diff options
Diffstat (limited to 'import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch')
| -rw-r--r-- | import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch | 29 |
1 files changed, 29 insertions, 0 deletions
diff --git a/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch new file mode 100644 index 0000000000..0fc3aa1ab8 --- /dev/null +++ b/import-layers/meta-virtualization/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch @@ -0,0 +1,29 @@ +A buggy or malicious switch could send a role status message with a bad +reason code, which if printed by OVS would cause it to abort. This fixes +the problem. + +CVE: CVE-2017-9263 +Upstream-Status: Submitted + +Reported-by: Bhargava Shastry <bshastry at sec.t-labs.tu-berlin.de> +Signed-off-by: Ben Pfaff <blp at ovn.org> +--- + lib/ofp-print.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/ofp-print.c b/lib/ofp-print.c +index 7ca953100539..1932baf4871f 100644 +--- a/lib/ofp-print.c ++++ b/lib/ofp-print.c +@@ -2147,7 +2147,8 @@ ofp_print_role_status_message(struct ds *string, const struct ofp_header *oh) + break; + case OFPCRR_N_REASONS: + default: +- OVS_NOT_REACHED(); ++ ds_put_cstr(string, "(unknown)"); ++ break; + } + } + +-- +2.10.2 |