Out-of-bounds read in Open vSwitch

#VU68717 Out-of-bounds read in Open vSwitch

Published: 2022-10-25

Vulnerability identifier: #VU68717

Vulnerability risk: Medium

CVSSv3.1: 6.5 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H/E:U/RL:O/RC:C]

CVE-ID: CVE-2022-32166

CWE-ID: CWE-125

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Open vSwitch
Hardware solutions / Firmware

Vendor: openvswitch.org

Description

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to a boundary condition within the minimasks() function in flow.c. A remote attacker can pass specially crafted data to the application, trigger an out-of-bounds read error and crash the service.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

Open vSwitch: 2.5.0, 2.4 - 2.4.1, 2.3 - 2.3.2, 2.1.0 - 2.1.2, 2.0.0, 1.11.0, 1.10.0, 1.9.0, 1.7.0, 1.6.1, 1.5.0, 1.4.0 - 1.4.2, 1.3.0, 0.90.0

External links
http://github.com/cloudbase/ovs/commit/2ed6505555cdcb46f9b1f0329d1491b75290fc73
http://bugzilla.redhat.com/show_bug.cgi?id=2130577

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

SUSE update for openvswitch

Ubuntu update for openvswitch

Denial of service in Open vSwitch