This update for openvswitch to version 2.7.6 fixes the following issues: These security issues were fixed: - CVE-2018-17205: Prevent OVS crash when reverting old flows in bundle commit (bsc#1104467). - CVE-2018-17206: Avoid buffer overread in BUNDLE action decoding (bsc#1104467). - CVE-2018-17204:When decoding a group mod, it validated the group type and command after the whole group mod has been decoded. The OF1.5 decoder, however, tried to use the type and command earlier, when it might still be invalid. This caused an assertion failure (via OVS_NOT_REACHED) (bsc#1104467). These non-security issues were fixed: - ofproto/bond: Fix bond reconfiguration race condition. - ofproto/bond: Fix bond post recirc rule leak. - ofproto/bond: fix interal flow leak of tcp-balance bond
#1104467
Cross- CVE-2018-17204 CVE-2018-17205 CVE-2018-17206
Affected Products:
SUSE Linux Enterprise Server 12-SP3
https://www.suse.com/security/cve/CVE-2018-17204.html
https://www.suse.com/security/cve/CVE-2018-17205.html
https://www.suse.com/security/cve/CVE-2018-17206.html
https://bugzilla.suse.com/1104467
Get the latest Linux and open source security news straight to your inbox.