CVE-2018-17204

See a problem?
Please try reporting it to the source first.
Source
https://nvd.nist.gov/vuln/detail/CVE-2018-17204
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2018-17204.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2018-17204
Downstream
Related
Published
2018-09-19T16:29:00Z
Modified
2025-10-21T04:31:49.380780Z
Severity
  • 4.3 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L CVSS Calculator
Summary
[none]
Details

An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6, affecting parsegrouppropntrselectionmethod in lib/ofp-util.c. When decoding a group mod, it validates the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tries to use the type and command earlier, when it might still be invalid. This causes an assertion failure (via OVSNOT_REACHED). ovs-vswitchd does not enable support for OpenFlow 1.5 by default.

References

Affected packages

Git / github.com/openvswitch/ovs

Affected ranges

Type
GIT
Repo
https://github.com/openvswitch/ovs
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
4af6da3b275b764b1afe194df6499b33d2bf4cde

Affected versions

v0.*

v0.90.0
v0.90.1
v0.90.2
v0.90.3
v0.90.4
v0.90.6
v0.90.7
v0.99.0
v0.99.1
v0.99.2

v1.*

v1.0.0
v1.0.1
v1.1.0pre1
v1.1.0pre2

v2.*

v2.7.0
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.7.5
v2.7.6

Database specific

vanir_signatures

[
    {
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2018-17204-b51ef21b",
        "target": {
            "function": "parse_group_prop_ntr_selection_method",
            "file": "lib/ofp-util.c"
        },
        "signature_type": "Function",
        "digest": {
            "length": 2184.0,
            "function_hash": "214259102366955435880281220928594186154"
        },
        "source": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde"
    },
    {
        "signature_version": "v1",
        "deprecated": false,
        "id": "CVE-2018-17204-f0ab235d",
        "target": {
            "file": "lib/ofp-util.c"
        },
        "signature_type": "Line",
        "digest": {
            "threshold": 0.9,
            "line_hashes": [
                "324069536227036265479594926544039812313",
                "195422576741556969579743949522281220711",
                "338052315750500283435229193513256384619",
                "178828300322648107947620676725417544283",
                "324069536227036265479594926544039812313",
                "195422576741556969579743949522281220711",
                "291563013136255650337827637680550410423",
                "322200582228573733839583898111724594769"
            ]
        },
        "source": "https://github.com/openvswitch/ovs/commit/4af6da3b275b764b1afe194df6499b33d2bf4cde"
    }
]