Critical severity9.8NVD Advisory· Published May 23, 2017· Updated May 13, 2026
CVE-2017-9214
CVE-2017-9214
Description
In Open vSwitch (OvS) 2.7.0, while parsing an OFPT_QUEUE_GET_CONFIG_REPLY type OFP 1.0 message, there is a buffer over-read that is caused by an unsigned integer underflow in the function ofputil_pull_queue_get_config_reply10 in lib/ofp-util.c.
Affected products
11- cpe:2.3:a:openvswitch:openvswitch:2.7.0:*:*:*:*:*:*:*
cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*+ 5 more
- cpe:2.3:a:redhat:openstack:10:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:11:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:6.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:8:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:openstack:9:*:*:*:*:*:*:*
cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:redhat:virtualization:4.0:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization:4.1:*:*:*:*:*:*:*
- cpe:2.3:a:redhat:virtualization_manager:4.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- mail.openvswitch.org/pipermail/ovs-dev/2017-May/332711.htmlnvdMailing ListPatchVendor Advisory
- access.redhat.com/errata/RHSA-2017:2418nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2553nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2648nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2665nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2692nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2698nvdThird Party Advisory
- access.redhat.com/errata/RHSA-2017:2727nvdThird Party Advisory
- lists.debian.org/debian-lts-announce/2021/02/msg00032.htmlnvdMailing ListThird Party Advisory
News mentions
0No linked articles in our index yet.