REDHAT-BUG-1533501
First published: Thu Jan 11 2018(Updated: )
It was found that all the flows, including active and inactive, in the config datastore are installed back in switch upon reconnection, as part of the node reconciliation process in OpenDayLight. This may lead to denial of service via table overflow or possibly circumventiagn of controller's control.
| Affected Software | Affected Version | How to fix |
|---|---|---|
| OpenDaylight |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the severity of REDHAT-BUG-1533501?
The severity of REDHAT-BUG-1533501 is high due to the potential for denial of service through table overflow.
How do I fix REDHAT-BUG-1533501?
Fixing REDHAT-BUG-1533501 involves updating to a patched version of OpenDaylight that addresses the flow reconciliation issue.
What components are affected by REDHAT-BUG-1533501?
REDHAT-BUG-1533501 affects all flows in the config datastore within the OpenDaylight framework.
What is the main issue with REDHAT-BUG-1533501?
The main issue with REDHAT-BUG-1533501 is that it can lead to a denial of service by causing an overflow in the switch's flow table.
Can REDHAT-BUG-1533501 be exploited remotely?
Yes, REDHAT-BUG-1533501 can potentially be exploited remotely due to incorrect handling of flow installations upon reconnection.
- agent/references
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-1078
- agent/severity
- agent/event
- agent/description
- agent/trending
- agent/source
- agent/tags
- agent/softwarecombine
- agent/guess-ai
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- vendor/opendaylight
- canonical/opendaylight