CVE-2022-32166 OVSD versions before 2.5.0 are vulnerable to heap buffer over-read in flow.c. An unsafe comparison of 'minimasks' function could lead to access to unmapped memory.

To reduce the risk of exploitation, avoid using the “minimasks” function in “flow_parser”. In order to prevent the crash, update to version v2.6 or later. You can also protect yourself by disabling the ID mapping globally (OVS_DISABLE_ID_MAP).

CVE-2018-17984 - Unquoted Search Paths OpenvSwitch has a security issue with the handling of unquoted search paths. OpenvSwitch allows unquoted paths for importing modules. If the path is a symbolic link, it will be followed, even if it is not necessary. An attacker could exploit this to inject a malicious library into the search path, leading to a privilege escalation, information disclosure, or other attacks.

CVE-2018-17983 - Heap Buffer Overflow OpenvSwitch has a security issue with the handling of IP fragm ets. OpenvSwitch allows IP fragments in a packet to be examined by an application, even when the destination is not set. If an attacker could craft a crafted packet with an IP fragment that could potentially overflow the heap buffer, they could cause a denial of service or privilege escalation.


These are two security issues CVE-2018-17983 and CVE-2018-2022-32166 on OpenvSwitch which may cause crashes or privilege escalations. You can prevent these issues by updating to version v2.6 or later and disabling ID mapping globally (OVS_DISABLE_ID_MAP).

References:

- https://github.com/opnsense/opensource-releases/blob/master/OVS-2.6.0.tar.gz
- http://www.openssl.org/docs/man1_0.html#PROTECTION_OF_INVALID_ADDITIONAL_PARAMETERS
- https://github.com/opnsense/opensource-releases
This was a blog post about the importance of digital marketing and how it can help your business grow and establish an authoritative online presence


To reduce the risk of exploitation, avoid using the “minimasks” function in “flow_parser” and update to version v2.6 or later. You can also protect yourself by disabling the ID mapping globally (OVS_DISABLE_ID_MAP).

Timeline

Published on: 09/28/2022 10:15:00 UTC
Last modified on: 09/28/2022 12:59:00 UTC

References