{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2018-09-19T00:00:00", "descriptions": [{"lang": "en", "value": "An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2021-02-20T00:06:13", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre"}, "references": [{"name": "RHSA-2019:0053", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0053"}, {"name": "USN-3873-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "https://usn.ubuntu.com/3873-1/"}, {"name": "RHSA-2018:3500", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2018:3500"}, {"tags": ["x_refsource_MISC"], "url": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde"}, {"name": "RHSA-2019:0081", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "https://access.redhat.com/errata/RHSA-2019:0081"}, {"name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-17204", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "RHSA-2019:0053", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0053"}, {"name": "USN-3873-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3873-1/"}, {"name": "RHSA-2018:3500", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2018:3500"}, {"name": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde", "refsource": "MISC", "url": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde"}, {"name": "RHSA-2019:0081", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2019:0081"}, {"name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", "refsource": "MLIST", "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-05T10:47:03.764Z"}, "title": "CVE Program Container", "references": [{"name": "RHSA-2019:0053", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0053"}, {"name": "USN-3873-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "https://usn.ubuntu.com/3873-1/"}, {"name": "RHSA-2018:3500", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2018:3500"}, {"tags": ["x_refsource_MISC", "x_transferred"], "url": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde"}, {"name": "RHSA-2019:0081", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "https://access.redhat.com/errata/RHSA-2019:0081"}, {"name": "[debian-lts-announce] 20210219 [SECURITY] [DLA 2571-1] openvswitch security update", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"}]}]}, "cveMetadata": {"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-17204", "datePublished": "2018-09-19T16:00:00", "dateReserved": "2018-09-19T00:00:00", "dateUpdated": "2024-08-05T10:47:03.764Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openvswitch:openvswitch:*:*:*:*:*:*:*:*", "matchCriteriaId": "682FD155-6A56-43D5-9953-852BB3AA0109", "versionEndIncluding": "2.7.6", "versionStartIncluding": "2.7.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*", "matchCriteriaId": "E722FEF7-58A6-47AD-B1D0-DB0B71B0C7AA", "vulnerable": true}, {"criteria": "cpe:2.3:a:redhat:openstack:13:*:*:*:*:*:*:*", "matchCriteriaId": "704CFA1A-953E-4105-BFBE-406034B83DED", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*", "matchCriteriaId": "F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*", "matchCriteriaId": "23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*", "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default."}, {"lang": "es", "value": "Se ha descubierto un problema en Open vSwitch (OvS) en versiones 2.7.x hasta la 2.7.6 que afecta a parse_group_prop_ntr_selection_method en lib/ofp-util.c. Cuando se descodifica un mod de grupo, valida el tipo de grupo y comando despu\u00e9s de que todo el mod de grupo se haya descodificado. Sin embargo, el decodificador OF1.5 intenta utilizar el tipo y comando antes, cuando puede ser todav\u00eda no v\u00e1lido. Esto provoca un fallo de aserci\u00f3n (mediante OVS_NOT_REACHED). ovs-vswitchd tiene deshabilitado el soporte para OpenFlow 1.5 por defecto."}], "id": "CVE-2018-17204", "lastModified": "2021-08-04T17:14:46.777", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}], "cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2018-09-19T16:29:00.897", "references": [{"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2018:3500"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0053"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://access.redhat.com/errata/RHSA-2019:0081"}, {"source": "cve@mitre.org", "tags": ["Patch", "Third Party Advisory"], "url": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde"}, {"source": "cve@mitre.org", "tags": ["Mailing List", "Third Party Advisory"], "url": "https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html"}, {"source": "cve@mitre.org", "tags": ["Third Party Advisory"], "url": "https://usn.ubuntu.com/3873-1/"}], "sourceIdentifier": "cve@mitre.org", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-617"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2018:3500", "cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "package": "openvswitch-0:2.9.0-70.el7fdp.1", "product_name": "Fast Datapath for Red Hat Enterprise Linux 7", "release_date": "2018-11-05T00:00:00Z"}, {"advisory": "RHSA-2019:0053", "cpe": "cpe:/a:redhat:openstack:10::el7", "package": "openvswitch-0:2.9.0-83.el7fdp.1", "product_name": "Red Hat OpenStack Platform 10.0 (Newton)", "release_date": "2019-01-16T00:00:00Z"}, {"advisory": "RHSA-2019:0081", "cpe": "cpe:/a:redhat:openstack:13::el7", "package": "openvswitch-0:2.9.0-83.el7fdp.1", "product_name": "Red Hat OpenStack Platform 13.0 (Queens)", "release_date": "2019-01-16T00:00:00Z"}, {"advisory": "RHSA-2018:3500", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "openvswitch-0:2.9.0-70.el7fdp.1", "product_name": "Red Hat Virtualization 4.2 for Red Hat Enterprise Linux 7.6 EUS", "release_date": "2018-11-05T00:00:00Z"}, {"advisory": "RHBA-2018:3683", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "redhat-release-virtualization-host-0:4.2-7.5.el7", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-11-27T00:00:00Z"}, {"advisory": "RHBA-2018:3683", "cpe": "cpe:/o:redhat:enterprise_linux:7::hypervisor", "package": "redhat-virtualization-host-0:4.2-20181121.0.el7_6", "product_name": "Red Hat Virtualization 4 for Red Hat Enterprise Linux 7", "release_date": "2018-11-27T00:00:00Z"}], "bugzilla": {"description": "openvswitch: Mishandle of group mods in lib/ofp-util.c:parse_group_prop_ntr_selection_method() allows for assertion failure", "id": "1632522", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1632522"}, "csaw": false, "cvss3": {"cvss3_base_score": "2.7", "cvss3_scoring_vector": "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L", "status": "verified"}, "cwe": "CWE-20", "details": ["An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parse_group_prop_ntr_selection_method in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVS_NOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default.", "An issue was discovered in Open vSwitch (OvS), 2.4.x through 2.4.1, 2.5.x through 2.5.5, 2.6.x through 2.6.3, 2.7.x through 2.7.6, 2.8.x through 2.8.4, and2.9.x through 2.9.2, affecting the parse_group_prop_ntr_selection_method in lib/ofp-util.c. On controllers with the OpenFlow 1.5 decoder enabled, a specially crafted group update can cause an assertion failure, potentially leading to a Denial of Service condition."], "name": "CVE-2018-17204", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:7::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.10", "product_name": "Fast Datapath for RHEL 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.10", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8::fastdatapath", "fix_state": "Not affected", "package_name": "openvswitch2.11", "product_name": "Fast Datapath for RHEL 8"}, {"cpe": "cpe:/a:redhat:openshift:3.2", "fix_state": "Not affected", "package_name": "node", "product_name": "Red Hat OpenShift Container Platform 3.2"}, {"cpe": "cpe:/a:redhat:openshift:3.3", "fix_state": "Not affected", "package_name": "node", "product_name": "Red Hat OpenShift Container Platform 3.3"}, {"cpe": "cpe:/a:redhat:openshift:3.4", "fix_state": "Not affected", "package_name": "node", "product_name": "Red Hat OpenShift Container Platform 3.4"}, {"cpe": "cpe:/a:redhat:openshift:3.0", "fix_state": "Not affected", "package_name": "openvswitch", "product_name": "Red Hat OpenShift Enterprise 3.0"}, {"cpe": "cpe:/a:redhat:openshift:3.1", "fix_state": "Not affected", "package_name": "node", "product_name": "Red Hat OpenShift Enterprise 3.1"}, {"cpe": "cpe:/a:redhat:openstack:12", "fix_state": "Will not fix", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 12 (Pike)"}, {"cpe": "cpe:/a:redhat:openstack:14", "fix_state": "Not affected", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 14 (Rocky)"}, {"cpe": "cpe:/a:redhat:openstack:8", "fix_state": "Will not fix", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 8 (Liberty)"}, {"cpe": "cpe:/a:redhat:openstack:9", "fix_state": "Will not fix", "package_name": "openvswitch", "product_name": "Red Hat OpenStack Platform 9 (Mitaka)"}, {"cpe": "cpe:/o:redhat:rhev_hypervisor:4", "fix_state": "Will not fix", "package_name": "rhvm-appliance", "product_name": "Red Hat Virtualization 4"}], "public_date": "2018-09-25T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2018-17204\nhttps://nvd.nist.gov/vuln/detail/CVE-2018-17204"], "threat_severity": "Moderate"}