Bug 1519845 (CVE-2017-1000411) - CVE-2017-1000411 opendaylight: Controller denial-of-service due to "expired" flows taking up the memory resource of CONFIG DS
Summary: CVE-2017-1000411 opendaylight: Controller denial-of-service due to "expired" ...
Keywords:
Status: CLOSED WONTFIX
Alias: CVE-2017-1000411
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks: 1519848
TreeView+ depends on / blocked
 
Reported: 2017-12-01 14:40 UTC by Adam Mariš
Modified: 2021-02-17 01:10 UTC (History)
18 users (show)

Fixed In Version:
Doc Type: If docs needed, set a value
Doc Text:
Multiple "expired" flows consume memory resources of CONFIG DS which leads to Controller shutdown.
Clone Of:
Environment:
Last Closed: 2018-01-16 21:27:42 UTC
Embargoed:


Attachments (Terms of Use)

Description Adam Mariš 2017-12-01 14:40:24 UTC
It was found that multiple "expired" flows can take up the memory resource of CONFIG DS which leads to CONTROLLER shutdown.

Comment 3 Joshua Padman 2018-01-16 21:27:52 UTC
Acknowledgments:

Name: Vaibhav Hemant Dixit

Comment 4 Joshua Padman 2018-01-16 21:28:00 UTC
Statement:

OpenDaylight was released as a technical preview in Red Hat Openstack Platform versions 12 and under. Additionally, upstream have released an advisory outlining recommended actions, they will not be patching against this Denial of Service vector.


Note You need to log in before you can comment on or make changes to this bug.