0-2.el7_2.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.1" }, { "category": "default_component_of", "full_product_name": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat OpenShift Enterprise 3.1", "product_id": "7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch" }, "product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "relates_to_product_reference": "7Server-RH7-RHOSE-3.1" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Open vSwitch project" ] }, { "names": [ "Bhargava Shastry", "Kashyap Thimmaraju" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2074", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2016-03-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1318553" } ], "notes": [ { "category": "description", "text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "openvswitch: MPLS buffer overflow vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch", "7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2074" }, { "category": "external", "summary": "RHBZ#1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2074" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074" } ], "release_date": "2016-03-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-04-11T18:54:30+00:00", "details": "Before applying this update, make sure all previously released errata\nrelevant to your system have been applied.\n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch", "7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:0615" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOSE-3.1:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-devel-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOSE-3.1:openvswitch-test-0:2.4.0-2.el7_2.noarch", "7Server-RH7-RHOSE-3.1:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "openvswitch: MPLS buffer overflow vulnerability" } ] }
rhsa-2016_0537
Vulnerability from csaf_redhat
Notes
{ "document": { "aggregate_severity": { "namespace": "https://access.redhat.com/security/updates/classification/", "text": "Important" }, "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.", "tlp": { "label": "WHITE", "url": "https://www.first.org/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "An update for openvswitch is now available for Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7.\n\nRed Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.", "title": "Topic" }, { "category": "general", "text": "Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.\n\nSecurity Fix(es):\n\n* A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.", "title": "Details" }, { "category": "legal_disclaimer", "text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.", "title": "Terms of Use" } ], "publisher": { "category": "vendor", "contact_details": "https://access.redhat.com/security/team/contact/", "issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.", "name": "Red Hat Product Security", "namespace": "https://www.redhat.com" }, "references": [ { "category": "self", "summary": "https://access.redhat.com/errata/RHSA-2016:0537", "url": "https://access.redhat.com/errata/RHSA-2016:0537" }, { "category": "external", "summary": "https://access.redhat.com/security/updates/classification/#important", "url": "https://access.redhat.com/security/updates/classification/#important" }, { "category": "external", "summary": "1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "self", "summary": "Canonical URL", "url": "https://security.access.redhat.com/data/csaf/v2/advisories/2016/rhsa-2016_0537.json" } ], "title": "Red Hat Security Advisory: openvswitch security update", "tracking": { "current_release_date": "2024-11-14T19:52:24+00:00", "generator": { "date": "2024-11-14T19:52:24+00:00", "engine": { "name": "Red Hat SDEngine", "version": "4.2.1" } }, "id": "RHSA-2016:0537", "initial_release_date": "2016-03-30T20:43:00+00:00", "revision_history": [ { "date": "2016-03-30T20:43:00+00:00", "number": "1", "summary": "Initial version" }, { "date": "2016-03-30T20:43:00+00:00", "number": "2", "summary": "Last updated version" }, { "date": "2024-11-14T19:52:24+00:00", "number": "3", "summary": "Last generated version" } ], "status": "final", "version": "3" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_name", "name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product": { "name": "Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0", "product_identification_helper": { "cpe": "cpe:/a:redhat:openstack:7::el7" } } } ], "category": "product_family", "name": "Red Hat OpenStack Platform" }, { "branches": [ { "category": "product_version", "name": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "product": { "name": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "product_id": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-dpdk-debuginfo@2.4.0-0.10346.git97bab959.3.el7_2?arch=x86_64" } } }, { "category": "product_version", "name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "product": { "name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "product_id": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-dpdk@2.4.0-0.10346.git97bab959.3.el7_2?arch=x86_64" } } }, { "category": "product_version", "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-debuginfo@2.4.0-2.el7_2?arch=x86_64" } } }, { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_id": "openvswitch-0:2.4.0-2.el7_2.x86_64", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=x86_64" } } } ], "category": "architecture", "name": "x86_64" }, { "branches": [ { "category": "product_version", "name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src", "product": { "name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src", "product_id": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch-dpdk@2.4.0-0.10346.git97bab959.3.el7_2?arch=src" } } }, { "category": "product_version", "name": "openvswitch-0:2.4.0-2.el7_2.src", "product": { "name": "openvswitch-0:2.4.0-2.el7_2.src", "product_id": "openvswitch-0:2.4.0-2.el7_2.src", "product_identification_helper": { "purl": "pkg:rpm/redhat/openvswitch@2.4.0-2.el7_2?arch=src" } } } ], "category": "architecture", "name": "src" }, { "branches": [ { "category": "product_version", "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_id": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "product_identification_helper": { "purl": "pkg:rpm/redhat/python-openvswitch@2.4.0-2.el7_2?arch=noarch" } } } ], "category": "architecture", "name": "noarch" } ], "category": "vendor", "name": "Red Hat" } ], "relationships": [ { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.src", "relates_to_product_reference": "7Server-RH7-RHOS-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64" }, "product_reference": "openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src" }, "product_reference": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src", "relates_to_product_reference": "7Server-RH7-RHOS-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64" }, "product_reference": "openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64 as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64" }, "product_reference": "openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "relates_to_product_reference": "7Server-RH7-RHOS-7.0" }, { "category": "default_component_of", "full_product_name": { "name": "python-openvswitch-0:2.4.0-2.el7_2.noarch as a component of Red Hat Enterprise Linux OpenStack Platform 7.0 (Kilo) for RHEL 7", "product_id": "7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" }, "product_reference": "python-openvswitch-0:2.4.0-2.el7_2.noarch", "relates_to_product_reference": "7Server-RH7-RHOS-7.0" } ] }, "vulnerabilities": [ { "acknowledgments": [ { "names": [ "the Open vSwitch project" ] }, { "names": [ "Bhargava Shastry", "Kashyap Thimmaraju" ], "summary": "Acknowledged by upstream." } ], "cve": "CVE-2016-2074", "cwe": { "id": "CWE-121", "name": "Stack-based Buffer Overflow" }, "discovery_date": "2016-03-16T00:00:00+00:00", "ids": [ { "system_name": "Red Hat Bugzilla ID", "text": "1318553" } ], "notes": [ { "category": "description", "text": "A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code.", "title": "Vulnerability description" }, { "category": "summary", "text": "openvswitch: MPLS buffer overflow vulnerability", "title": "Vulnerability summary" }, { "category": "general", "text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.", "title": "CVSS score applicability" } ], "product_status": { "fixed": [ "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] }, "references": [ { "category": "self", "summary": "Canonical URL", "url": "https://access.redhat.com/security/cve/CVE-2016-2074" }, { "category": "external", "summary": "RHBZ#1318553", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "category": "external", "summary": "https://www.cve.org/CVERecord?id=CVE-2016-2074", "url": "https://www.cve.org/CVERecord?id=CVE-2016-2074" }, { "category": "external", "summary": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074" } ], "release_date": "2016-03-28T00:00:00+00:00", "remediations": [ { "category": "vendor_fix", "date": "2016-03-30T20:43:00+00:00", "details": "For details on how to apply this update, which includes the changes described in this advisory, refer to:\n\nhttps://access.redhat.com/articles/11258", "product_ids": [ "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ], "restart_required": { "category": "none" }, "url": "https://access.redhat.com/errata/RHSA-2016:0537" } ], "scores": [ { "cvss_v2": { "accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "SINGLE", "availabilityImpact": "COMPLETE", "baseScore": 7.4, "confidentialityImpact": "COMPLETE", "integrityImpact": "COMPLETE", "vectorString": "AV:A/AC:M/Au:S/C:C/I:C/A:C", "version": "2.0" }, "products": [ "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.src", "7Server-RH7-RHOS-7.0:openvswitch-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-debuginfo-0:2.4.0-2.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.src", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "7Server-RH7-RHOS-7.0:openvswitch-dpdk-debuginfo-0:2.4.0-0.10346.git97bab959.3.el7_2.x86_64", "7Server-RH7-RHOS-7.0:python-openvswitch-0:2.4.0-2.el7_2.noarch" ] } ], "threats": [ { "category": "impact", "details": "Important" } ], "title": "openvswitch: MPLS buffer overflow vulnerability" } ] }
ghsa-xfh5-4xfg-3g5f
Vulnerability from github
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.
{ "affected": [], "aliases": [ "CVE-2016-2074" ], "database_specific": { "cwe_ids": [ "CWE-119" ], "github_reviewed": false, "github_reviewed_at": null, "nvd_published_at": "2016-07-03T21:59:00Z", "severity": "CRITICAL" }, "details": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.", "id": "GHSA-xfh5-4xfg-3g5f", "modified": "2022-05-14T03:35:57Z", "published": "2022-05-14T03:35:57Z", "references": [ { "type": "ADVISORY", "url": "https://nvd.nist.gov/vuln/detail/CVE-2016-2074" }, { "type": "WEB", "url": "https://access.redhat.com/errata/RHSA-2016:0615" }, { "type": "WEB", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "type": "WEB", "url": "https://security-tracker.debian.org/tracker/CVE-2016-2074" }, { "type": "WEB", "url": "https://security.gentoo.org/glsa/201701-07" }, { "type": "WEB", "url": "https://support.citrix.com/article/CTX232655" }, { "type": "WEB", "url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html" }, { "type": "WEB", "url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html" }, { "type": "WEB", "url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html" }, { "type": "WEB", "url": "http://www.debian.org/security/2016/dsa-3533" }, { "type": "WEB", "url": "http://www.securityfocus.com/bid/85700" } ], "schema_version": "1.4.0", "severity": [ { "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "type": "CVSS_V3" } ] }
var-201607-0547
Vulnerability from variot
Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. Open vSwitch is prone to multiple remote buffer-overflow vulnerabilities because it fails to adequately bounds check user-supplied data before copying it into an insufficiently sized buffer. Successful exploits may allow attackers to execute arbitrary code or cause denial-of-service conditions. It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. The following versions are affected: OVS Version 2.2.x, Version 2.3.x, Version 2.4.x.
Background
Open vSwitch is a production quality multilayer virtual switch.
Workaround
There is no known workaround at this time.
Resolution
All Open vSwitch users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openvswitch-2.5.0"
References
[ 1 ] CVE-2016-2074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2074
Availability
This GLSA and any updates to it are available for viewing at the Gentoo Security Website:
https://security.gentoo.org/glsa/201701-07
Concerns?
Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.
License
Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).
The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.
http://creativecommons.org/licenses/by-sa/2.5
--FOwRaKoxFb5txc6jCpaFu8xVgvCjK1wAH--
. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
===================================================================== Red Hat Security Advisory
Synopsis: Important: openvswitch security update Advisory ID: RHSA-2016:0615-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2016:0615 Issue date: 2016-04-11 CVE Names: CVE-2016-2074 =====================================================================
- Summary:
Updated openvswitch packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.1.
Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.
- Relevant releases/architectures:
Red Hat OpenShift Enterprise 3.1 - noarch, x86_64
- Description:
OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.
A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)
Red Hat would like to thank the Open vSwitch Project for reporting these issues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters of CVE-2016-2074.
This update includes the following images:
openshift3/openvswitch:v3.1.1.6-9 aep3_beta/openvswitch:v3.1.1.6-9 openshift3/node:v3.1.1.6-16 aep3_beta/node:v3.1.1.6-16
All openvswitch users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
- Solution:
Before applying this update, make sure all previously released errata relevant to your system have been applied.
For details on how to apply this update, refer to:
https://access.redhat.com/articles/11258
- Bugs fixed (https://bugzilla.redhat.com/):
1318553 - CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability
- Package List:
Red Hat OpenShift Enterprise 3.1:
Source: openvswitch-2.4.0-2.el7_2.src.rpm
noarch: openvswitch-test-2.4.0-2.el7_2.noarch.rpm python-openvswitch-2.4.0-2.el7_2.noarch.rpm
x86_64: openvswitch-2.4.0-2.el7_2.x86_64.rpm openvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm openvswitch-devel-2.4.0-2.el7_2.x86_64.rpm
These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/
- References:
https://access.redhat.com/security/cve/CVE-2016-2074 https://access.redhat.com/security/updates/classification/#important
- Contact:
The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/
Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1
iD8DBQFXDKHJXlSAg2UNWIIRArVMAJ9kWC3bedooegoZ6ADWrLKD9xKzCQCfUQmK /IpUBYvFD22Fc2VwgoAoq2g= =EyZn -----END PGP SIGNATURE-----
-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .
For the stable distribution (jessie), this problem has been fixed in version 2.3.0+git20140819-3+deb8u1.
For the unstable distribution (sid), this problem has been fixed in version 2.3.0+git20140819-4.
We recommend that you upgrade your openvswitch packages. Description:
Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic
Show details on source website{ "@context": { "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#", "affected_products": { "@id": "https://www.variotdbs.pl/ref/affected_products" }, "configurations": { "@id": "https://www.variotdbs.pl/ref/configurations" }, "credits": { "@id": "https://www.variotdbs.pl/ref/credits" }, "cvss": { "@id": "https://www.variotdbs.pl/ref/cvss/" }, "description": { "@id": "https://www.variotdbs.pl/ref/description/" }, "exploit_availability": { "@id": "https://www.variotdbs.pl/ref/exploit_availability/" }, "external_ids": { "@id": "https://www.variotdbs.pl/ref/external_ids/" }, "iot": { "@id": "https://www.variotdbs.pl/ref/iot/" }, "iot_taxonomy": { "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/" }, "patch": { "@id": "https://www.variotdbs.pl/ref/patch/" }, "problemtype_data": { "@id": "https://www.variotdbs.pl/ref/problemtype_data/" }, "references": { "@id": "https://www.variotdbs.pl/ref/references/" }, "sources": { "@id": "https://www.variotdbs.pl/ref/sources/" }, "sources_release_date": { "@id": "https://www.variotdbs.pl/ref/sources_release_date/" }, "sources_update_date": { "@id": "https://www.variotdbs.pl/ref/sources_update_date/" }, "threat_type": { "@id": "https://www.variotdbs.pl/ref/threat_type/" }, "title": { "@id": "https://www.variotdbs.pl/ref/title/" }, "type": { "@id": "https://www.variotdbs.pl/ref/type/" } }, "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0547", "affected_products": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/affected_products#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "model": "openshift", "scope": "eq", "trust": 1.6, "vendor": "redhat", "version": "3.1" }, { "model": "openvswitch", "scope": "eq", "trust": 1.0, "vendor": "openvswitch", "version": "2.3.0" }, { "model": "openvswitch", "scope": "eq", "trust": 1.0, "vendor": "openvswitch", "version": "2.4.0" }, { "model": "openvswitch", "scope": "eq", "trust": 1.0, "vendor": "openvswitch", "version": "2.3.1" }, { "model": "openvswitch", "scope": "eq", "trust": 1.0, "vendor": "openvswitch", "version": "2.2.0" }, { "model": "openvswitch", "scope": "eq", "trust": 1.0, "vendor": "openvswitch", "version": "2.3.2" }, { "model": "open vswitch", "scope": "lt", "trust": 0.8, "vendor": "open vswitch", "version": "2.4.x" }, { "model": "open vswitch", "scope": "lt", "trust": 0.8, "vendor": "open vswitch", "version": "2.3.x" }, { "model": "openshift", "scope": "eq", "trust": 0.8, "vendor": "red hat", "version": "enterprise" }, { "model": "open vswitch", "scope": "eq", "trust": 0.8, "vendor": "open vswitch", "version": "2.3.3" }, { "model": "open vswitch", "scope": "eq", "trust": 0.8, "vendor": "open vswitch", "version": "2.2.x" }, { "model": "open vswitch", "scope": "eq", "trust": 0.8, "vendor": "open vswitch", "version": "2.4.1" }, { "model": "openstack", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "7.0" }, { "model": "enterprise linux openstack platform for rhel", "scope": "eq", "trust": 0.3, "vendor": "redhat", "version": "75.0" }, { "model": "vswitch open vswitch", "scope": "eq", "trust": 0.3, "vendor": "open", "version": "2.4" }, { "model": "vswitch open vswitch", "scope": "eq", "trust": 0.3, "vendor": "open", "version": "2.3" }, { "model": "vswitch open vswitch", "scope": "eq", "trust": 0.3, "vendor": "open", "version": "2.2" }, { "model": "linux", "scope": null, "trust": 0.3, "vendor": "gentoo", "version": null }, { "model": "linux sparc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux s/390", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux powerpc", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux mips", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux ia-64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux ia-32", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux arm", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "linux amd64", "scope": "eq", "trust": 0.3, "vendor": "debian", "version": "6.0" }, { "model": "xenserver cu1", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "7.1" }, { "model": "xenserver", "scope": "eq", "trust": 0.3, "vendor": "citrix", "version": "7.0" }, { "model": "vswitch open vswitch", "scope": "ne", "trust": 0.3, "vendor": "open", "version": "2.5" } ], "sources": [ { "db": "BID", "id": "85700" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "db": "NVD", "id": "CVE-2016-2074" }, { "db": "CNNVD", "id": "CNNVD-201603-406" } ] }, "configurations": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/configurations#", "children": { "@container": "@list" }, "cpe_match": { "@container": "@list" }, "data": { "@container": "@list" }, "nodes": { "@container": "@list" } }, "data": [ { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] } ], "sources": [ { "db": "NVD", "id": "CVE-2016-2074" } ] }, "credits": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/credits#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Red Hat", "sources": [ { "db": "PACKETSTORM", "id": "136659" }, { "db": "PACKETSTORM", "id": "136470" }, { "db": "PACKETSTORM", "id": "136469" }, { "db": "PACKETSTORM", "id": "136483" } ], "trust": 0.4 }, "cve": "CVE-2016-2074", "cvss": { "@context": { "cvssV2": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2" }, "cvssV3": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#" }, "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/" }, "severity": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/cvss/severity#" }, "@id": "https://www.variotdbs.pl/ref/cvss/severity" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" }, "@id": "https://www.variotdbs.pl/ref/sources" } }, "data": [ { "cvssV2": [ { "acInsufInfo": false, "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "NVD", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "impactScore": 6.4, "integrityImpact": "PARTIAL", "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "trust": 1.0, "userInteractionRequired": false, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "acInsufInfo": null, "accessComplexity": "Low", "accessVector": "Network", "authentication": "None", "author": "NVD", "availabilityImpact": "Partial", "baseScore": 7.5, "confidentialityImpact": "Partial", "exploitabilityScore": null, "id": "CVE-2016-2074", "impactScore": null, "integrityImpact": "Partial", "obtainAllPrivilege": null, "obtainOtherPrivilege": null, "obtainUserPrivilege": null, "severity": "High", "trust": 0.9, "userInteractionRequired": null, "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "author": "VULHUB", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "exploitabilityScore": 10.0, "id": "VHN-90893", "impactScore": 6.4, "integrityImpact": "PARTIAL", "severity": "HIGH", "trust": 0.1, "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P", "version": "2.0" } ], "cvssV3": [ { "attackComplexity": "LOW", "attackVector": "NETWORK", "author": "NVD", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "exploitabilityScore": 3.9, "impactScore": 5.9, "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "trust": 1.0, "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, { "attackComplexity": "Low", "attackVector": "Network", "author": "NVD", "availabilityImpact": "High", "baseScore": 9.8, "baseSeverity": "Critical", "confidentialityImpact": "High", "exploitabilityScore": null, "id": "CVE-2016-2074", "impactScore": null, "integrityImpact": "High", "privilegesRequired": "None", "scope": "Unchanged", "trust": 0.8, "userInteraction": "None", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" } ], "severity": [ { "author": "NVD", "id": "CVE-2016-2074", "trust": 1.8, "value": "CRITICAL" }, { "author": "CNNVD", "id": "CNNVD-201603-406", "trust": 0.6, "value": "HIGH" }, { "author": "VULHUB", "id": "VHN-90893", "trust": 0.1, "value": "HIGH" }, { "author": "VULMON", "id": "CVE-2016-2074", "trust": 0.1, "value": "HIGH" } ] } ], "sources": [ { "db": "VULHUB", "id": "VHN-90893" }, { "db": "VULMON", "id": "CVE-2016-2074" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "db": "NVD", "id": "CVE-2016-2074" }, { "db": "CNNVD", "id": "CNNVD-201603-406" } ] }, "description": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/description#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. Open vSwitch is prone to multiple remote buffer-overflow vulnerabilities because it fails to adequately bounds check user-supplied data before copying it into an insufficiently sized buffer. \nSuccessful exploits may allow attackers to execute arbitrary code or cause denial-of-service conditions. It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. The following versions are affected: OVS Version 2.2.x, Version 2.3.x, Version 2.4.x. \n\nBackground\n==========\n\nOpen vSwitch is a production quality multilayer virtual switch. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Open vSwitch users should upgrade to the latest version:\n\n # emerge --sync\n # emerge --ask --oneshot --verbose \"\u003e=net-misc/openvswitch-2.5.0\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2074\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2074\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201701-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n--FOwRaKoxFb5txc6jCpaFu8xVgvCjK1wAH--\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n Red Hat Security Advisory\n\nSynopsis: Important: openvswitch security update\nAdvisory ID: RHSA-2016:0615-01\nProduct: Red Hat OpenShift Enterprise\nAdvisory URL: https://access.redhat.com/errata/RHSA-2016:0615\nIssue date: 2016-04-11\nCVE Names: CVE-2016-2074 \n=====================================================================\n\n1. Summary:\n\nUpdated openvswitch packages that fix one security issue are now available \nfor Red Hat OpenShift Enterprise 3.1. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat OpenShift Enterprise 3.1 - noarch, x86_64\n\n3. Description:\n\nOpenShift Enterprise by Red Hat is the company\u0027s cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments. \n\nA buffer overflow flaw was discovered in the OVS processing of MPLS labels. \nA remote attacker able to deliver a frame containing a malicious MPLS label\nthat would be processed by OVS could trigger the flaw and use the resulting\nmemory corruption to cause a denial of service (DoS) or, possibly, execute \narbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch Project for reporting these \nissues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as \nthe original reporters of CVE-2016-2074. \n\nThis update includes the following images:\n\nopenshift3/openvswitch:v3.1.1.6-9\naep3_beta/openvswitch:v3.1.1.6-9\nopenshift3/node:v3.1.1.6-16\naep3_beta/node:v3.1.1.6-16\n\nAll openvswitch users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1318553 - CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability\n\n6. Package List:\n\nRed Hat OpenShift Enterprise 3.1:\n\nSource:\nopenvswitch-2.4.0-2.el7_2.src.rpm\n\nnoarch:\nopenvswitch-test-2.4.0-2.el7_2.noarch.rpm\npython-openvswitch-2.4.0-2.el7_2.noarch.rpm\n\nx86_64:\nopenvswitch-2.4.0-2.el7_2.x86_64.rpm\nopenvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm\nopenvswitch-devel-2.4.0-2.el7_2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security. Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2074\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXDKHJXlSAg2UNWIIRArVMAJ9kWC3bedooegoZ6ADWrLKD9xKzCQCfUQmK\n/IpUBYvFD22Fc2VwgoAoq2g=\n=EyZn\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.3.0+git20140819-3+deb8u1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.3.0+git20140819-4. \n\nWe recommend that you upgrade your openvswitch packages. Description:\n\nOpen vSwitch provides standard network bridging functions and support for\nthe OpenFlow protocol for remote per-flow control of traffic", "sources": [ { "db": "NVD", "id": "CVE-2016-2074" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "db": "BID", "id": "85700" }, { "db": "VULHUB", "id": "VHN-90893" }, { "db": "VULMON", "id": "CVE-2016-2074" }, { "db": "PACKETSTORM", "id": "140320" }, { "db": "PACKETSTORM", "id": "136659" }, { "db": "PACKETSTORM", "id": "136470" }, { "db": "PACKETSTORM", "id": "136464" }, { "db": "PACKETSTORM", "id": "136469" }, { "db": "PACKETSTORM", "id": "136483" } ], "trust": 2.61 }, "external_ids": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/external_ids#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "db": "NVD", "id": "CVE-2016-2074", "trust": 3.5 }, { "db": "BID", "id": "85700", "trust": 1.5 }, { "db": "JVNDB", "id": "JVNDB-2016-003485", "trust": 0.8 }, { "db": "OPENWALL", "id": "OSS-SECURITY/2016/03/29/1", "trust": 0.6 }, { "db": "CNNVD", "id": "CNNVD-201603-406", "trust": 0.6 }, { "db": "PACKETSTORM", "id": "136483", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "136470", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "136659", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "136469", "trust": 0.2 }, { "db": "PACKETSTORM", "id": "136464", "trust": 0.2 }, { "db": "VULHUB", "id": "VHN-90893", "trust": 0.1 }, { "db": "VULMON", "id": "CVE-2016-2074", "trust": 0.1 }, { "db": "PACKETSTORM", "id": "140320", "trust": 0.1 } ], "sources": [ { "db": "VULHUB", "id": "VHN-90893" }, { "db": "VULMON", "id": "CVE-2016-2074" }, { "db": "BID", "id": "85700" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "db": "PACKETSTORM", "id": "140320" }, { "db": "PACKETSTORM", "id": "136659" }, { "db": "PACKETSTORM", "id": "136470" }, { "db": "PACKETSTORM", "id": "136464" }, { "db": "PACKETSTORM", "id": "136469" }, { "db": "PACKETSTORM", "id": "136483" }, { "db": "NVD", "id": "CVE-2016-2074" }, { "db": "CNNVD", "id": "CNNVD-201603-406" } ] }, "id": "VAR-201607-0547", "iot": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/iot#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": true, "sources": [ { "db": "VULHUB", "id": "VHN-90893" } ], "trust": 0.725 }, "last_update_date": "2023-12-18T13:19:40.697000Z", "patch": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/patch#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "title": "[ovs-announce] Open vSwitch 2.4.1 and 2.3.3 Available", "trust": 0.8, "url": "http://openvswitch.org/pipermail/announce/2016-march/000083.html" }, { "title": "Top Page", "trust": 0.8, "url": "http://openvswitch.org/" }, { "title": "[ovs-announce] CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch", "trust": 0.8, "url": "http://openvswitch.org/pipermail/announce/2016-march/000082.html" }, { "title": "Bug 1318553", "trust": 0.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "title": "RHSA-2016:0615", "trust": 0.8, "url": "https://access.redhat.com/errata/rhsa-2016:0615" }, { "title": "CVE-2016-2074", "trust": 0.8, "url": "https://security-tracker.debian.org/tracker/cve-2016-2074" }, { "title": "Debian Security Advisories: DSA-3533-1 openvswitch -- security update", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=315e4d420e18888a1f323d0bb1f6011f" }, { "title": "Red Hat: CVE-2016-2074", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2074" }, { "title": "Citrix Security Bulletins: Citrix XenServer Multiple Security Updates", "trust": 0.1, "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=181b7d97210e9284f8fa51fda2290181" }, { "title": "secure-vhost", "trust": 0.1, "url": "https://github.com/ictyangye/secure-vhost " } ], "sources": [ { "db": "VULMON", "id": "CVE-2016-2074" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" } ] }, "problemtype_data": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "problemtype": "CWE-119", "trust": 1.9 } ], "sources": [ { "db": "VULHUB", "id": "VHN-90893" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "db": "NVD", "id": "CVE-2016-2074" } ] }, "references": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/references#", "data": { "@container": "@list" }, "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": [ { "trust": 1.8, "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "trust": 1.8, "url": "https://security-tracker.debian.org/tracker/cve-2016-2074" }, { "trust": 1.8, "url": "http://openvswitch.org/pipermail/announce/2016-march/000082.html" }, { "trust": 1.8, "url": "http://openvswitch.org/pipermail/announce/2016-march/000083.html" }, { "trust": 1.5, "url": "https://support.citrix.com/article/ctx232655" }, { "trust": 1.3, "url": "http://www.securityfocus.com/bid/85700" }, { "trust": 1.3, "url": "https://security.gentoo.org/glsa/201701-07" }, { "trust": 1.3, "url": "http://rhn.redhat.com/errata/rhsa-2016-0523.html" }, { "trust": 1.3, "url": "http://rhn.redhat.com/errata/rhsa-2016-0524.html" }, { "trust": 1.3, "url": "http://rhn.redhat.com/errata/rhsa-2016-0537.html" }, { "trust": 1.3, "url": "https://access.redhat.com/errata/rhsa-2016:0615" }, { "trust": 1.2, "url": "http://www.debian.org/security/2016/dsa-3533" }, { "trust": 0.9, "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2074" }, { "trust": 0.8, "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2074" }, { "trust": 0.6, "url": "http://www.openwall.com/lists/oss-security/2016/03/29/1" }, { "trust": 0.5, "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2074" }, { "trust": 0.4, "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce" }, { "trust": 0.4, "url": "https://bugzilla.redhat.com/):" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/key/" }, { "trust": 0.4, "url": "https://access.redhat.com/articles/11258" }, { "trust": 0.4, "url": "https://access.redhat.com/security/cve/cve-2016-2074" }, { "trust": 0.4, "url": "https://access.redhat.com/security/team/contact/" }, { "trust": 0.4, "url": "https://access.redhat.com/security/updates/classification/#important" }, { "trust": 0.3, "url": "http://openvswitch.org/" }, { "trust": 0.3, "url": "http://seclists.org/oss-sec/2016/q1/706" }, { "trust": 0.3, "url": "https://access.redhat.com/errata/rhsa-2016:0537" }, { "trust": 0.1, "url": "https://cwe.mitre.org/data/definitions/119.html" }, { "trust": 0.1, "url": "https://github.com/ictyangye/secure-vhost" }, { "trust": 0.1, "url": "https://nvd.nist.gov" }, { "trust": 0.1, "url": "https://www.debian.org/security/./dsa-3533" }, { "trust": 0.1, "url": "http://creativecommons.org/licenses/by-sa/2.5" }, { "trust": 0.1, "url": "https://security.gentoo.org/" }, { "trust": 0.1, "url": "https://bugs.gentoo.org." }, { "trust": 0.1, "url": "https://www.debian.org/security/" }, { "trust": 0.1, "url": "https://www.debian.org/security/faq" } ], "sources": [ { "db": "VULHUB", "id": "VHN-90893" }, { "db": "VULMON", "id": "CVE-2016-2074" }, { "db": "BID", "id": "85700" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "db": "PACKETSTORM", "id": "140320" }, { "db": "PACKETSTORM", "id": "136659" }, { "db": "PACKETSTORM", "id": "136470" }, { "db": "PACKETSTORM", "id": "136464" }, { "db": "PACKETSTORM", "id": "136469" }, { "db": "PACKETSTORM", "id": "136483" }, { "db": "NVD", "id": "CVE-2016-2074" }, { "db": "CNNVD", "id": "CNNVD-201603-406" } ] }, "sources": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#", "data": { "@container": "@list" } }, "data": [ { "db": "VULHUB", "id": "VHN-90893" }, { "db": "VULMON", "id": "CVE-2016-2074" }, { "db": "BID", "id": "85700" }, { "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "db": "PACKETSTORM", "id": "140320" }, { "db": "PACKETSTORM", "id": "136659" }, { "db": "PACKETSTORM", "id": "136470" }, { "db": "PACKETSTORM", "id": "136464" }, { "db": "PACKETSTORM", "id": "136469" }, { "db": "PACKETSTORM", "id": "136483" }, { "db": "NVD", "id": "CVE-2016-2074" }, { "db": "CNNVD", "id": "CNNVD-201603-406" } ] }, "sources_release_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2016-07-03T00:00:00", "db": "VULHUB", "id": "VHN-90893" }, { "date": "2016-07-03T00:00:00", "db": "VULMON", "id": "CVE-2016-2074" }, { "date": "2016-03-28T00:00:00", "db": "BID", "id": "85700" }, { "date": "2016-07-11T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "date": "2017-01-02T16:48:46", "db": "PACKETSTORM", "id": "140320" }, { "date": "2016-04-12T15:13:15", "db": "PACKETSTORM", "id": "136659" }, { "date": "2016-03-30T15:10:59", "db": "PACKETSTORM", "id": "136470" }, { "date": "2016-03-29T15:15:27", "db": "PACKETSTORM", "id": "136464" }, { "date": "2016-03-30T15:10:48", "db": "PACKETSTORM", "id": "136469" }, { "date": "2016-03-30T23:29:15", "db": "PACKETSTORM", "id": "136483" }, { "date": "2016-07-03T21:59:10.837000", "db": "NVD", "id": "CVE-2016-2074" }, { "date": "2016-03-29T00:00:00", "db": "CNNVD", "id": "CNNVD-201603-406" } ] }, "sources_update_date": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#", "data": { "@container": "@list" } }, "data": [ { "date": "2018-03-23T00:00:00", "db": "VULHUB", "id": "VHN-90893" }, { "date": "2018-03-23T00:00:00", "db": "VULMON", "id": "CVE-2016-2074" }, { "date": "2018-03-23T08:00:00", "db": "BID", "id": "85700" }, { "date": "2016-09-05T00:00:00", "db": "JVNDB", "id": "JVNDB-2016-003485" }, { "date": "2018-03-23T01:29:00.523000", "db": "NVD", "id": "CVE-2016-2074" }, { "date": "2016-07-04T00:00:00", "db": "CNNVD", "id": "CNNVD-201603-406" } ] }, "threat_type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/threat_type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "remote", "sources": [ { "db": "PACKETSTORM", "id": "140320" }, { "db": "PACKETSTORM", "id": "136659" }, { "db": "PACKETSTORM", "id": "136470" }, { "db": "PACKETSTORM", "id": "136464" }, { "db": "PACKETSTORM", "id": "136469" }, { "db": "PACKETSTORM", "id": "136483" }, { "db": "CNNVD", "id": "CNNVD-201603-406" } ], "trust": 1.2 }, "title": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/title#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "Open vSwitch of ovs-vswitchd of lib/flow.c Vulnerable to buffer overflow", "sources": [ { "db": "JVNDB", "id": "JVNDB-2016-003485" } ], "trust": 0.8 }, "type": { "@context": { "@vocab": "https://www.variotdbs.pl/ref/type#", "sources": { "@container": "@list", "@context": { "@vocab": "https://www.variotdbs.pl/ref/sources#" } } }, "data": "overflow, arbitrary", "sources": [ { "db": "PACKETSTORM", "id": "140320" }, { "db": "PACKETSTORM", "id": "136659" }, { "db": "PACKETSTORM", "id": "136470" }, { "db": "PACKETSTORM", "id": "136464" }, { "db": "PACKETSTORM", "id": "136469" }, { "db": "PACKETSTORM", "id": "136483" } ], "trust": 0.6 } }
gsd-2016-2074
Vulnerability from gsd
{ "GSD": { "alias": "CVE-2016-2074", "description": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.", "id": "GSD-2016-2074", "references": [ "https://www.suse.com/security/cve/CVE-2016-2074.html", "https://www.debian.org/security/2016/dsa-3533", "https://access.redhat.com/errata/RHSA-2016:0615", "https://access.redhat.com/errata/RHSA-2016:0537", "https://access.redhat.com/errata/RHSA-2016:0524", "https://access.redhat.com/errata/RHSA-2016:0523" ] }, "gsd": { "metadata": { "exploitCode": "unknown", "remediation": "unknown", "reportConfidence": "confirmed", "type": "vulnerability" }, "osvSchema": { "aliases": [ "CVE-2016-2074" ], "details": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command.", "id": "GSD-2016-2074", "modified": "2023-12-13T01:21:19.416119Z", "schema_version": "1.4.0" } }, "namespaces": { "cve.org": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-2074", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch", "refsource": "MLIST", "url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html" }, { "name": "RHSA-2016:0537", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html" }, { "name": "RHSA-2016:0524", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "name": "DSA-3533", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3533" }, { "name": "RHSA-2016:0615", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:0615" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2016-2074", "refsource": "CONFIRM", "url": "https://security-tracker.debian.org/tracker/CVE-2016-2074" }, { "name": "GLSA-201701-07", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201701-07" }, { "name": "https://support.citrix.com/article/CTX232655", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX232655" }, { "name": "RHSA-2016:0523", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html" }, { "name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available", "refsource": "MLIST", "url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html" }, { "name": "85700", "refsource": "BID", "url": "http://www.securityfocus.com/bid/85700" } ] } }, "nvd.nist.gov": { "configurations": { "CVE_data_version": "4.0", "nodes": [ { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.2:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.1:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.4.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.2.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true }, { "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" }, { "children": [], "cpe_match": [ { "cpe23Uri": "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*", "cpe_name": [], "vulnerable": true } ], "operator": "OR" } ] }, "cve": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-2074" }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "en", "value": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "en", "value": "CWE-119" } ] } ] }, "references": { "reference_data": [ { "name": "[ovs-announce] 20160328 CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch", "refsource": "MLIST", "tags": [ "Vendor Advisory" ], "url": "http://openvswitch.org/pipermail/announce/2016-March/000082.html" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553", "refsource": "CONFIRM", "tags": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553" }, { "name": "https://security-tracker.debian.org/tracker/CVE-2016-2074", "refsource": "CONFIRM", "tags": [], "url": "https://security-tracker.debian.org/tracker/CVE-2016-2074" }, { "name": "[ovs-announce] 20160328 Open vSwitch 2.4.1 and 2.3.3 Available", "refsource": "MLIST", "tags": [ "Patch" ], "url": "http://openvswitch.org/pipermail/announce/2016-March/000083.html" }, { "name": "RHSA-2016:0615", "refsource": "REDHAT", "tags": [], "url": "https://access.redhat.com/errata/RHSA-2016:0615" }, { "name": "85700", "refsource": "BID", "tags": [], "url": "http://www.securityfocus.com/bid/85700" }, { "name": "GLSA-201701-07", "refsource": "GENTOO", "tags": [], "url": "https://security.gentoo.org/glsa/201701-07" }, { "name": "DSA-3533", "refsource": "DEBIAN", "tags": [], "url": "http://www.debian.org/security/2016/dsa-3533" }, { "name": "RHSA-2016:0537", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0537.html" }, { "name": "RHSA-2016:0524", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0524.html" }, { "name": "RHSA-2016:0523", "refsource": "REDHAT", "tags": [], "url": "http://rhn.redhat.com/errata/RHSA-2016-0523.html" }, { "name": "https://support.citrix.com/article/CTX232655", "refsource": "CONFIRM", "tags": [], "url": "https://support.citrix.com/article/CTX232655" } ] } }, "impact": { "baseMetricV2": { "cvssV2": { "accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 7.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P", "version": "2.0" }, "exploitabilityScore": 10.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "severity": "HIGH", "userInteractionRequired": false }, "baseMetricV3": { "cvssV3": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.0" }, "exploitabilityScore": 3.9, "impactScore": 5.9 } }, "lastModifiedDate": "2018-03-23T01:29Z", "publishedDate": "2016-07-03T21:59Z" } } }
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.