[meta-virtualization] [PATCH] openvswitch: Fix CVE-2017-9263

Fan Xin fan.xin at jp.fujitsu.com
Thu Jun 8 22:50:47 PDT 2017 

Backport patch file to fix CVE-2017-9263

Signed-off-by: Fan Xin <fan.xin at jp.fujitsu.com>
---
 .../openvswitch-git/CVE-2017-9263.patch            | 29 ++++++++++++++++++++++
 recipes-networking/openvswitch/openvswitch_git.bb  |  1 +
 2 files changed, 30 insertions(+)
 create mode 100644 recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch

diff --git a/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch b/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch
new file mode 100644
index 0000000..0fc3aa1
--- /dev/null
+++ b/recipes-networking/openvswitch/openvswitch-git/CVE-2017-9263.patch
@@ -0,0 +1,29 @@
+A buggy or malicious switch could send a role status message with a bad
+reason code, which if printed by OVS would cause it to abort.  This fixes
+the problem.
+
+CVE: CVE-2017-9263
+Upstream-Status: Submitted
+
+Reported-by: Bhargava Shastry <bshastry at sec.t-labs.tu-berlin.de>
+Signed-off-by: Ben Pfaff <blp at ovn.org>
+---
+ lib/ofp-print.c | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/lib/ofp-print.c b/lib/ofp-print.c
+index 7ca953100539..1932baf4871f 100644
+--- a/lib/ofp-print.c
++++ b/lib/ofp-print.c
+@@ -2147,7 +2147,8 @@ ofp_print_role_status_message(struct ds *string, const struct ofp_header *oh)
+         break;
+     case OFPCRR_N_REASONS:
+     default:
+-        OVS_NOT_REACHED();
++        ds_put_cstr(string, "(unknown)");
++        break;
+     }
+ }
+ 
+-- 
+2.10.2
diff --git a/recipes-networking/openvswitch/openvswitch_git.bb b/recipes-networking/openvswitch/openvswitch_git.bb
index 1fb82ae..6ab0c40 100644
--- a/recipes-networking/openvswitch/openvswitch_git.bb
+++ b/recipes-networking/openvswitch/openvswitch_git.bb
@@ -29,6 +29,7 @@ SRC_URI = "file://openvswitch-switch \
            file://python-make-remaining-scripts-use-usr-bin-env.patch \
            file://0001-use-the-linux-if_packet.h-Interface-directly.patch \
            file://0002-Define-WAIT_ANY-if-not-provided-by-system.patch \
+           file://CVE-2017-9263.patch \
            "
 
 LIC_FILES_CHKSUM = "file://COPYING;md5=17b2c9d4c70853a09c0e143137754b35"
-- 
1.9.1

More information about the meta-virtualization mailing list