CVE-2024-34483

Vulnerability

Overview

CVE-2024-34483 is a denial-of-service vulnerability in the Ryu SDN framework (version 4.34). The flaw resides in the OFPGroupDescStats parser inside parser.py (specifically in ofproto_v1_3_parser.py). When parsing group description statistics messages, the parser iterates over buckets using their len field to advance the offset. If OFPBucket.len is set to zero, the loop's offset and length variables never increment, causing an infinite loop that hangs the controller [1][3].

Exploitation

Conditions

An attacker must be able to send crafted OpenFlow messages to the Ryu controller. No authentication is required if the controller accepts connections from untrusted networks (default port 6633). The proof-of-concept provided uses an OFPGroupDescStatsReply message with a malicious bucket length of zero, demonstrating that a single packet can trigger the infinite loop [3].

Impact

Successful exploitation leads to a complete denial of service—the controller becomes unresponsive, cannot process further messages, and effectively stops managing the SDN network. This can disrupt all network flows controlled by Ryu [1][3].

Mitigation

Status

The Ryu project is not currently maintained (as noted on its GitHub page). No official patch has been released. Users are advised to migrate to a maintained fork such as OpenStack's os-ken. Until migration, network administrators should restrict access to the Ryu controller to trusted hosts only, and consider deploying intrusion detection to filter malformed OpenFlow messages [2].