CVE-2024-34488

Vulnerability

CVE-2024-34487 is a denial-of-service vulnerability in the OFPMultipartReply.parser method within Ryu's ofproto_v1_3_parser.py. The parsing loop advances an offset by b.length or b.len but does not validate that this value is non‑zero. When an attacker sends a specially crafted multipart reply message with b.length=0, the offset never increases, causing an infinite loop and CPU exhaustion [1].

Attack

Vector

An unauthenticated attacker on the same network as a Ryu‑based controller can send a single malicious OpenFlow message to TCP port 6633 (the default OpenFlow port). No prior authentication or session is required. The proof‑of‑concept payload included in the advisory demonstrates the exact byte sequence that triggers the flaw [1].

Impact

Successful exploitation results in a persistent denial‑of‑service condition: the controller process hangs indefinitely in the parsing loop and must be restarted. Because Ryu is a component‑based SDN framework, this can disrupt all network control functions managed by the controller, potentially affecting traffic forwarding, flow setup, and network visibility.

Mitigation

As of the advisory date, the Ryu project is not currently maintained [3]. No official patch has been released. Users are strongly advised to migrate to the maintained fork os-ken (https://github.com/openstack/os-ken) or to apply network‑level restrictions that limit OpenFlow access to trusted switches only. The issue has been public since May 2024 and the project maintainers have been notified via the GitHub issue tracker [1].