-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2021.0639
                        openvswitch security update
                             22 February 2021

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           openvswitch
Publisher:         Debian
Operating System:  Debian GNU/Linux
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2020-35498 CVE-2020-27827 CVE-2018-17206
                   CVE-2018-17204 CVE-2017-9214 CVE-2015-8011

Reference:         ESB-2021.0559
                   ESB-2021.0558
                   ESB-2021.0544
                   ESB-2021.0535

Original Bulletin: 
   https://www.debian.org/lts/security/2021/dla-2571

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- - -------------------------------------------------------------------------
Debian LTS Advisory DLA-2571-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                    Thorsten Alteholz
February 19, 2021                             https://wiki.debian.org/LTS
- - -------------------------------------------------------------------------

Package        : openvswitch
Version        : 2.6.10-0+deb9u1
CVE ID         : CVE-2015-8011 CVE-2017-9214 CVE-2018-17204 CVE-2018-17206
                  CVE-2020-27827 CVE-2020-35498


Several issues have been found in openvswitch, a production quality, 
multilayer, software-based, Ethernet virtual switch.

CVE-2020-35498

     Denial of service attacks, in which crafted network packets
     could cause the packet lookup to ignore network header fields
     from layers 3 and 4. The crafted network packet is an ordinary
     IPv4 or IPv6 packet with Ethernet padding length above 255 bytes.
     This causes the packet sanity check to abort parsing header
     fields after layer 2.

CVE-2020-27827

     Denial of service attacks using crafted LLDP packets.

CVE-2018-17206

     Buffer over-read issue during BUNDLE action decoding.

CVE-2018-17204

     Assertion failure due to not validating information (group type
     and command) in OF1.5 decoder.

CVE-2017-9214

     Buffer over-read that is caused by an unsigned integer underflow.

CVE-2015-8011

     Buffer overflow in the lldp_decode function in
     daemon/protocols/lldp.c in lldpd before 0.8.0 allows remote
     attackers to cause a denial of service (daemon crash) and
     possibly execute arbitrary code via vectors involving large
     management addresses and TLV boundaries.


For Debian 9 stretch, these problems have been fixed in version
2.6.10-0+deb9u1. This version is a new upstream point release.

We recommend that you upgrade your openvswitch packages.

For the detailed security status of openvswitch please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/openvswitch

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS

- -----BEGIN PGP SIGNATURE-----

iQKTBAEBCgB9FiEEYgH7/9u94Hgi6ruWlvysDTh7WEcFAmAwN1hfFIAAAAAALgAo
aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldDYy
MDFGQkZGREJCREUwNzgyMkVBQkI5Njk2RkNBQzBEMzg3QjU4NDcACgkQlvysDTh7
WEfNsBAAqaoDikgBC38Jlxc7C2F07vo7QkxqEkWMIu0qOQ7EkykphE0jhiif2BSA
oZWcAl3FlZsBkN2+hUrUwpmuQf9r3q7nt35WHdefRBm2WlrZCIY5x4770FDtuEjJ
VEbGM973QvLjc7ZPqCvpHOuKbZM29wsDIRkv/mWlpH+zdWjoedCEx1UfCAptCbxr
8UOjNDeXFS095l6WqDZtcku22FtTGBO+IdaKoQpXLVnU/AKn5yjML5QduyjqrbPc
ST5K53UDfuhgBaJhOHPCkyeWi8dbWaulKpH8QL4BGjVGy+rb5K1f4iJIuNMVpiVB
Gw0UqYdR7UMSY6CJSdUJGTck6UejllRDMtgb6dJifyFONuj9tgHgvW1SxJ+yEtyc
c6nOrUv/Engi4wS1RkYQbksVcAZXpG7ETRsrQ65c1xY0mxfbDGT2PlkGWwVz6XNg
2l8HD3rk67Kg9Pgt9w7dUBUrYLuVTgCm0APCMpjUnYRAo/WbrEYOKEjaPe0e78Cv
2CbkcEMb6DhRuDr7qY4Xm65OZc6dISac66OZpwksV9nRdaBPB4dKgD06aqMAGkUa
FNqqLt+YeigtHsOUFV31dbtv6Un2eSiN0kiFiXuka3FGJM9n0+9/Bw1lBwTE1wyi
+ir2/ELFvcHpWcmjT4ZWQm3OLJJw98BMz7XX04lMjrcFTHSRUms=
=b5B+
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        https://www.auscert.org.au/bulletins/

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBYDMCOuNLKJtyKPYoAQjj8w/9G44EV6TL97dctWdyrqsyS8NRaBytBRL6
9rqj3RDfeuyQVn4N7jZlmHNyO9r/QSSLXrWcRZeT4FfcQGprbXireQc/NRWLhv7g
uCuQMxLjFZqcfuvttgZpBX08qmKKjDjKIOh3XbbGzsqujoTqQbJY3JY8Co07lGhw
fQmsZFnB28ecb0NB25bVdccrbYGkcAIODM9c+v770LZtCoK5Z15D7H2PsQmPNFMv
TFE4q4OwGIgnqvAHibEPsl7cuB5gzitdOCr98nlknZKmDEBxUSxYNO71ygOys+L8
7YkH2yeZO1ZJEVRAnmobGIhlfqCn46g/TXhbB4NeKn9/+U0EphnGIqfoG9G8fiqX
ixBT65QuLlGxVukmq8XpmffFddrToILT93qfscNj6qgriCVMW8YHNHAW9NinJClG
PYBnbEmkGcxEW1lDyXhPbbxHgLDaGemd/OCplqGVk3RTVKf7XkbA4FZF3tJqMlz/
GNxXYGYbzigXr7QZ+LoRVEXnX07DTIs7aR34AfiLpav4p1vUyxSPIaO5RCJpxBf2
db+uh4RZyMAeJJ4Z01jj7A/Y5+zSJdOD+QGn8ii7hGFwTm/XpFkG/X6HG5iedNph
eqpxROABvVUZnjWCVqlBZhJ88PvG1HRd4jAT+tkAQhJh4QvM1ZP/b9WyBWDFuJds
oM5r3dtqFWk=
=upHt
-----END PGP SIGNATURE-----