openSUSE Security Update : openvswitch (openSUSE-2017-973)

This script is Copyright (C) 2017 Tenable Network Security, Inc.

Synopsis :

The remote openSUSE host is missing a security update.

Description :

This update for openvswitch fixes the following issues :

- CVE-2017-9263: OpenFlow role status message can cause a
call to abort() leading to application crash

- CVE-2017-9265: Buffer over-read while parsing message
could lead to crash or maybe arbitrary code execution

- Do not restart the ovs-vswitchd and ovsdb-server
services on package updates (bsc#1002734)

- Do not restart the ovs-vswitchd, ovsdb-server and
openvswitch services on package removals. This
facilitates potential future package moves but also
preserves connectivity when the package is removed

This update was imported from the SUSE:SLE-12-SP3:Update update

See also :

Solution :

Update the affected openvswitch packages.

Risk factor :

High / CVSS Base Score : 7.5

Family: SuSE Local Security Checks

Nessus Plugin ID: 102811 ()

Bugtraq ID:

CVE ID: CVE-2017-9263

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now