var-201607-0547
Vulnerability from variot

Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. Open vSwitch is prone to multiple remote buffer-overflow vulnerabilities because it fails to adequately bounds check user-supplied data before copying it into an insufficiently sized buffer. Successful exploits may allow attackers to execute arbitrary code or cause denial-of-service conditions. It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. The following versions are affected: OVS Version 2.2.x, Version 2.3.x, Version 2.4.x.

Background

Open vSwitch is a production quality multilayer virtual switch.

Workaround

There is no known workaround at this time.

Resolution

All Open vSwitch users should upgrade to the latest version:

# emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/openvswitch-2.5.0"

References

[ 1 ] CVE-2016-2074 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2074

Availability

This GLSA and any updates to it are available for viewing at the Gentoo Security Website:

https://security.gentoo.org/glsa/201701-07

Concerns?

Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org.

License

Copyright 2017 Gentoo Foundation, Inc; referenced text belongs to its owner(s).

The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.5

--FOwRaKoxFb5txc6jCpaFu8xVgvCjK1wAH--

. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1

===================================================================== Red Hat Security Advisory

Synopsis: Important: openvswitch security update Advisory ID: RHSA-2016:0615-01 Product: Red Hat OpenShift Enterprise Advisory URL: https://access.redhat.com/errata/RHSA-2016:0615 Issue date: 2016-04-11 CVE Names: CVE-2016-2074 =====================================================================

  1. Summary:

Updated openvswitch packages that fix one security issue are now available for Red Hat OpenShift Enterprise 3.1.

Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available from the CVE link in the References section.

  1. Relevant releases/architectures:

Red Hat OpenShift Enterprise 3.1 - noarch, x86_64

  1. Description:

OpenShift Enterprise by Red Hat is the company's cloud computing Platform-as-a-Service (PaaS) solution designed for on-premise or private cloud deployments.

A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)

Red Hat would like to thank the Open vSwitch Project for reporting these issues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters of CVE-2016-2074.

This update includes the following images:

openshift3/openvswitch:v3.1.1.6-9 aep3_beta/openvswitch:v3.1.1.6-9 openshift3/node:v3.1.1.6-16 aep3_beta/node:v3.1.1.6-16

All openvswitch users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.

  1. Solution:

Before applying this update, make sure all previously released errata relevant to your system have been applied.

For details on how to apply this update, refer to:

https://access.redhat.com/articles/11258

  1. Bugs fixed (https://bugzilla.redhat.com/):

1318553 - CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability

  1. Package List:

Red Hat OpenShift Enterprise 3.1:

Source: openvswitch-2.4.0-2.el7_2.src.rpm

noarch: openvswitch-test-2.4.0-2.el7_2.noarch.rpm python-openvswitch-2.4.0-2.el7_2.noarch.rpm

x86_64: openvswitch-2.4.0-2.el7_2.x86_64.rpm openvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm openvswitch-devel-2.4.0-2.el7_2.x86_64.rpm

These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from https://access.redhat.com/security/team/key/

  1. References:

https://access.redhat.com/security/cve/CVE-2016-2074 https://access.redhat.com/security/updates/classification/#important

  1. Contact:

The Red Hat security contact is secalert@redhat.com. More contact details at https://access.redhat.com/security/team/contact/

Copyright 2016 Red Hat, Inc. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1

iD8DBQFXDKHJXlSAg2UNWIIRArVMAJ9kWC3bedooegoZ6ADWrLKD9xKzCQCfUQmK /IpUBYvFD22Fc2VwgoAoq2g= =EyZn -----END PGP SIGNATURE-----

-- RHSA-announce mailing list RHSA-announce@redhat.com https://www.redhat.com/mailman/listinfo/rhsa-announce .

For the stable distribution (jessie), this problem has been fixed in version 2.3.0+git20140819-3+deb8u1.

For the unstable distribution (sid), this problem has been fixed in version 2.3.0+git20140819-4.

We recommend that you upgrade your openvswitch packages. Description:

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic

Show details on source website


{
  "@context": {
    "@vocab": "https://www.variotdbs.pl/ref/VARIoTentry#",
    "affected_products": {
      "@id": "https://www.variotdbs.pl/ref/affected_products"
    },
    "configurations": {
      "@id": "https://www.variotdbs.pl/ref/configurations"
    },
    "credits": {
      "@id": "https://www.variotdbs.pl/ref/credits"
    },
    "cvss": {
      "@id": "https://www.variotdbs.pl/ref/cvss/"
    },
    "description": {
      "@id": "https://www.variotdbs.pl/ref/description/"
    },
    "exploit_availability": {
      "@id": "https://www.variotdbs.pl/ref/exploit_availability/"
    },
    "external_ids": {
      "@id": "https://www.variotdbs.pl/ref/external_ids/"
    },
    "iot": {
      "@id": "https://www.variotdbs.pl/ref/iot/"
    },
    "iot_taxonomy": {
      "@id": "https://www.variotdbs.pl/ref/iot_taxonomy/"
    },
    "patch": {
      "@id": "https://www.variotdbs.pl/ref/patch/"
    },
    "problemtype_data": {
      "@id": "https://www.variotdbs.pl/ref/problemtype_data/"
    },
    "references": {
      "@id": "https://www.variotdbs.pl/ref/references/"
    },
    "sources": {
      "@id": "https://www.variotdbs.pl/ref/sources/"
    },
    "sources_release_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_release_date/"
    },
    "sources_update_date": {
      "@id": "https://www.variotdbs.pl/ref/sources_update_date/"
    },
    "threat_type": {
      "@id": "https://www.variotdbs.pl/ref/threat_type/"
    },
    "title": {
      "@id": "https://www.variotdbs.pl/ref/title/"
    },
    "type": {
      "@id": "https://www.variotdbs.pl/ref/type/"
    }
  },
  "@id": "https://www.variotdbs.pl/vuln/VAR-201607-0547",
  "affected_products": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/affected_products#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "model": "openshift",
        "scope": "eq",
        "trust": 1.6,
        "vendor": "redhat",
        "version": "3.1"
      },
      {
        "model": "openvswitch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openvswitch",
        "version": "2.3.0"
      },
      {
        "model": "openvswitch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openvswitch",
        "version": "2.4.0"
      },
      {
        "model": "openvswitch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openvswitch",
        "version": "2.3.1"
      },
      {
        "model": "openvswitch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openvswitch",
        "version": "2.2.0"
      },
      {
        "model": "openvswitch",
        "scope": "eq",
        "trust": 1.0,
        "vendor": "openvswitch",
        "version": "2.3.2"
      },
      {
        "model": "open vswitch",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "open vswitch",
        "version": "2.4.x"
      },
      {
        "model": "open vswitch",
        "scope": "lt",
        "trust": 0.8,
        "vendor": "open vswitch",
        "version": "2.3.x"
      },
      {
        "model": "openshift",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "red hat",
        "version": "enterprise"
      },
      {
        "model": "open vswitch",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "open vswitch",
        "version": "2.3.3"
      },
      {
        "model": "open vswitch",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "open vswitch",
        "version": "2.2.x"
      },
      {
        "model": "open vswitch",
        "scope": "eq",
        "trust": 0.8,
        "vendor": "open vswitch",
        "version": "2.4.1"
      },
      {
        "model": "openstack",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "7.0"
      },
      {
        "model": "enterprise linux openstack platform for rhel",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "redhat",
        "version": "75.0"
      },
      {
        "model": "vswitch open vswitch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "open",
        "version": "2.4"
      },
      {
        "model": "vswitch open vswitch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "open",
        "version": "2.3"
      },
      {
        "model": "vswitch open vswitch",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "open",
        "version": "2.2"
      },
      {
        "model": "linux",
        "scope": null,
        "trust": 0.3,
        "vendor": "gentoo",
        "version": null
      },
      {
        "model": "linux sparc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux s/390",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux powerpc",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux mips",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux ia-64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux ia-32",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux arm",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "linux amd64",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "debian",
        "version": "6.0"
      },
      {
        "model": "xenserver cu1",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "citrix",
        "version": "7.1"
      },
      {
        "model": "xenserver",
        "scope": "eq",
        "trust": 0.3,
        "vendor": "citrix",
        "version": "7.0"
      },
      {
        "model": "vswitch open vswitch",
        "scope": "ne",
        "trust": 0.3,
        "vendor": "open",
        "version": "2.5"
      }
    ],
    "sources": [
      {
        "db": "BID",
        "id": "85700"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ]
  },
  "configurations": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/configurations#",
      "children": {
        "@container": "@list"
      },
      "cpe_match": {
        "@container": "@list"
      },
      "data": {
        "@container": "@list"
      },
      "nodes": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.2:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.1:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.4.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.2.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:openvswitch:openvswitch:2.3.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:redhat:openshift:3.1:*:*:*:enterprise:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      }
    ]
  },
  "credits": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/credits#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Red Hat",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "db": "PACKETSTORM",
        "id": "136483"
      }
    ],
    "trust": 0.4
  },
  "cve": "CVE-2016-2074",
  "cvss": {
    "@context": {
      "cvssV2": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV2#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV2"
      },
      "cvssV3": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/cvss/cvssV3#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/cvssV3/"
      },
      "severity": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/cvss/severity#"
        },
        "@id": "https://www.variotdbs.pl/ref/cvss/severity"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        },
        "@id": "https://www.variotdbs.pl/ref/sources"
      }
    },
    "data": [
      {
        "cvssV2": [
          {
            "acInsufInfo": false,
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "NVD",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "obtainAllPrivilege": false,
            "obtainOtherPrivilege": false,
            "obtainUserPrivilege": false,
            "severity": "HIGH",
            "trust": 1.0,
            "userInteractionRequired": false,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "acInsufInfo": null,
            "accessComplexity": "Low",
            "accessVector": "Network",
            "authentication": "None",
            "author": "NVD",
            "availabilityImpact": "Partial",
            "baseScore": 7.5,
            "confidentialityImpact": "Partial",
            "exploitabilityScore": null,
            "id": "CVE-2016-2074",
            "impactScore": null,
            "integrityImpact": "Partial",
            "obtainAllPrivilege": null,
            "obtainOtherPrivilege": null,
            "obtainUserPrivilege": null,
            "severity": "High",
            "trust": 0.9,
            "userInteractionRequired": null,
            "vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
            "version": "2.0"
          },
          {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "NONE",
            "author": "VULHUB",
            "availabilityImpact": "PARTIAL",
            "baseScore": 7.5,
            "confidentialityImpact": "PARTIAL",
            "exploitabilityScore": 10.0,
            "id": "VHN-90893",
            "impactScore": 6.4,
            "integrityImpact": "PARTIAL",
            "severity": "HIGH",
            "trust": 0.1,
            "vectorString": "AV:N/AC:L/AU:N/C:P/I:P/A:P",
            "version": "2.0"
          }
        ],
        "cvssV3": [
          {
            "attackComplexity": "LOW",
            "attackVector": "NETWORK",
            "author": "NVD",
            "availabilityImpact": "HIGH",
            "baseScore": 9.8,
            "baseSeverity": "CRITICAL",
            "confidentialityImpact": "HIGH",
            "exploitabilityScore": 3.9,
            "impactScore": 5.9,
            "integrityImpact": "HIGH",
            "privilegesRequired": "NONE",
            "scope": "UNCHANGED",
            "trust": 1.0,
            "userInteraction": "NONE",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          },
          {
            "attackComplexity": "Low",
            "attackVector": "Network",
            "author": "NVD",
            "availabilityImpact": "High",
            "baseScore": 9.8,
            "baseSeverity": "Critical",
            "confidentialityImpact": "High",
            "exploitabilityScore": null,
            "id": "CVE-2016-2074",
            "impactScore": null,
            "integrityImpact": "High",
            "privilegesRequired": "None",
            "scope": "Unchanged",
            "trust": 0.8,
            "userInteraction": "None",
            "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
            "version": "3.0"
          }
        ],
        "severity": [
          {
            "author": "NVD",
            "id": "CVE-2016-2074",
            "trust": 1.8,
            "value": "CRITICAL"
          },
          {
            "author": "CNNVD",
            "id": "CNNVD-201603-406",
            "trust": 0.6,
            "value": "HIGH"
          },
          {
            "author": "VULHUB",
            "id": "VHN-90893",
            "trust": 0.1,
            "value": "HIGH"
          },
          {
            "author": "VULMON",
            "id": "CVE-2016-2074",
            "trust": 0.1,
            "value": "HIGH"
          }
        ]
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ]
  },
  "description": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/description#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Buffer overflow in lib/flow.c in ovs-vswitchd in Open vSwitch 2.2.x and 2.3.x before 2.3.3 and 2.4.x before 2.4.1 allows remote attackers to execute arbitrary code via crafted MPLS packets, as demonstrated by a long string in an ovs-appctl command. Open vSwitch is prone to multiple remote buffer-overflow vulnerabilities because it fails to adequately bounds check user-supplied data before copying it into an insufficiently sized buffer. \nSuccessful exploits may allow attackers to execute arbitrary code or cause denial-of-service conditions. It supports large-scale network automation, standard management interfaces and protocols, etc. through programming extensions. The following versions are affected: OVS Version 2.2.x, Version 2.3.x, Version 2.4.x. \n\nBackground\n==========\n\nOpen vSwitch is a production quality multilayer virtual switch. \n\nWorkaround\n==========\n\nThere is no known workaround at this time. \n\nResolution\n==========\n\nAll Open vSwitch users should upgrade to the latest version:\n\n  # emerge --sync\n  # emerge --ask --oneshot --verbose \"\u003e=net-misc/openvswitch-2.5.0\"\n\nReferences\n==========\n\n[ 1 ] CVE-2016-2074\n      http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2074\n\nAvailability\n============\n\nThis GLSA and any updates to it are available for viewing at\nthe Gentoo Security Website:\n\n https://security.gentoo.org/glsa/201701-07\n\nConcerns?\n=========\n\nSecurity is a primary focus of Gentoo Linux and ensuring the\nconfidentiality and security of our users\u0027 machines is of utmost\nimportance to us. Any security concerns should be addressed to\nsecurity@gentoo.org or alternatively, you may file a bug at\nhttps://bugs.gentoo.org. \n\nLicense\n=======\n\nCopyright 2017 Gentoo Foundation, Inc; referenced text\nbelongs to its owner(s). \n\nThe contents of this document are licensed under the\nCreative Commons - Attribution / Share Alike license. \n\nhttp://creativecommons.org/licenses/by-sa/2.5\n\n\n--FOwRaKoxFb5txc6jCpaFu8xVgvCjK1wAH--\n\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n=====================================================================\n                   Red Hat Security Advisory\n\nSynopsis:          Important: openvswitch security update\nAdvisory ID:       RHSA-2016:0615-01\nProduct:           Red Hat OpenShift Enterprise\nAdvisory URL:      https://access.redhat.com/errata/RHSA-2016:0615\nIssue date:        2016-04-11\nCVE Names:         CVE-2016-2074 \n=====================================================================\n\n1. Summary:\n\nUpdated openvswitch packages that fix one security issue are now available \nfor Red Hat OpenShift Enterprise 3.1. \n\nRed Hat Product Security has rated this update as having Important security\nimpact. A Common Vulnerability Scoring System (CVSS) base score, which\ngives a detailed severity rating, is available from the CVE link in the\nReferences section. \n\n2. Relevant releases/architectures:\n\nRed Hat OpenShift Enterprise 3.1 - noarch, x86_64\n\n3. Description:\n\nOpenShift Enterprise by Red Hat is the company\u0027s cloud computing\nPlatform-as-a-Service (PaaS) solution designed for on-premise or private\ncloud deployments. \n\nA buffer overflow flaw was discovered in the OVS processing of MPLS labels. \nA remote attacker able to deliver a frame containing a malicious MPLS label\nthat would be processed by OVS could trigger the flaw and use the resulting\nmemory corruption to cause a denial of service (DoS) or, possibly, execute \narbitrary code. (CVE-2016-2074)\n\nRed Hat would like to thank the Open vSwitch Project for reporting these \nissues. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as \nthe original reporters of CVE-2016-2074. \n\nThis update includes the following images:\n\nopenshift3/openvswitch:v3.1.1.6-9\naep3_beta/openvswitch:v3.1.1.6-9\nopenshift3/node:v3.1.1.6-16\naep3_beta/node:v3.1.1.6-16\n\nAll openvswitch users are advised to upgrade to this updated package, which\ncontains a backported patch to correct this issue. \n\n4. Solution:\n\nBefore applying this update, make sure all previously released errata\nrelevant to your system have been applied. \n\nFor details on how to apply this update, refer to:\n\nhttps://access.redhat.com/articles/11258\n\n5. Bugs fixed (https://bugzilla.redhat.com/):\n\n1318553 - CVE-2016-2074 openvswitch: MPLS buffer overflow vulnerability\n\n6. Package List:\n\nRed Hat OpenShift Enterprise 3.1:\n\nSource:\nopenvswitch-2.4.0-2.el7_2.src.rpm\n\nnoarch:\nopenvswitch-test-2.4.0-2.el7_2.noarch.rpm\npython-openvswitch-2.4.0-2.el7_2.noarch.rpm\n\nx86_64:\nopenvswitch-2.4.0-2.el7_2.x86_64.rpm\nopenvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm\nopenvswitch-devel-2.4.0-2.el7_2.x86_64.rpm\n\nThese packages are GPG signed by Red Hat for security.  Our key and\ndetails on how to verify the signature are available from\nhttps://access.redhat.com/security/team/key/\n\n7. References:\n\nhttps://access.redhat.com/security/cve/CVE-2016-2074\nhttps://access.redhat.com/security/updates/classification/#important\n\n8. Contact:\n\nThe Red Hat security contact is \u003csecalert@redhat.com\u003e. More contact\ndetails at https://access.redhat.com/security/team/contact/\n\nCopyright 2016 Red Hat, Inc. \n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1\n\niD8DBQFXDKHJXlSAg2UNWIIRArVMAJ9kWC3bedooegoZ6ADWrLKD9xKzCQCfUQmK\n/IpUBYvFD22Fc2VwgoAoq2g=\n=EyZn\n-----END PGP SIGNATURE-----\n\n\n--\nRHSA-announce mailing list\nRHSA-announce@redhat.com\nhttps://www.redhat.com/mailman/listinfo/rhsa-announce\n. \n\nFor the stable distribution (jessie), this problem has been fixed in\nversion 2.3.0+git20140819-3+deb8u1. \n\nFor the unstable distribution (sid), this problem has been fixed in\nversion 2.3.0+git20140819-4. \n\nWe recommend that you upgrade your openvswitch packages. Description:\n\nOpen vSwitch provides standard network bridging functions and support for\nthe OpenFlow protocol for remote per-flow control of traffic",
    "sources": [
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "db": "BID",
        "id": "85700"
      },
      {
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "db": "PACKETSTORM",
        "id": "140320"
      },
      {
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "db": "PACKETSTORM",
        "id": "136464"
      },
      {
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "db": "PACKETSTORM",
        "id": "136483"
      }
    ],
    "trust": 2.61
  },
  "external_ids": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/external_ids#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "db": "NVD",
        "id": "CVE-2016-2074",
        "trust": 3.5
      },
      {
        "db": "BID",
        "id": "85700",
        "trust": 1.5
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485",
        "trust": 0.8
      },
      {
        "db": "OPENWALL",
        "id": "OSS-SECURITY/2016/03/29/1",
        "trust": 0.6
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201603-406",
        "trust": 0.6
      },
      {
        "db": "PACKETSTORM",
        "id": "136483",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "136470",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "136659",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "136469",
        "trust": 0.2
      },
      {
        "db": "PACKETSTORM",
        "id": "136464",
        "trust": 0.2
      },
      {
        "db": "VULHUB",
        "id": "VHN-90893",
        "trust": 0.1
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2074",
        "trust": 0.1
      },
      {
        "db": "PACKETSTORM",
        "id": "140320",
        "trust": 0.1
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "db": "BID",
        "id": "85700"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "db": "PACKETSTORM",
        "id": "140320"
      },
      {
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "db": "PACKETSTORM",
        "id": "136464"
      },
      {
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "db": "PACKETSTORM",
        "id": "136483"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ]
  },
  "id": "VAR-201607-0547",
  "iot": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/iot#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": true,
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90893"
      }
    ],
    "trust": 0.725
  },
  "last_update_date": "2023-12-18T13:19:40.697000Z",
  "patch": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/patch#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "title": "[ovs-announce] Open vSwitch 2.4.1 and 2.3.3 Available",
        "trust": 0.8,
        "url": "http://openvswitch.org/pipermail/announce/2016-march/000083.html"
      },
      {
        "title": "Top Page",
        "trust": 0.8,
        "url": "http://openvswitch.org/"
      },
      {
        "title": "[ovs-announce] CVE-2016-2074: MPLS buffer overflow vulnerabilities in Open vSwitch",
        "trust": 0.8,
        "url": "http://openvswitch.org/pipermail/announce/2016-march/000082.html"
      },
      {
        "title": "Bug 1318553",
        "trust": 0.8,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
      },
      {
        "title": "RHSA-2016:0615",
        "trust": 0.8,
        "url": "https://access.redhat.com/errata/rhsa-2016:0615"
      },
      {
        "title": "CVE-2016-2074",
        "trust": 0.8,
        "url": "https://security-tracker.debian.org/tracker/cve-2016-2074"
      },
      {
        "title": "Debian Security Advisories: DSA-3533-1 openvswitch -- security update",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=315e4d420e18888a1f323d0bb1f6011f"
      },
      {
        "title": "Red Hat: CVE-2016-2074",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database\u0026qid=cve-2016-2074"
      },
      {
        "title": "Citrix Security Bulletins: Citrix XenServer Multiple Security Updates",
        "trust": 0.1,
        "url": "https://vulmon.com/vendoradvisory?qidtp=citrix_security_bulletins\u0026qid=181b7d97210e9284f8fa51fda2290181"
      },
      {
        "title": "secure-vhost",
        "trust": 0.1,
        "url": "https://github.com/ictyangye/secure-vhost "
      }
    ],
    "sources": [
      {
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      }
    ]
  },
  "problemtype_data": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/problemtype_data#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "problemtype": "CWE-119",
        "trust": 1.9
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      }
    ]
  },
  "references": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/references#",
      "data": {
        "@container": "@list"
      },
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": [
      {
        "trust": 1.8,
        "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1318553"
      },
      {
        "trust": 1.8,
        "url": "https://security-tracker.debian.org/tracker/cve-2016-2074"
      },
      {
        "trust": 1.8,
        "url": "http://openvswitch.org/pipermail/announce/2016-march/000082.html"
      },
      {
        "trust": 1.8,
        "url": "http://openvswitch.org/pipermail/announce/2016-march/000083.html"
      },
      {
        "trust": 1.5,
        "url": "https://support.citrix.com/article/ctx232655"
      },
      {
        "trust": 1.3,
        "url": "http://www.securityfocus.com/bid/85700"
      },
      {
        "trust": 1.3,
        "url": "https://security.gentoo.org/glsa/201701-07"
      },
      {
        "trust": 1.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-0523.html"
      },
      {
        "trust": 1.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-0524.html"
      },
      {
        "trust": 1.3,
        "url": "http://rhn.redhat.com/errata/rhsa-2016-0537.html"
      },
      {
        "trust": 1.3,
        "url": "https://access.redhat.com/errata/rhsa-2016:0615"
      },
      {
        "trust": 1.2,
        "url": "http://www.debian.org/security/2016/dsa-3533"
      },
      {
        "trust": 0.9,
        "url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2074"
      },
      {
        "trust": 0.8,
        "url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-2074"
      },
      {
        "trust": 0.6,
        "url": "http://www.openwall.com/lists/oss-security/2016/03/29/1"
      },
      {
        "trust": 0.5,
        "url": "https://nvd.nist.gov/vuln/detail/cve-2016-2074"
      },
      {
        "trust": 0.4,
        "url": "https://www.redhat.com/mailman/listinfo/rhsa-announce"
      },
      {
        "trust": 0.4,
        "url": "https://bugzilla.redhat.com/):"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/team/key/"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/articles/11258"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/cve/cve-2016-2074"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/team/contact/"
      },
      {
        "trust": 0.4,
        "url": "https://access.redhat.com/security/updates/classification/#important"
      },
      {
        "trust": 0.3,
        "url": "http://openvswitch.org/"
      },
      {
        "trust": 0.3,
        "url": "http://seclists.org/oss-sec/2016/q1/706"
      },
      {
        "trust": 0.3,
        "url": "https://access.redhat.com/errata/rhsa-2016:0537"
      },
      {
        "trust": 0.1,
        "url": "https://cwe.mitre.org/data/definitions/119.html"
      },
      {
        "trust": 0.1,
        "url": "https://github.com/ictyangye/secure-vhost"
      },
      {
        "trust": 0.1,
        "url": "https://nvd.nist.gov"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/./dsa-3533"
      },
      {
        "trust": 0.1,
        "url": "http://creativecommons.org/licenses/by-sa/2.5"
      },
      {
        "trust": 0.1,
        "url": "https://security.gentoo.org/"
      },
      {
        "trust": 0.1,
        "url": "https://bugs.gentoo.org."
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/"
      },
      {
        "trust": 0.1,
        "url": "https://www.debian.org/security/faq"
      }
    ],
    "sources": [
      {
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "db": "BID",
        "id": "85700"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "db": "PACKETSTORM",
        "id": "140320"
      },
      {
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "db": "PACKETSTORM",
        "id": "136464"
      },
      {
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "db": "PACKETSTORM",
        "id": "136483"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ]
  },
  "sources": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "db": "BID",
        "id": "85700"
      },
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "db": "PACKETSTORM",
        "id": "140320"
      },
      {
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "db": "PACKETSTORM",
        "id": "136464"
      },
      {
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "db": "PACKETSTORM",
        "id": "136483"
      },
      {
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ]
  },
  "sources_release_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_release_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2016-07-03T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "date": "2016-07-03T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "date": "2016-03-28T00:00:00",
        "db": "BID",
        "id": "85700"
      },
      {
        "date": "2016-07-11T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "date": "2017-01-02T16:48:46",
        "db": "PACKETSTORM",
        "id": "140320"
      },
      {
        "date": "2016-04-12T15:13:15",
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "date": "2016-03-30T15:10:59",
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "date": "2016-03-29T15:15:27",
        "db": "PACKETSTORM",
        "id": "136464"
      },
      {
        "date": "2016-03-30T15:10:48",
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "date": "2016-03-30T23:29:15",
        "db": "PACKETSTORM",
        "id": "136483"
      },
      {
        "date": "2016-07-03T21:59:10.837000",
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "date": "2016-03-29T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ]
  },
  "sources_update_date": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/sources_update_date#",
      "data": {
        "@container": "@list"
      }
    },
    "data": [
      {
        "date": "2018-03-23T00:00:00",
        "db": "VULHUB",
        "id": "VHN-90893"
      },
      {
        "date": "2018-03-23T00:00:00",
        "db": "VULMON",
        "id": "CVE-2016-2074"
      },
      {
        "date": "2018-03-23T08:00:00",
        "db": "BID",
        "id": "85700"
      },
      {
        "date": "2016-09-05T00:00:00",
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      },
      {
        "date": "2018-03-23T01:29:00.523000",
        "db": "NVD",
        "id": "CVE-2016-2074"
      },
      {
        "date": "2016-07-04T00:00:00",
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ]
  },
  "threat_type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/threat_type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "remote",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "140320"
      },
      {
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "db": "PACKETSTORM",
        "id": "136464"
      },
      {
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "db": "PACKETSTORM",
        "id": "136483"
      },
      {
        "db": "CNNVD",
        "id": "CNNVD-201603-406"
      }
    ],
    "trust": 1.2
  },
  "title": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/title#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "Open vSwitch of  ovs-vswitchd of  lib/flow.c Vulnerable to buffer overflow",
    "sources": [
      {
        "db": "JVNDB",
        "id": "JVNDB-2016-003485"
      }
    ],
    "trust": 0.8
  },
  "type": {
    "@context": {
      "@vocab": "https://www.variotdbs.pl/ref/type#",
      "sources": {
        "@container": "@list",
        "@context": {
          "@vocab": "https://www.variotdbs.pl/ref/sources#"
        }
      }
    },
    "data": "overflow, arbitrary",
    "sources": [
      {
        "db": "PACKETSTORM",
        "id": "140320"
      },
      {
        "db": "PACKETSTORM",
        "id": "136659"
      },
      {
        "db": "PACKETSTORM",
        "id": "136470"
      },
      {
        "db": "PACKETSTORM",
        "id": "136464"
      },
      {
        "db": "PACKETSTORM",
        "id": "136469"
      },
      {
        "db": "PACKETSTORM",
        "id": "136483"
      }
    ],
    "trust": 0.6
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading...

Loading...

Loading...

Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.