(RHSA-2016:0524) Important: openvswitch security update

2016-03-3001:16:27

access.redhat.com

0.25 Low

EPSS

Percentile

96.7%

JSON

Open vSwitch provides standard network bridging functions and support for the OpenFlow protocol for remote per-flow control of traffic.

Security Fix(es):

A buffer overflow flaw was discovered in the OVS processing of MPLS labels. A remote attacker able to deliver a frame containing a malicious MPLS label that would be processed by OVS could trigger the flaw and use the resulting memory corruption to cause a denial of service (DoS) or, possibly, execute arbitrary code. (CVE-2016-2074)

Red Hat would like to thank the Open vSwitch project for reporting this issue. Upstream acknowledges Kashyap Thimmaraju and Bhargava Shastry as the original reporters.

OSVersionArchitecturePackageVersionFilename
RedHat7noarchpython-openvswitch< 2.4.0-2.el7_2python-openvswitch-2.4.0-2.el7_2.noarch.rpm
RedHat7x86_64openvswitch-debuginfo< 2.4.0-2.el7_2openvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm
RedHat7srcopenvswitch< 2.4.0-2.el7_2openvswitch-2.4.0-2.el7_2.src.rpm
RedHat7x86_64openvswitch< 2.4.0-2.el7_2openvswitch-2.4.0-2.el7_2.x86_64.rpm

OS	Version	Architecture	Package	Version	Filename
RedHat	7	noarch	python-openvswitch	< 2.4.0-2.el7_2	python-openvswitch-2.4.0-2.el7_2.noarch.rpm
RedHat	7	x86_64	openvswitch-debuginfo	< 2.4.0-2.el7_2	openvswitch-debuginfo-2.4.0-2.el7_2.x86_64.rpm
RedHat	7	src	openvswitch	< 2.4.0-2.el7_2	openvswitch-2.4.0-2.el7_2.src.rpm
RedHat	7	x86_64	openvswitch	< 2.4.0-2.el7_2	openvswitch-2.4.0-2.el7_2.x86_64.rpm

0.25 Low

EPSS

Percentile

96.7%

JSON

Related for RHSA-2016:0524