Buffer Over-read

2019-05-1603:20:28

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

0.004 Low

EPSS

Percentile

74.5%

JSON

Open vSwitch is vulnerable to buffer over-read vulnerability. A remote unauthenticated attacker could cause denial of service conditions during BUNDLE action decoding via a buffer over-read. Affected is the function decode_bundle in the library lib/ofp-actions.c.

CPENameOperatorVersion
openvswitcheq2.4.1__2.git20160727.el7ost
openvswitcheq2.9.0__54.el7fdp
openvswitcheq2.4.1__1.git20160727.el7_2
openvswitcheq2.7.3__2.git20171010.el7fdp
openvswitcheq2.9.0__1.el7fdp
openvswitcheq2.9.0__19.el7fdp
openvswitcheq2.4.0__2.el7
openvswitcheq2.7.2__1.git20170719.el7fdp
openvswitcheq2.9.0__19.el7fdp.1
openvswitcheq2.9.0__56.el7fdp

Name	Operator	Version
openvswitch	eq	2.4.1__2.git20160727.el7ost
openvswitch	eq	2.9.0__54.el7fdp
openvswitch	eq	2.4.1__1.git20160727.el7_2
openvswitch	eq	2.7.3__2.git20171010.el7fdp
openvswitch	eq	2.9.0__1.el7fdp
openvswitch	eq	2.9.0__19.el7fdp
openvswitch	eq	2.4.0__2.el7
openvswitch	eq	2.7.2__1.git20170719.el7fdp
openvswitch	eq	2.9.0__19.el7fdp.1
openvswitch	eq	2.9.0__56.el7fdp