In Open vSwitch a malformed IP packet can cause the switch to read past the end of the packet buffer due to an unsigned integer underflow in `lib/flow.c` in the function `miniflow_extract`, permitting remote bypass of the access control list enforced by the switch. References: https://mail.openvswitch.org/pipermail/ovs-dev/2016-July/319503.html
Created openvswitch tracking bugs for this issue: Affects: fedora-all [bug 1456797]