CVE-2018-17206
- Source
- https://nvd.nist.gov/vuln/detail/CVE-2018-17206
- Import Source
- https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-17206.json
- JSON Data
- https://api.test.osv.dev/v1/vulns/CVE-2018-17206
- Downstream
- Related
- Published
- 2018-09-19T16:29:01Z
- Modified
- 2025-10-15T09:25:00.144646Z
- Severity
-
- 4.9 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H CVSS Calculator
- Summary
- [none]
- Details
-
An issue was discovered in Open vSwitch (OvS) 2.7.x through 2.7.6. The decode_bundle function inside lib/ofp-actions.c is affected by a buffer over-read issue during BUNDLE action decoding.
- References
-
- https://access.redhat.com/errata/RHSA-2018:3500
- https://access.redhat.com/errata/RHSA-2019:0053
- https://access.redhat.com/errata/RHSA-2019:0081
- https://github.com/openvswitch/ovs/commit/9237a63c47bd314b807cda0bd2216264e82edbe8
- https://lists.debian.org/debian-lts-announce/2021/02/msg00032.html
- https://usn.ubuntu.com/3873-1/
Affected packages
Git / github.com/openvswitch/ovs
Affected ranges
- Type
- GIT
- Repo
- https://github.com/openvswitch/ovs
- Events
-
Introduced0 Unknown introduced commit / All previous commits are affectedFixed
Affected versions
v0.*
v0.90.0
v0.90.1
v0.90.2
v0.90.3
v0.90.4
v0.90.6
v0.90.7
v0.99.0
v0.99.1
v0.99.2
v1.*
v1.0.0
v1.0.1
v1.1.0pre1
v1.1.0pre2
v2.*
v2.7.0
v2.7.1
v2.7.2
v2.7.3
v2.7.4
v2.7.5
v2.7.6
Database specific
vanir_signatures
[
{
"digest": {
"length": 2465.0,
"function_hash": "57461956889987823182985039612819091499"
},
"source": "https://github.com/openvswitch/ovs/commit/9237a63c47bd314b807cda0bd2216264e82edbe8",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Function",
"id": "CVE-2018-17206-41634a70",
"target": {
"file": "lib/ofp-actions.c",
"function": "decode_bundle"
}
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"210906905664758460515499443758496348914",
"169491159002022090409035248224929762667",
"260441358071495433885160431772933471618",
"29049431944125111516871169759209627234",
"104421915300623089526274437846960737898",
"236094497615507576891058569560103942668",
"97419143637965801260516021338863620520",
"265232926905435110150322864614360754111"
]
},
"source": "https://github.com/openvswitch/ovs/commit/9237a63c47bd314b807cda0bd2216264e82edbe8",
"signature_version": "v1",
"deprecated": false,
"signature_type": "Line",
"id": "CVE-2018-17206-f8b6cd53",
"target": {
"file": "lib/ofp-actions.c"
}
}
]