Remote Buffer Over-read Vulnerability in Open vSwitch 2.6.1

Remote Buffer Over-read Vulnerability in Open vSwitch 2.6.1

CVE-2017-9264 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In lib/conntrack.c in the firewall implementation in Open vSwitch (OvS) 2.6.1, there is a buffer over-read while parsing malformed TCP, UDP, and IPv6 packets in the functions `extract_l3_ipv6`, `extract_l4_tcp`, and `extract_l4_udp` that can be triggered remotely.

Learn more about our Web Application Penetration Testing UK.