Bug 1533501 – CVE-2018-1078 opendaylight: Insecure behavior in node reconciliation process

Bugzilla will be upgraded to version 5.0 on a still to be determined date in the near future. The original upgrade date has been delayed.

Bug 1533501 - (CVE-2018-1078) CVE-2018-1078 opendaylight: Insecure behavior in node reconciliation process

Summary:	CVE-2018-1078 opendaylight: Insecure behavior in node reconciliation process

Status:	NEW

Aliases:	CVE-2018-1078

Product:	Security Response
Classification:	Other
Component:	vulnerability (Show other bugs)
Sub Component:
Version:	unspecified
Hardware:	All Linux

Priority	medium Severity medium
Target Milestone:	---
Target Release:	---
Assigned To:	Red Hat Product Security
QA Contact:
Docs Contact:

URL:
Whiteboard:	impact=moderate,public=20180313,repor...
Keywords:	Security

Duplicates:	1555473 (view as bug list)
Depends On:
Blocks:	1530427 1533502 1555485
	Show dependency tree / graph

Reported:	2018-01-11 09:13 EST by Pedro Sampaio
Modified:	2018-06-29 18:30 EDT (History)
CC List:	19 users (show)

See Also:
Fixed In Version:
Doc Type:	If docs needed, set a value
Doc Text:	It was found that all flows, including active and inactive, in the config datastore are installed back in the switch upon reconnection, as part of the node reconciliation process in OpenDayLight. This may lead to denial of service via table overflow or possibly circumventing of the controller's control.
Story Points:	---
Clone Of:
Environment:
Last Closed:
Type:	---
Regression:	---
Mount Type:	---
Documentation:	---
CRM:
Verified Versions:
Category:	---
oVirt Team:	---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Groups: None (edit)

Description Pedro Sampaio 2018-01-11 09:13:01 EST

It was found that all the flows, including active and inactive, in the config datastore are installed back in switch upon reconnection, as part of the node reconciliation process in OpenDayLight. This may lead to denial of service via table overflow or possibly circumventiagn of controller's control.

Comment 1 Josh Hershberg 2018-01-15 04:53:12 EST

Can you please specify how this could cause a DoS? The reconciliation process does push all flows to the switch but it is not additive. After reconciliation the switch will have only the flows that ODL wants it to have and no more. Or am I missing something?

Comment 3 Joshua Padman 2018-01-18 06:49:09 EST

Acknowledgments:

Name: Vaibhav Hemant Dixit (Arizona State University)

Comment 4 Garth Mollett 2018-03-14 19:59:45 EDT

*** Bug 1555473 has been marked as a duplicate of this bug. ***

Comment 5 Sam Fowler 2018-03-18 22:23:26 EDT

Upstream Issue:

https://jira.opendaylight.org/browse/OPNFLWPLUG-971

Note You need to log in before you can comment on or make changes to this bug.