Buffer Over-read Vulnerability in Open vSwitch (OvS) v2.7.0

Buffer Over-read Vulnerability in Open vSwitch (OvS) v2.7.0

CVE-2017-9265 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

In Open vSwitch (OvS) v2.7.0, there is a buffer over-read while parsing the group mod OpenFlow message sent from the controller in `lib/ofp-util.c` in the function `ofputil_pull_ofp15_group_mod`.

Learn more about our Web Application Penetration Testing UK.