CVE-2020-35498 - log back

CVE-2020-35498 edited at 10 Feb 2021 15:11:06
Severity
- Unknown
+ Medium
Remote
- Unknown
+ Remote
Type
- Unknown
+ Incorrect calculation
Description
+ Multiple versions of Open vSwitch are vulnerable to potential problems like denial of service attacks, in which crafted network packets could cause the packet lookup to ignore network header fields from layers 3 and 4. The crafted network packet is an ordinary IPv4 or IPv6 packet with Ethernet padding length above 255 bytes. This causes the packet sanity check to abort parsing header fields after layer 2. When that situation happens, the classifier will use an unexpected set of header fields. This could cause the packet lookup to either match on unintended flows or return the default table miss action 'drop'. As a consequence, the datapath can be instructed to match on an incorrect range of packets with an action to drop them, for example. Further legit traffic could hit the cached flow preventing it to expire extending the situation. The issue is fixed in versions 2.14.2, 2.13.3, 2.12.3, 2.11.6, 2.10.7, 2.9.9, 2.8.11, 2.7.13, 2.6.10 and 2.5.12.
References
+ https://mail.openvswitch.org/pipermail/ovs-announce/2021-February/000271.html
+ https://github.com/openvswitch/ovs/commit/59b588604b89e85b463984ba08a99badb4fcba15
Notes
CVE-2020-35498 created at 10 Feb 2021 15:07:10