From 3c427eafce21c615d5da76f261329497f7fcfeac Mon Sep 17 00:00:00 2001 From: Fan Xin Date: Fri, 9 Jun 2017 14:50:47 +0900 Subject: openvswitch: Fix CVE-2017-9263 Backport patch file to fix CVE-2017-9263 Signed-off-by: Fan Xin Signed-off-by: Bruce Ashfield --- .../openvswitch-git/CVE-2017-9263.patch | 29 ++++++++++++++++++++++ 1 file changed, 29 insertions(+) create mode 100644 recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch (limited to 'recipes-networking/openvswitch/openvswitch-git') diff --git a/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch b/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch new file mode 100644 index 00000000..0fc3aa1a --- /dev/null +++ b/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch @@ -0,0 +1,29 @@ +A buggy or malicious switch could send a role status message with a bad +reason code, which if printed by OVS would cause it to abort. This fixes +the problem. + +CVE: CVE-2017-9263 +Upstream-Status: Submitted + +Reported-by: Bhargava Shastry +Signed-off-by: Ben Pfaff +--- + lib/ofp-print.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git a/lib/ofp-print.c b/lib/ofp-print.c +index 7ca953100539..1932baf4871f 100644 +--- a/lib/ofp-print.c ++++ b/lib/ofp-print.c +@@ -2147,7 +2147,8 @@ ofp_print_role_status_message(struct ds *string, const struct ofp_header *oh) + break; + case OFPCRR_N_REASONS: + default: +- OVS_NOT_REACHED(); ++ ds_put_cstr(string, "(unknown)"); ++ break; + } + } + +-- +2.10.2 -- cgit v1.2.3-54-g00ecf