CVE-2018-17205 — HIGH (7.5)

Q: How severe is CVE-2018-17205?

CVE-2018-17205 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2018-17205?

Check the references section above for vendor advisories and patch information. Affected products include: Openvswitch Openvswitch, Redhat Openstack, Canonical Ubuntu Linux.

Vulnerability Description

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto in order. If a flow cannot be added (e.g., the flow action is a go-to for a group id that does not exist), OvS tries to revert back all previous flows that were successfully applied from the same bundle. This is possible since OvS maintains list of old flows that were replaced by flows from the bundle. While reinserting old flows, OvS has an assertion failure due to a check on rule state != RULE_INITIALIZED. This would work for new flows, but for an old flow the rule state is RULE_REMOVED. The assertion failure causes an OvS crash.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Openvswitch	Openvswitch	>= 2.7.0, <= 2.7.6
Redhat	Openstack	10
Canonical	Ubuntu Linux	16.04

Related Weaknesses (CWE)

CWE-617

References

https://access.redhat.com/errata/RHSA-2018:3500Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0053Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0081Third Party Advisory
https://github.com/openvswitch/ovs/commit/0befd1f3745055c32940f5faf9559be6a14395ExploitPatchThird Party Advisory
https://usn.ubuntu.com/3873-1/Third Party Advisory
https://access.redhat.com/errata/RHSA-2018:3500Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0053Third Party Advisory
https://access.redhat.com/errata/RHSA-2019:0081Third Party Advisory
https://github.com/openvswitch/ovs/commit/0befd1f3745055c32940f5faf9559be6a14395ExploitPatchThird Party Advisory
https://usn.ubuntu.com/3873-1/Third Party Advisory

FAQ

What is CVE-2018-17205?

CVE-2018-17205 is a vulnerability with a CVSS score of 7.5 (HIGH). An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting ofproto_rule_insert__ in ofproto/ofproto.c. During bundle commit, flows that are added in a bundle are applied to ofproto i...

How severe is CVE-2018-17205?

CVE-2018-17205 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-17205?

Check the references section above for vendor advisories and patch information. Affected products include: Openvswitch Openvswitch, Redhat Openstack, Canonical Ubuntu Linux.