Detections
Analytics

CVE-2018-17206

medium

Description

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.

References

https://usn.ubuntu.com/3873-1/

https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html

https://github.com/openvswitch/ovs/commit/9237a63c47bd314b807cda0bd2216264e82edbe8

https://access.redhat.com/errata/RHSA-2019:0081

https://access.redhat.com/errata/RHSA-2019:0053

https://access.redhat.com/errata/RHSA-2018:3500

Details

Source: Mitre, NVD

Published: 2018-09-19

Updated: 2021-08-04

Risk Information

CVSS v2

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Severity: Medium

CVSS v3

Base Score: 4.9

Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Severity: Medium